diff options
Diffstat (limited to 'Zend/zend_vm_execute.h')
| -rw-r--r-- | Zend/zend_vm_execute.h | 39972 |
1 files changed, 21394 insertions, 18578 deletions
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index a5b4e72da0..3150ae1e4e 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | Zend Engine | +----------------------------------------------------------------------+ - | Copyright (c) 1998-2013 Zend Technologies Ltd. (http://www.zend.com) | + | Copyright (c) 1998-2014 Zend Technologies Ltd. (http://www.zend.com) | +----------------------------------------------------------------------+ | This source file is subject to version 2.00 of the Zend license, | | that is bundled with this package in the file LICENSE, and is | @@ -306,7 +306,7 @@ static zend_uchar zend_user_opcodes[256] = {0, 241,242,243,244,245,246,247,248,249,250,251,252,253,254,255 }; -static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op); +static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, const zend_op* op); #undef OPLINE @@ -316,7 +316,7 @@ static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* o #undef SAVE_OPLINE #define OPLINE EX(opline) #define DCL_OPLINE -#define USE_OPLINE zend_op *opline = EX(opline); +#define USE_OPLINE const zend_op *opline = EX(opline); #define LOAD_OPLINE() #define SAVE_OPLINE() #undef CHECK_EXCEPTION @@ -325,11 +325,10 @@ static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* o #define CHECK_EXCEPTION() LOAD_OPLINE() #define HANDLE_EXCEPTION() LOAD_OPLINE(); ZEND_VM_CONTINUE() #define HANDLE_EXCEPTION_LEAVE() LOAD_OPLINE(); ZEND_VM_LEAVE() -#define LOAD_REGS() -#define ZEND_VM_CONTINUE() return 0 -#define ZEND_VM_RETURN() return 1 -#define ZEND_VM_ENTER() return 2 -#define ZEND_VM_LEAVE() return 3 +#define ZEND_VM_CONTINUE() return 0 +#define ZEND_VM_RETURN() return -1 +#define ZEND_VM_ENTER() return 1 +#define ZEND_VM_LEAVE() return 2 #define ZEND_VM_DISPATCH(opcode, opline) return zend_vm_get_opcode_handler(opcode, opline)(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); #define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC @@ -337,19 +336,9 @@ static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* o ZEND_API void execute_ex(zend_execute_data *execute_data TSRMLS_DC) { DCL_OPLINE - zend_bool original_in_execution; - original_in_execution = EG(in_execution); - EG(in_execution) = 1; - - if (0) { -zend_vm_enter: - execute_data = i_create_execute_data_from_op_array(EG(active_op_array), 1 TSRMLS_CC); - } - - LOAD_REGS(); LOAD_OPLINE(); while (1) { @@ -360,19 +349,11 @@ zend_vm_enter: } #endif - if ((ret = OPLINE->handler(execute_data TSRMLS_CC)) > 0) { - switch (ret) { - case 1: - EG(in_execution) = original_in_execution; - return; - case 2: - goto zend_vm_enter; - break; - case 3: - execute_data = EG(current_execute_data); - break; - default: - break; + if (UNEXPECTED((ret = OPLINE->handler(execute_data TSRMLS_CC)) != 0)) { + if (EXPECTED(ret > 0)) { + execute_data = EG(current_execute_data); + } else { + return; } } @@ -380,275 +361,309 @@ zend_vm_enter: zend_error_noreturn(E_ERROR, "Arrived at end of main loop which shouldn't happen"); } -ZEND_API void zend_execute(zend_op_array *op_array TSRMLS_DC) +ZEND_API void zend_execute(zend_op_array *op_array, zval *return_value TSRMLS_DC) { - if (EG(exception)) { + zend_execute_data *execute_data; + + if (EG(exception) != NULL) { return; - } - zend_execute_ex(i_create_execute_data_from_op_array(op_array, 0 TSRMLS_CC) TSRMLS_CC); + } + + execute_data = zend_vm_stack_push_call_frame(VM_FRAME_TOP_CODE, + (zend_function*)op_array, 0, EG(current_execute_data) ? EG(current_execute_data)->called_scope : NULL, EG(current_execute_data) ? Z_OBJ(EG(current_execute_data)->This) : NULL, NULL TSRMLS_CC); + if (EG(current_execute_data)) { + execute_data->symbol_table = zend_rebuild_symbol_table(TSRMLS_C); + } else { + execute_data->symbol_table = &EG(symbol_table); + } + EX(prev_execute_data) = EG(current_execute_data); + i_init_execute_data(execute_data, op_array, return_value TSRMLS_CC); + zend_execute_ex(execute_data TSRMLS_CC); } static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) { - zend_bool nested = EX(nested); - zend_op_array *op_array = EX(op_array); - - EG(current_execute_data) = EX(prev_execute_data); - EG(opline_ptr) = NULL; - if (!EG(active_symbol_table)) { - i_free_compiled_variables(execute_data TSRMLS_CC); - } + vm_frame_kind frame_kind = VM_FRAME_KIND(EX(frame_info)); - zend_vm_stack_free((char*)execute_data - (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * op_array->T) TSRMLS_CC); + if (frame_kind == VM_FRAME_NESTED_FUNCTION) { + zend_object *object; - if ((op_array->fn_flags & ZEND_ACC_CLOSURE) && op_array->prototype) { - zval_ptr_dtor((zval**)&op_array->prototype); - } + i_free_compiled_variables(execute_data TSRMLS_CC); + if (UNEXPECTED(EX(symbol_table) != NULL)) { + zend_clean_and_cache_symbol_table(EX(symbol_table) TSRMLS_CC); + } + zend_vm_stack_free_extra_args(execute_data TSRMLS_CC); + EG(current_execute_data) = EX(prev_execute_data); + if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_CLOSURE) != 0) && EX(func)->op_array.prototype) { + OBJ_RELEASE((zend_object*)EX(func)->op_array.prototype); + } + object = Z_OBJ(EX(This)); + zend_vm_stack_free_call_frame(execute_data TSRMLS_CC); - if (nested) { execute_data = EG(current_execute_data); - } - if (nested) { - USE_OPLINE - - LOAD_REGS(); - LOAD_OPLINE(); - if (UNEXPECTED(opline->opcode == ZEND_INCLUDE_OR_EVAL)) { - EX(function_state).function = (zend_function *) EX(op_array); - EX(function_state).arguments = NULL; - - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); - destroy_op_array(op_array TSRMLS_CC); - efree(op_array); - if (UNEXPECTED(EG(exception) != NULL)) { - zend_throw_exception_internal(NULL TSRMLS_CC); - HANDLE_EXCEPTION_LEAVE(); + if (object) { + if (UNEXPECTED(EG(exception) != NULL) && (EX(opline)->op1.num & ZEND_CALL_CTOR)) { + if (!(EX(opline)->op1.num & ZEND_CALL_CTOR_RESULT_UNUSED)) { + GC_REFCOUNT(object)--; + } + if (GC_REFCOUNT(object) == 1) { + zend_object_store_ctor_failed(object TSRMLS_CC); + } } + OBJ_RELEASE(object); + } + EG(scope) = EX(scope); - ZEND_VM_INC_OPCODE(); - ZEND_VM_LEAVE(); - } else { - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); - if (EG(active_symbol_table)) { - zend_clean_and_cache_symbol_table(EG(active_symbol_table) TSRMLS_CC); + if (UNEXPECTED(EG(exception) != NULL)) { + const zend_op *opline = EX(opline); + zend_throw_exception_internal(NULL TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + zval_ptr_dtor(EX_VAR(opline->result.var)); } - EG(active_symbol_table) = EX(symbol_table); + HANDLE_EXCEPTION_LEAVE(); + } - EX(function_state).function = (zend_function *) EX(op_array); - EX(function_state).arguments = NULL; + LOAD_OPLINE(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_LEAVE(); + } else if (frame_kind == VM_FRAME_NESTED_CODE) { + zend_detach_symbol_table(execute_data); + destroy_op_array(&EX(func)->op_array TSRMLS_CC); + efree_size(EX(func), sizeof(zend_op_array)); + EG(current_execute_data) = EX(prev_execute_data); + zend_vm_stack_free_call_frame(execute_data TSRMLS_CC); - if (EG(This)) { - if (UNEXPECTED(EG(exception) != NULL) && EX(call)->is_ctor_call) { - if (EX(call)->is_ctor_result_used) { - Z_DELREF_P(EG(This)); - } - if (Z_REFCOUNT_P(EG(This)) == 1) { - zend_object_store_ctor_failed(EG(This) TSRMLS_CC); + execute_data = EG(current_execute_data); + zend_attach_symbol_table(execute_data); + if (UNEXPECTED(EG(exception) != NULL)) { + zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION_LEAVE(); + } + + LOAD_OPLINE(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_LEAVE(); + } else { + if (frame_kind == VM_FRAME_TOP_FUNCTION) { + i_free_compiled_variables(execute_data TSRMLS_CC); + if (UNEXPECTED(EX(symbol_table) != NULL)) { + zend_clean_and_cache_symbol_table(EX(symbol_table) TSRMLS_CC); + } + zend_vm_stack_free_extra_args(execute_data TSRMLS_CC); + EG(current_execute_data) = EX(prev_execute_data); + if ((EX(func)->op_array.fn_flags & ZEND_ACC_CLOSURE) && EX(func)->op_array.prototype) { + OBJ_RELEASE((zend_object*)EX(func)->op_array.prototype); + } + } else /* if (frame_kind == VM_FRAME_TOP_CODE) */ { + zend_array *symbol_table = EX(symbol_table); + zend_execute_data *old_execute_data; + + zend_detach_symbol_table(execute_data); + old_execute_data = EX(prev_execute_data); + while (old_execute_data) { + if (old_execute_data->func && ZEND_USER_CODE(old_execute_data->func->op_array.type)) { + if (old_execute_data->symbol_table == symbol_table) { + zend_attach_symbol_table(old_execute_data); } + break; } - zval_ptr_dtor(&EG(This)); + old_execute_data = old_execute_data->prev_execute_data; } - EG(This) = EX(current_this); - EG(scope) = EX(current_scope); - EG(called_scope) = EX(current_called_scope); - - EX(call)--; + EG(current_execute_data) = EX(prev_execute_data); + } + zend_vm_stack_free_call_frame(execute_data TSRMLS_CC); - zend_vm_stack_clear_multiple(1 TSRMLS_CC); + ZEND_VM_RETURN(); + } +} - if (UNEXPECTED(EG(exception) != NULL)) { - zend_throw_exception_internal(NULL TSRMLS_CC); - if (RETURN_VALUE_USED(opline) && EX_T(opline->result.var).var.ptr) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); - } - HANDLE_EXCEPTION_LEAVE(); - } +static int ZEND_FASTCALL ZEND_JMP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE - ZEND_VM_INC_OPCODE(); - ZEND_VM_LEAVE(); - } - } - ZEND_VM_RETURN(); + ZEND_VM_SET_OPCODE(opline->op1.jmp_addr); + ZEND_VM_CONTINUE(); } -static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_DO_FCALL_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_bool should_change_scope = 0; - zend_function *fbc = EX(function_state).function; + zend_execute_data *call = EX(call); + zend_function *fbc = call->func; + zend_object *object = Z_OBJ(call->This); SAVE_OPLINE(); - EX(object) = EX(call)->object; + EX(call) = call->prev_execute_data; if (UNEXPECTED((fbc->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) != 0)) { if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_ABSTRACT) != 0)) { - zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", fbc->common.scope->name, fbc->common.function_name); + zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", fbc->common.scope->name->val, fbc->common.function_name->val); } if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_DEPRECATED) != 0)) { zend_error(E_DEPRECATED, "Function %s%s%s() is deprecated", - fbc->common.scope ? fbc->common.scope->name : "", + fbc->common.scope ? fbc->common.scope->name->val : "", fbc->common.scope ? "::" : "", - fbc->common.function_name); + fbc->common.function_name->val); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } } } - if (fbc->common.scope && - !(fbc->common.fn_flags & ZEND_ACC_STATIC) && - !EX(object)) { - if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - /* FIXME: output identifiers properly */ - zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", fbc->common.scope->name, fbc->common.function_name); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); - } + LOAD_OPLINE(); + + if (UNEXPECTED(fbc->type == ZEND_INTERNAL_FUNCTION)) { + int should_change_scope = 0; + zval *ret; + + if (fbc->common.scope) { + should_change_scope = 1; + /* TODO: we don't set scope if we call an object method ??? */ + /* See: ext/pdo_sqlite/tests/pdo_fetch_func_001.phpt */ +#if 1 + EG(scope) = object ? NULL : fbc->common.scope; +#else + EG(scope) = fbc->common.scope; +#endif } else { - /* FIXME: output identifiers properly */ - /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", fbc->common.scope->name, fbc->common.function_name); + call->called_scope = EX(called_scope); + Z_OBJ(call->This) = Z_OBJ(EX(This)); } - } - if (fbc->type == ZEND_USER_FUNCTION || fbc->common.scope) { - should_change_scope = 1; - EX(current_this) = EG(This); - EX(current_scope) = EG(scope); - EX(current_called_scope) = EG(called_scope); - EG(This) = EX(object); - EG(scope) = (fbc->type == ZEND_USER_FUNCTION || !EX(object)) ? fbc->common.scope : NULL; - EG(called_scope) = EX(call)->called_scope; - } + call->prev_execute_data = execute_data; + EG(current_execute_data) = call; - EX(function_state).arguments = zend_vm_stack_top(TSRMLS_C); - zend_vm_stack_push((void*)(zend_uintptr_t)opline->extended_value TSRMLS_CC); - LOAD_OPLINE(); + if (fbc->common.fn_flags & ZEND_ACC_HAS_TYPE_HINTS) { + uint32_t i; + zval *p = ZEND_CALL_ARG(call, 1); - if (fbc->type == ZEND_INTERNAL_FUNCTION) { - if (fbc->common.arg_info) { - zend_uint i=0; - zval **p = (zval**)EX(function_state).arguments; - ulong arg_count = opline->extended_value; - - while (arg_count>0) { - zend_verify_arg_type(fbc, ++i, *(p-arg_count), 0 TSRMLS_CC); - arg_count--; + for (i = 0; i < call->num_args; ++i) { + zend_verify_arg_type(fbc, i + 1, p, 0 TSRMLS_CC); + p++; + } + if (UNEXPECTED(EG(exception) != NULL)) { + EG(current_execute_data) = call->prev_execute_data; + zend_vm_stack_free_args(call TSRMLS_CC); + zend_vm_stack_free_call_frame(call TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_UNDEF(EX_VAR(opline->result.var)); + } + if (UNEXPECTED(should_change_scope)) { + goto fcall_end_change_scope; + } else { + goto fcall_end; + } } } - if (EXPECTED(EG(exception) == NULL)) { - temp_variable *ret = &EX_T(opline->result.var); - - MAKE_STD_ZVAL(ret->var.ptr); - ZVAL_NULL(ret->var.ptr); - ret->var.ptr_ptr = &ret->var.ptr; - ret->var.fcall_returned_reference = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0; + ret = EX_VAR(opline->result.var); + ZVAL_NULL(ret); + Z_VAR_FLAGS_P(ret) = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0 ? IS_VAR_RET_REF : 0; - if (!zend_execute_internal) { - /* saves one function call if zend_execute_internal is not used */ - fbc->internal_function.handler(opline->extended_value, ret->var.ptr, &ret->var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); - } else { - zend_execute_internal(execute_data, NULL, RETURN_VALUE_USED(opline) TSRMLS_CC); - } + if (!zend_execute_internal) { + /* saves one function call if zend_execute_internal is not used */ + fbc->internal_function.handler(call, ret TSRMLS_CC); + } else { + zend_execute_internal(call, ret TSRMLS_CC); + } + EG(current_execute_data) = call->prev_execute_data; + zend_vm_stack_free_args(call TSRMLS_CC); + zend_vm_stack_free_call_frame(call TSRMLS_CC); - if (!RETURN_VALUE_USED(opline)) { - zval_ptr_dtor(&ret->var.ptr); - } - } else if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr = NULL; + if (!RETURN_VALUE_USED(opline)) { + zval_ptr_dtor(ret); } - } else if (fbc->type == ZEND_USER_FUNCTION) { - EX(original_return_value) = EG(return_value_ptr_ptr); - EG(active_symbol_table) = NULL; - EG(active_op_array) = &fbc->op_array; - EG(return_value_ptr_ptr) = NULL; - if (RETURN_VALUE_USED(opline)) { - temp_variable *ret = &EX_T(opline->result.var); - ret->var.ptr = NULL; - EG(return_value_ptr_ptr) = &ret->var.ptr; - ret->var.ptr_ptr = &ret->var.ptr; - ret->var.fcall_returned_reference = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0; + if (UNEXPECTED(should_change_scope)) { + goto fcall_end_change_scope; + } else { + goto fcall_end; } + } else if (EXPECTED(fbc->type == ZEND_USER_FUNCTION)) { + call->scope = EG(scope) = fbc->common.scope; + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_GENERATOR) != 0)) { + if (RETURN_VALUE_USED(opline)) { + zend_generator_create_zval(call, &fbc->op_array, EX_VAR(opline->result.var) TSRMLS_CC); + } else { + zend_vm_stack_free_args(call TSRMLS_CC); + } + + zend_vm_stack_free_call_frame(call TSRMLS_CC); + } else { + zval *return_value = NULL; - if (UNEXPECTED((EG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0)) { + call->symbol_table = NULL; if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr = zend_generator_create_zval(EG(active_op_array) TSRMLS_CC); + return_value = EX_VAR(opline->result.var); + + ZVAL_NULL(return_value); + Z_VAR_FLAGS_P(return_value) = 0; } - } else if (EXPECTED(zend_execute_ex == execute_ex)) { - if (EXPECTED(EG(exception) == NULL)) { + + call->prev_execute_data = execute_data; + i_init_func_execute_data(call, &fbc->op_array, return_value TSRMLS_CC); + + if (EXPECTED(zend_execute_ex == execute_ex)) { ZEND_VM_ENTER(); + } else { + call->frame_info = VM_FRAME_INFO( + VM_FRAME_TOP_FUNCTION, + VM_FRAME_FLAGS(call->frame_info)); + zend_execute_ex(call TSRMLS_CC); } - } else { - zend_execute(EG(active_op_array) TSRMLS_CC); } - - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); - if (EG(active_symbol_table)) { - zend_clean_and_cache_symbol_table(EG(active_symbol_table) TSRMLS_CC); - } - EG(active_symbol_table) = EX(symbol_table); } else { /* ZEND_OVERLOADED_FUNCTION */ - MAKE_STD_ZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_NULL(EX_T(opline->result.var).var.ptr); + EG(scope) = fbc->common.scope; + + ZVAL_NULL(EX_VAR(opline->result.var)); /* Not sure what should be done here if it's a static method */ - if (EXPECTED(EX(object) != NULL)) { - Z_OBJ_HT_P(EX(object))->call_method(fbc->common.function_name, opline->extended_value, EX_T(opline->result.var).var.ptr, &EX_T(opline->result.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); + if (EXPECTED(object != NULL)) { + call->prev_execute_data = execute_data; + EG(current_execute_data) = call; + object->handlers->call_method(fbc->common.function_name, object, call, EX_VAR(opline->result.var) TSRMLS_CC); + EG(current_execute_data) = call->prev_execute_data; } else { zend_error_noreturn(E_ERROR, "Cannot call overloaded function for non-object"); } + zend_vm_stack_free_args(call TSRMLS_CC); + + zend_vm_stack_free_call_frame(call TSRMLS_CC); + if (fbc->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) { - efree((char*)fbc->common.function_name); + zend_string_release(fbc->common.function_name); } efree(fbc); if (!RETURN_VALUE_USED(opline)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + zval_ptr_dtor(EX_VAR(opline->result.var)); } else { - Z_UNSET_ISREF_P(EX_T(opline->result.var).var.ptr); - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - EX_T(opline->result.var).var.fcall_returned_reference = 0; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; +//??? Z_UNSET_ISREF_P(EX_T(opline->result.var).var.ptr); +//??? Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); + Z_VAR_FLAGS_P(EX_VAR(opline->result.var)) = 0; } } - EX(function_state).function = (zend_function *) EX(op_array); - EX(function_state).arguments = NULL; - - if (should_change_scope) { - if (EG(This)) { - if (UNEXPECTED(EG(exception) != NULL) && EX(call)->is_ctor_call) { - if (EX(call)->is_ctor_result_used) { - Z_DELREF_P(EG(This)); - } - if (Z_REFCOUNT_P(EG(This)) == 1) { - zend_object_store_ctor_failed(EG(This) TSRMLS_CC); - } +fcall_end_change_scope: + if (object) { + if (UNEXPECTED(EG(exception) != NULL) && (opline->op1.num & ZEND_CALL_CTOR)) { + if (!(opline->op1.num & ZEND_CALL_CTOR_RESULT_UNUSED)) { + GC_REFCOUNT(object)--; + } + if (GC_REFCOUNT(object) == 1) { + zend_object_store_ctor_failed(object TSRMLS_CC); } - zval_ptr_dtor(&EG(This)); } - EG(This) = EX(current_this); - EG(scope) = EX(current_scope); - EG(called_scope) = EX(current_called_scope); + OBJ_RELEASE(object); } + EG(scope) = EX(scope); - EX(call)--; - - zend_vm_stack_clear_multiple(1 TSRMLS_CC); - +fcall_end: if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); - if (RETURN_VALUE_USED(opline) && EX_T(opline->result.var).var.ptr) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (RETURN_VALUE_USED(opline)) { + zval_ptr_dtor(EX_VAR(opline->result.var)); } HANDLE_EXCEPTION(); } @@ -656,119 +671,354 @@ static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_AR ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_JMP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_GENERATOR_RETURN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - USE_OPLINE + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); -#if DEBUG_ZEND>=2 - printf("Jumping to %d\n", opline->op1.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op1.jmp_addr); - ZEND_VM_CONTINUE(); + /* Close the generator to free up resources */ + zend_generator_close(generator, 1 TSRMLS_CC); + + /* Pass execution back to handling code */ + ZEND_VM_RETURN(); } -static int ZEND_FASTCALL ZEND_INIT_STRING_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_UNPACK_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *tmp = &EX_T(opline->result.var).tmp_var; - + zend_free_op free_op1; + zval *args; + int arg_num; SAVE_OPLINE(); - tmp->value.str.val = emalloc(1); - tmp->value.str.val[0] = 0; - tmp->value.str.len = 0; - Z_SET_REFCOUNT_P(tmp, 1); - tmp->type = IS_STRING; - Z_UNSET_ISREF_P(tmp); - /*CHECK_EXCEPTION();*/ - ZEND_VM_NEXT_OPCODE(); -} -static int ZEND_FASTCALL ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - EX(function_state).function = EX(call)->fbc; - return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} + args = get_zval_ptr(opline->op1_type, &opline->op1, execute_data, &free_op1, BP_VAR_R); + arg_num = EX(call)->num_args + 1; -static int ZEND_FASTCALL ZEND_GENERATOR_RETURN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); +send_again: + switch (Z_TYPE_P(args)) { + case IS_ARRAY: { + HashTable *ht = Z_ARRVAL_P(args); + zval *arg, *top; + zend_string *name; - /* Close the generator to free up resources */ - zend_generator_close(generator, 1 TSRMLS_CC); + zend_vm_stack_extend_call_frame(&EX(call), arg_num - 1, zend_hash_num_elements(ht) TSRMLS_CC); - /* Pass execution back to handling code */ - ZEND_VM_RETURN(); + if (opline->op1_type != IS_CONST && opline->op1_type != IS_TMP_VAR && Z_IMMUTABLE_P(args)) { + uint32_t i; + int separate = 0; + + /* check if any of arguments are going to be passed by reference */ + for (i = 0; i < zend_hash_num_elements(ht); i++) { + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, arg_num + i)) { + separate = 1; + break; + } + } + if (separate) { + zval_copy_ctor(args); + ht = Z_ARRVAL_P(args); + } + } + + ZEND_HASH_FOREACH_STR_KEY_VAL(ht, name, arg) { + if (name) { + zend_error(E_RECOVERABLE_ERROR, "Cannot unpack array with string keys"); + FREE_OP(free_op1); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + + top = ZEND_CALL_ARG(EX(call), arg_num); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, arg_num)) { + if (!Z_IMMUTABLE_P(args)) { + ZVAL_MAKE_REF(arg); + Z_ADDREF_P(arg); + ZVAL_REF(top, Z_REF_P(arg)); + } else { + ZVAL_DUP(top, arg); + } + } else if (Z_ISREF_P(arg)) { + ZVAL_COPY(top, Z_REFVAL_P(arg)); + } else { + ZVAL_COPY(top, arg); + } + + EX(call)->num_args++; + arg_num++; + } ZEND_HASH_FOREACH_END(); + + break; + } + case IS_OBJECT: { + zend_class_entry *ce = Z_OBJCE_P(args); + zend_object_iterator *iter; + + if (!ce || !ce->get_iterator) { + zend_error(E_WARNING, "Only arrays and Traversables can be unpacked"); + break; + } + + iter = ce->get_iterator(ce, args, 0 TSRMLS_CC); + if (UNEXPECTED(!iter)) { + FREE_OP(free_op1); + if (!EG(exception)) { + zend_throw_exception_ex( + NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name->val + ); + } + HANDLE_EXCEPTION(); + } + + if (iter->funcs->rewind) { + iter->funcs->rewind(iter TSRMLS_CC); + if (UNEXPECTED(EG(exception) != NULL)) { + goto unpack_iter_dtor; + } + } + + for (; iter->funcs->valid(iter TSRMLS_CC) == SUCCESS; ++arg_num) { + zval *arg, *top; + + if (UNEXPECTED(EG(exception) != NULL)) { + goto unpack_iter_dtor; + } + + arg = iter->funcs->get_current_data(iter TSRMLS_CC); + if (UNEXPECTED(EG(exception) != NULL)) { + goto unpack_iter_dtor; + } + + if (iter->funcs->get_current_key) { + zval key; + iter->funcs->get_current_key(iter, &key TSRMLS_CC); + if (UNEXPECTED(EG(exception) != NULL)) { + goto unpack_iter_dtor; + } + + if (Z_TYPE(key) == IS_STRING) { + zend_error(E_RECOVERABLE_ERROR, + "Cannot unpack Traversable with string keys"); + zval_dtor(&key); + goto unpack_iter_dtor; + } + + zval_dtor(&key); + } + + if (ARG_MUST_BE_SENT_BY_REF(EX(call)->func, arg_num)) { + zend_error( + E_WARNING, "Cannot pass by-reference argument %d of %s%s%s()" + " by unpacking a Traversable, passing by-value instead", arg_num, + EX(call)->func->common.scope ? EX(call)->func->common.scope->name->val : "", + EX(call)->func->common.scope ? "::" : "", + EX(call)->func->common.function_name->val + ); + } + + if (Z_ISREF_P(arg)) { + ZVAL_DUP(arg, Z_REFVAL_P(arg)); + } else { + if (Z_REFCOUNTED_P(arg)) Z_ADDREF_P(arg); + } + + zend_vm_stack_extend_call_frame(&EX(call), arg_num - 1, 1 TSRMLS_CC); + top = ZEND_CALL_ARG(EX(call), arg_num); + ZVAL_COPY_VALUE(top, arg); + EX(call)->num_args++; + + iter->funcs->move_forward(iter TSRMLS_CC); + if (UNEXPECTED(EG(exception) != NULL)) { + goto unpack_iter_dtor; + } + } + +unpack_iter_dtor: + zend_iterator_dtor(iter TSRMLS_CC); + break; + } + case IS_REFERENCE: + args = Z_REFVAL_P(args); + goto send_again; + break; + default: + zend_error(E_WARNING, "Only arrays and Traversables can be unpacked"); + } + + FREE_OP(free_op1); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_RECV_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_ARRAY_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_uint arg_num = opline->op1.num; - zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); - + zend_free_op free_op1; + zval *args; SAVE_OPLINE(); - if (UNEXPECTED(param == NULL)) { - if (zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, NULL, opline->extended_value TSRMLS_CC)) { - const char *space; - const char *class_name; - zend_execute_data *ptr; - if (EG(active_op_array)->scope) { - class_name = EG(active_op_array)->scope->name; - space = "::"; - } else { - class_name = space = ""; + args = get_zval_ptr_deref(opline->op1_type, &opline->op1, execute_data, &free_op1, BP_VAR_R); + + if (Z_TYPE_P(args) != IS_ARRAY) { + zend_error(E_WARNING, "call_user_func_array() expects parameter 2 to be array, %s given", zend_get_type_by_const(Z_TYPE_P(args))); + if (EX(call)->func->common.fn_flags & ZEND_ACC_CLOSURE) { + OBJ_RELEASE((zend_object*)EX(call)->func->common.prototype); + } + if (Z_OBJ(EX(call)->This)) { + OBJ_RELEASE(Z_OBJ(EX(call)->This)); + } + EX(call)->func = (zend_function*)&zend_pass_function; + EX(call)->called_scope = NULL; + Z_OBJ(EX(call)->This) = NULL; + } else { + uint32_t arg_num = 1; + + HashTable *ht = Z_ARRVAL_P(args); + zval *arg, *param, tmp; + + zend_vm_stack_extend_call_frame(&EX(call), 0, zend_hash_num_elements(ht) TSRMLS_CC); + + if (opline->op1_type != IS_CONST && opline->op1_type != IS_TMP_VAR && Z_IMMUTABLE_P(args)) { + uint32_t i; + int separate = 0; + + /* check if any of arguments are going to be passed by reference */ + for (i = 0; i < zend_hash_num_elements(ht); i++) { + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, arg_num + i)) { + separate = 1; + break; + } } - ptr = EX(prev_execute_data); + if (separate) { + zval_copy_ctor(args); + ht = Z_ARRVAL_P(args); + } + } + + param = ZEND_CALL_ARG(EX(call), arg_num); + ZEND_HASH_FOREACH_VAL(ht, arg) { + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, arg_num)) { + // TODO: Scalar values don't have reference counters anymore. + // They are assumed to be 1, and they may be easily passed by + // reference now. However, previously scalars with refcount==1 + // might be passed and with refcount>1 might not. We can support + // only single behavior ??? +#if 0 + if (Z_REFCOUNTED_P(arg) && + // This solution breaks the following test (omit warning message) ??? + // Zend/tests/bug61273.phpt + // ext/reflection/tests/bug42976.phpt + // ext/standard/tests/general_functions/call_user_func_array_variation_001.phpt +#else + if (!Z_REFCOUNTED_P(arg) || + // This solution breaks the following test (emit warning message) ??? + // ext/pdo_sqlite/tests/pdo_005.phpt +#endif + (!Z_ISREF_P(arg) && Z_REFCOUNT_P(arg) > 1)) { + + if (!ARG_MAY_BE_SENT_BY_REF(EX(call)->func, arg_num)) { + + zend_error(E_WARNING, "Parameter %d to %s%s%s() expected to be a reference, value given", + arg_num, + EX(call)->func->common.scope ? EX(call)->func->common.scope->name->val : "", + EX(call)->func->common.scope ? "::" : "", + EX(call)->func->common.function_name->val); + + if (EX(call)->func->common.fn_flags & ZEND_ACC_CLOSURE) { + OBJ_RELEASE((zend_object*)EX(call)->func->common.prototype); + } + if (Z_OBJ(EX(call)->This)) { + OBJ_RELEASE(Z_OBJ(EX(call)->This)); + } + EX(call)->func = (zend_function*)&zend_pass_function; + EX(call)->called_scope = NULL; + Z_OBJ(EX(call)->This) = NULL; + + break; + } - if(ptr && ptr->op_array) { - zend_error(E_WARNING, "Missing argument %u for %s%s%s(), called in %s on line %d and defined", opline->op1.num, class_name, space, get_active_function_name(TSRMLS_C), ptr->op_array->filename, ptr->opline->lineno); + if (Z_REFCOUNTED_P(arg)) { + Z_DELREF_P(arg); + } + ZVAL_DUP(&tmp, arg); + ZVAL_NEW_REF(arg, &tmp); + Z_ADDREF_P(arg); + } else if (!Z_ISREF_P(arg)) { + ZVAL_NEW_REF(arg, arg); + Z_ADDREF_P(arg); + } else if (Z_REFCOUNTED_P(arg)) { + Z_ADDREF_P(arg); + } + ZVAL_COPY_VALUE(param, arg); + } else if (Z_ISREF_P(arg) && + /* don't separate references for __call */ + (EX(call)->func->common.fn_flags & ZEND_ACC_CALL_VIA_HANDLER) == 0) { + ZVAL_DUP(param, Z_REFVAL_P(arg)); } else { - zend_error(E_WARNING, "Missing argument %u for %s%s%s()", opline->op1.num, class_name, space, get_active_function_name(TSRMLS_C)); + ZVAL_COPY(param, arg); } - } - } else { - zval **var_ptr; + EX(call)->num_args++; + arg_num++; + param++; + } ZEND_HASH_FOREACH_END(); + } + FREE_OP(free_op1); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_RECV_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + uint32_t arg_num = opline->op1.num; - zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param, opline->extended_value TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->result.var TSRMLS_CC); - Z_DELREF_PP(var_ptr); - *var_ptr = *param; - Z_ADDREF_PP(var_ptr); + SAVE_OPLINE(); + if (UNEXPECTED(arg_num > EX(num_args))) { + zend_verify_missing_arg(execute_data, arg_num TSRMLS_CC); + CHECK_EXCEPTION(); + } else if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_HAS_TYPE_HINTS) != 0)) { + zval *param = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->result.var TSRMLS_CC); + + zend_verify_arg_type(EX(func), arg_num, param, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); } - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_RECV_VARIADIC_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_uint arg_num = opline->op1.num; - zend_uint arg_count = zend_vm_stack_get_args_count(TSRMLS_C); - zval **var_ptr, *params; + uint32_t arg_num = opline->op1.num; + uint32_t arg_count = EX(num_args); + zval *params; SAVE_OPLINE(); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->result.var TSRMLS_CC); - Z_DELREF_PP(var_ptr); - MAKE_STD_ZVAL(params); - *var_ptr = params; + params = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->result.var TSRMLS_CC); if (arg_num <= arg_count) { + zval *param; + array_init_size(params, arg_count - arg_num + 1); + param = EX_VAR_NUM(EX(func)->op_array.last_var + EX(func)->op_array.T); + if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_HAS_TYPE_HINTS) != 0)) { + do { + zend_verify_arg_type(EX(func), arg_num, param, opline->extended_value TSRMLS_CC); + zend_hash_next_index_insert_new(Z_ARRVAL_P(params), param); + if (Z_REFCOUNTED_P(param)) Z_ADDREF_P(param); + param++; + } while (++arg_num <= arg_count); + } else { + do { + zend_hash_next_index_insert_new(Z_ARRVAL_P(params), param); + if (Z_REFCOUNTED_P(param)) Z_ADDREF_P(param); + param++; + } while (++arg_num <= arg_count); + } } else { array_init(params); } - for (; arg_num <= arg_count; ++arg_num) { - zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); - zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param, opline->extended_value TSRMLS_CC); - zend_hash_next_index_insert(Z_ARRVAL_P(params), param, sizeof(zval *), NULL); - Z_ADDREF_PP(param); - } - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -776,48 +1026,49 @@ static int ZEND_FASTCALL ZEND_RECV_VARIADIC_SPEC_HANDLER(ZEND_OPCODE_HANDLER_AR static int ZEND_FASTCALL ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *object_zval; + zval object_zval; zend_function *constructor; SAVE_OPLINE(); - if (UNEXPECTED((EX_T(opline->op1.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) != 0)) { - if (EX_T(opline->op1.var).class_entry->ce_flags & ZEND_ACC_INTERFACE) { - zend_error_noreturn(E_ERROR, "Cannot instantiate interface %s", EX_T(opline->op1.var).class_entry->name); - } else if ((EX_T(opline->op1.var).class_entry->ce_flags & ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT) { - zend_error_noreturn(E_ERROR, "Cannot instantiate trait %s", EX_T(opline->op1.var).class_entry->name); + if (UNEXPECTED((Z_CE_P(EX_VAR(opline->op1.var))->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) != 0)) { + if (Z_CE_P(EX_VAR(opline->op1.var))->ce_flags & ZEND_ACC_INTERFACE) { + zend_error_noreturn(E_ERROR, "Cannot instantiate interface %s", Z_CE_P(EX_VAR(opline->op1.var))->name->val); + } else if ((Z_CE_P(EX_VAR(opline->op1.var))->ce_flags & ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT) { + zend_error_noreturn(E_ERROR, "Cannot instantiate trait %s", Z_CE_P(EX_VAR(opline->op1.var))->name->val); } else { - zend_error_noreturn(E_ERROR, "Cannot instantiate abstract class %s", EX_T(opline->op1.var).class_entry->name); + zend_error_noreturn(E_ERROR, "Cannot instantiate abstract class %s", Z_CE_P(EX_VAR(opline->op1.var))->name->val); } } - ALLOC_ZVAL(object_zval); - object_init_ex(object_zval, EX_T(opline->op1.var).class_entry); - INIT_PZVAL(object_zval); - - constructor = Z_OBJ_HT_P(object_zval)->get_constructor(object_zval TSRMLS_CC); + object_init_ex(&object_zval, Z_CE_P(EX_VAR(opline->op1.var))); + constructor = Z_OBJ_HT(object_zval)->get_constructor(Z_OBJ(object_zval) TSRMLS_CC); if (constructor == NULL) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(&EX_T(opline->result.var), object_zval); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), &object_zval); } else { zval_ptr_dtor(&object_zval); } - ZEND_VM_JMP(EX(op_array)->opcodes + opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); } else { - call_slot *call = EX(call_slots) + opline->extended_value; + /* We are not handling overloaded classes right now */ + EX(call) = zend_vm_stack_push_call_frame( + VM_FRAME_INFO( + VM_FRAME_NESTED_FUNCTION, + RETURN_VALUE_USED(opline) ? + ZEND_CALL_CTOR : (ZEND_CALL_CTOR | ZEND_CALL_CTOR_RESULT_UNUSED)), + constructor, + opline->extended_value, + Z_CE_P(EX_VAR(opline->op1.var)), + Z_OBJ(object_zval), + EX(call) TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(object_zval); - AI_SET_PTR(&EX_T(opline->result.var), object_zval); + ZVAL_COPY(EX_VAR(opline->result.var), &object_zval); + EX(call)->return_value = EX_VAR(opline->result.var); + } else { + EX(call)->return_value = NULL; } - /* We are not handling overloaded classes right now */ - call->fbc = constructor; - call->object = object_zval; - call->called_scope = EX_T(opline->op1.var).class_entry; - call->is_ctor_call = 1; - call->is_ctor_result_used = RETURN_VALUE_USED(opline); - EX(call) = call; - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -828,17 +1079,20 @@ static int ZEND_FASTCALL ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE SAVE_OPLINE(); - Z_LVAL(EX_T(opline->result.var).tmp_var) = EG(error_reporting); - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; /* shouldn't be necessary */ - if (EX(old_error_reporting) == NULL) { - EX(old_error_reporting) = &EX_T(opline->result.var).tmp_var; + ZVAL_LONG(EX_VAR(opline->result.var), EG(error_reporting)); + if (EX(silence_op_num) == -1) { + EX(silence_op_num) = opline->op2.num; + EX(old_error_reporting) = EG(error_reporting); } if (EG(error_reporting)) { do { EG(error_reporting) = 0; if (!EG(error_reporting_ini_entry)) { - if (UNEXPECTED(zend_hash_find(EG(ini_directives), "error_reporting", sizeof("error_reporting"), (void **) &EG(error_reporting_ini_entry)) == FAILURE)) { + zend_ini_entry *p = zend_hash_str_find_ptr(EG(ini_directives), "error_reporting", sizeof("error_reporting")-1); + if (p) { + EG(error_reporting_ini_entry) = p; + } else { break; } } @@ -847,35 +1101,23 @@ static int ZEND_FASTCALL ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_AR ALLOC_HASHTABLE(EG(modified_ini_directives)); zend_hash_init(EG(modified_ini_directives), 8, NULL, NULL, 0); } - if (EXPECTED(zend_hash_add(EG(modified_ini_directives), "error_reporting", sizeof("error_reporting"), &EG(error_reporting_ini_entry), sizeof(zend_ini_entry*), NULL) == SUCCESS)) { + if (EXPECTED(zend_hash_str_add_ptr(EG(modified_ini_directives), "error_reporting", sizeof("error_reporting")-1, EG(error_reporting_ini_entry)) != NULL)) { EG(error_reporting_ini_entry)->orig_value = EG(error_reporting_ini_entry)->value; - EG(error_reporting_ini_entry)->orig_value_length = EG(error_reporting_ini_entry)->value_length; EG(error_reporting_ini_entry)->orig_modifiable = EG(error_reporting_ini_entry)->modifiable; EG(error_reporting_ini_entry)->modified = 1; } - } else if (EG(error_reporting_ini_entry)->value != EG(error_reporting_ini_entry)->orig_value) { - efree(EG(error_reporting_ini_entry)->value); } - EG(error_reporting_ini_entry)->value = estrndup("0", sizeof("0")-1); - EG(error_reporting_ini_entry)->value_length = sizeof("0")-1; } while (0); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - SAVE_OPLINE(); - zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EG(scope)->name, EX(op_array)->function_name); - ZEND_VM_NEXT_OPCODE(); /* Never reached */ -} - static int ZEND_FASTCALL ZEND_EXT_STMT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { SAVE_OPLINE(); if (!EG(no_extensions)) { - zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(op_array) TSRMLS_CC); + zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(func) TSRMLS_CC); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -885,7 +1127,7 @@ static int ZEND_FASTCALL ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ { SAVE_OPLINE(); if (!EG(no_extensions)) { - zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(op_array) TSRMLS_CC); + zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(func) TSRMLS_CC); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -895,7 +1137,7 @@ static int ZEND_FASTCALL ZEND_EXT_FCALL_END_SPEC_HANDLER(ZEND_OPCODE_HANDLER_AR { SAVE_OPLINE(); if (!EG(no_extensions)) { - zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(op_array) TSRMLS_CC); + zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(func) TSRMLS_CC); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -906,7 +1148,7 @@ static int ZEND_FASTCALL ZEND_DECLARE_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE SAVE_OPLINE(); - EX_T(opline->result.var).class_entry = do_bind_class(EX(op_array), opline, EG(class_table), 0 TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = do_bind_class(&EX(func)->op_array, opline, EG(class_table), 0 TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -916,7 +1158,7 @@ static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER(ZEND_OPCODE_ USE_OPLINE SAVE_OPLINE(); - EX_T(opline->result.var).class_entry = do_bind_inherited_class(EX(op_array), opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = do_bind_inherited_class(&EX(func)->op_array, opline, EG(class_table), Z_CE_P(EX_VAR(opline->extended_value)), 0 TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -924,13 +1166,13 @@ static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_class_entry **pce, **pce_orig; + zval *zce, *orig_zce; SAVE_OPLINE(); - if (zend_hash_quick_find(EG(class_table), Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void**)&pce) == FAILURE || - (zend_hash_quick_find(EG(class_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void**)&pce_orig) == SUCCESS && - *pce != *pce_orig)) { - do_bind_inherited_class(EX(op_array), opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); + if ((zce = zend_hash_find(EG(class_table), Z_STR_P(opline->op2.zv))) == NULL || + ((orig_zce = zend_hash_find(EG(class_table), Z_STR_P(opline->op1.zv))) != NULL && + Z_CE_P(zce) != Z_CE_P(orig_zce))) { + do_bind_inherited_class(&EX(func)->op_array, opline, EG(class_table), Z_CE_P(EX_VAR(opline->extended_value)), 0 TSRMLS_CC); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -941,7 +1183,7 @@ static int ZEND_FASTCALL ZEND_DECLARE_FUNCTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER USE_OPLINE SAVE_OPLINE(); - do_bind_function(EX(op_array), opline, EG(function_table), 0); + do_bind_function(&EX(func)->op_array, opline, EG(function_table), 0 TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -954,7 +1196,7 @@ static int ZEND_FASTCALL ZEND_TICKS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (++EG(ticks_count)>=opline->extended_value) { EG(ticks_count)=0; if (zend_ticks_function) { - zend_ticks_function(opline->extended_value); + zend_ticks_function(opline->extended_value TSRMLS_CC); } } CHECK_EXCEPTION(); @@ -974,25 +1216,24 @@ static int ZEND_FASTCALL ZEND_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_ADD_TRAIT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_class_entry *ce = EX_T(opline->op1.var).class_entry; + zend_class_entry *ce = Z_CE_P(EX_VAR(opline->op1.var)); zend_class_entry *trait; SAVE_OPLINE(); - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - trait = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + trait = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - trait = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), - Z_STRLEN_P(opline->op2.zv), - opline->op2.literal + 1, + trait = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), + opline->op2.zv + 1, opline->extended_value TSRMLS_CC); if (UNEXPECTED(trait == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } if (!((trait->ce_flags & ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT)) { - zend_error_noreturn(E_ERROR, "%s cannot use %s - it is not a trait", ce->name, trait->name); + zend_error_noreturn(E_ERROR, "%s cannot use %s - it is not a trait", ce->name->val, trait->name->val); } - CACHE_PTR(opline->op2.literal->cache_slot, trait); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), trait); } zend_do_implement_trait(ce, trait TSRMLS_CC); @@ -1004,7 +1245,7 @@ static int ZEND_FASTCALL ZEND_ADD_TRAIT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_BIND_TRAITS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_class_entry *ce = EX_T(opline->op1.var).class_entry; + zend_class_entry *ce = Z_CE_P(EX_VAR(opline->op1.var)); SAVE_OPLINE(); zend_do_bind_traits(ce TSRMLS_CC); @@ -1014,103 +1255,102 @@ static int ZEND_FASTCALL ZEND_BIND_TRAITS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_uint op_num = EG(opline_before_exception)-EG(active_op_array)->opcodes; + uint32_t op_num = EG(opline_before_exception) - EX(func)->op_array.opcodes; int i; - zend_uint catch_op_num = 0, finally_op_num = 0; - void **stack_frame; - - /* Figure out where the next stack frame (which maybe contains pushed - * arguments that have to be dtor'ed) starts */ - stack_frame = zend_vm_stack_frame_base(execute_data); - - /* If the exception was thrown during a function call there might be - * arguments pushed to the stack that have to be dtor'ed. */ - while (zend_vm_stack_top(TSRMLS_C) != stack_frame) { - zval *stack_zval_p = zend_vm_stack_pop(TSRMLS_C); - zval_ptr_dtor(&stack_zval_p); - } + uint32_t catch_op_num = 0, finally_op_num = 0, finally_op_end = 0; - for (i=0; i<EG(active_op_array)->last_try_catch; i++) { - if (EG(active_op_array)->try_catch_array[i].try_op > op_num) { + for (i = 0; i < EX(func)->op_array.last_try_catch; i++) { + if (EX(func)->op_array.try_catch_array[i].try_op > op_num) { /* further blocks will not be relevant... */ break; } - if (op_num < EG(active_op_array)->try_catch_array[i].catch_op) { - catch_op_num = EX(op_array)->try_catch_array[i].catch_op; + if (op_num < EX(func)->op_array.try_catch_array[i].catch_op) { + catch_op_num = EX(func)->op_array.try_catch_array[i].catch_op; } - if (op_num < EG(active_op_array)->try_catch_array[i].finally_op) { - finally_op_num = EX(op_array)->try_catch_array[i].finally_op; + if (op_num < EX(func)->op_array.try_catch_array[i].finally_op) { + finally_op_num = EX(func)->op_array.try_catch_array[i].finally_op; + } + if (op_num >= EX(func)->op_array.try_catch_array[i].finally_op && + op_num < EX(func)->op_array.try_catch_array[i].finally_end) { + finally_op_end = EX(func)->op_array.try_catch_array[i].finally_end; } } - if (EX(call) >= EX(call_slots)) { - call_slot *call = EX(call); + if (EX(call)) { + zend_execute_data *call = EX(call); do { - if (call->object) { - if (call->is_ctor_call) { - if (call->is_ctor_result_used) { - Z_DELREF_P(call->object); + /* If the exception was thrown during a function call there might be + * arguments pushed to the stack that have to be dtor'ed. */ + zend_vm_stack_free_args(EX(call) TSRMLS_CC); + + if (Z_OBJ(call->This)) { + if (call->frame_info & ZEND_CALL_CTOR) { + if (!(call->frame_info & ZEND_CALL_CTOR_RESULT_UNUSED)) { + GC_REFCOUNT(Z_OBJ(call->This))--; } - if (Z_REFCOUNT_P(call->object) == 1) { - zend_object_store_ctor_failed(call->object TSRMLS_CC); + if (GC_REFCOUNT(Z_OBJ(call->This)) == 1) { + zend_object_store_ctor_failed(Z_OBJ(call->This) TSRMLS_CC); } } - zval_ptr_dtor(&call->object); + OBJ_RELEASE(Z_OBJ(call->This)); } - call--; - } while (call >= EX(call_slots)); - EX(call) = NULL; + EX(call) = call->prev_execute_data; + zend_vm_stack_free_call_frame(call TSRMLS_CC); + call = EX(call); + } while (call); } - for (i=0; i<EX(op_array)->last_brk_cont; i++) { - if (EX(op_array)->brk_cont_array[i].start < 0) { + for (i = 0; i < EX(func)->op_array.last_brk_cont; i++) { + if (EX(func)->op_array.brk_cont_array[i].start < 0) { continue; - } else if (EX(op_array)->brk_cont_array[i].start > op_num) { + } else if (EX(func)->op_array.brk_cont_array[i].start > op_num) { /* further blocks will not be relevant... */ break; - } else if (op_num < EX(op_array)->brk_cont_array[i].brk) { + } else if (op_num < EX(func)->op_array.brk_cont_array[i].brk) { if (!catch_op_num || - catch_op_num >= EX(op_array)->brk_cont_array[i].brk) { - zend_op *brk_opline = &EX(op_array)->opcodes[EX(op_array)->brk_cont_array[i].brk]; + catch_op_num >= EX(func)->op_array.brk_cont_array[i].brk) { + zend_op *brk_opline = &EX(func)->op_array.opcodes[EX(func)->op_array.brk_cont_array[i].brk]; - switch (brk_opline->opcode) { - case ZEND_SWITCH_FREE: - if (!(brk_opline->extended_value & EXT_TYPE_FREE_ON_RETURN)) { - zval_ptr_dtor(&EX_T(brk_opline->op1.var).var.ptr); - } - break; - case ZEND_FREE: - if (!(brk_opline->extended_value & EXT_TYPE_FREE_ON_RETURN)) { - zendi_zval_dtor(EX_T(brk_opline->op1.var).tmp_var); - } - break; + if (brk_opline->opcode == ZEND_FREE) { + if (!(brk_opline->extended_value & EXT_TYPE_FREE_ON_RETURN)) { + zval_ptr_dtor_nogc(EX_VAR(brk_opline->op1.var)); + } } } } } /* restore previous error_reporting value */ - if (!EG(error_reporting) && EX(old_error_reporting) != NULL && Z_LVAL_P(EX(old_error_reporting)) != 0) { - zval restored_error_reporting; - - Z_TYPE(restored_error_reporting) = IS_LONG; - Z_LVAL(restored_error_reporting) = Z_LVAL_P(EX(old_error_reporting)); - convert_to_string(&restored_error_reporting); - zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), Z_STRVAL(restored_error_reporting), Z_STRLEN(restored_error_reporting), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC); - zendi_zval_dtor(restored_error_reporting); + if (!EG(error_reporting) && EX(silence_op_num) != -1 && EX(old_error_reporting) != 0) { + EG(error_reporting) = EX(old_error_reporting); } - EX(old_error_reporting) = NULL; + EX(silence_op_num) = -1; if (finally_op_num && (!catch_op_num || catch_op_num >= finally_op_num)) { - zend_exception_save(TSRMLS_C); + if (EX(delayed_exception)) { + zend_exception_set_previous(EG(exception), EX(delayed_exception) TSRMLS_CC); + } + EX(delayed_exception) = EG(exception); + EG(exception) = NULL; EX(fast_ret) = NULL; - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[finally_op_num]); + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[finally_op_num]); ZEND_VM_CONTINUE(); } else if (catch_op_num) { - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[catch_op_num]); + if (finally_op_end && catch_op_num > finally_op_end) { + /* we are going out of current finally scope */ + if (EX(delayed_exception)) { + zend_exception_set_previous(EG(exception), EX(delayed_exception) TSRMLS_CC); + EX(delayed_exception) = NULL; + } + } + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[catch_op_num]); ZEND_VM_CONTINUE(); } else { - if (UNEXPECTED((EX(op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0)) { + if (EX(delayed_exception)) { + zend_exception_set_previous(EG(exception), EX(delayed_exception) TSRMLS_CC); + EX(delayed_exception) = NULL; + } + if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_GENERATOR) != 0)) { return ZEND_GENERATOR_RETURN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -1123,7 +1363,7 @@ static int ZEND_FASTCALL ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER(ZEND_OPCODE_HA USE_OPLINE SAVE_OPLINE(); - zend_verify_abstract_class(EX_T(opline->op1.var).class_entry TSRMLS_CC); + zend_verify_abstract_class(Z_CE_P(EX_VAR(opline->op1.var)) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -1141,7 +1381,7 @@ static int ZEND_FASTCALL ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS case ZEND_USER_OPCODE_CONTINUE: ZEND_VM_CONTINUE(); case ZEND_USER_OPCODE_RETURN: - if (UNEXPECTED((EX(op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0)) { + if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_GENERATOR) != 0)) { return ZEND_GENERATOR_RETURN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -1159,10 +1399,10 @@ static int ZEND_FASTCALL ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_DISCARD_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - if (EG(prev_exception) != NULL) { + if (EX(delayed_exception) != NULL) { /* discard the previously thrown exception */ - zval_ptr_dtor(&EG(prev_exception)); - EG(prev_exception) = NULL; + OBJ_RELEASE(EX(delayed_exception)); + EX(delayed_exception) = NULL; } ZEND_VM_NEXT_OPCODE(); @@ -1172,13 +1412,14 @@ static int ZEND_FASTCALL ZEND_FAST_CALL_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - if (opline->extended_value && + if ((opline->extended_value & ZEND_FAST_CALL_FROM_CATCH) && UNEXPECTED(EG(prev_exception) != NULL)) { /* in case of unhandled exception jump to catch block instead of finally */ - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[opline->op2.opline_num]); ZEND_VM_CONTINUE(); } - EX(fast_ret) = opline + 1; + EX(fast_ret) = opline; + EX(delayed_exception) = NULL; ZEND_VM_SET_OPCODE(opline->op1.jmp_addr); ZEND_VM_CONTINUE(); } @@ -1186,25 +1427,29 @@ static int ZEND_FASTCALL ZEND_FAST_CALL_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_FAST_RET_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { if (EX(fast_ret)) { - ZEND_VM_SET_OPCODE(EX(fast_ret)); + ZEND_VM_SET_OPCODE(EX(fast_ret) + 1); + if ((EX(fast_ret)->extended_value & ZEND_FAST_CALL_FROM_FINALLY)) { + EX(fast_ret) = &EX(func)->op_array.opcodes[EX(fast_ret)->op2.opline_num]; + } ZEND_VM_CONTINUE(); } else { /* special case for unhandled exceptions */ USE_OPLINE if (opline->extended_value == ZEND_FAST_RET_TO_FINALLY) { - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[opline->op2.opline_num]); ZEND_VM_CONTINUE(); - } else if (opline->extended_value == ZEND_FAST_RET_TO_CATCH) { - zend_exception_restore(TSRMLS_C); - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); - ZEND_VM_CONTINUE(); - } else if (UNEXPECTED((EX(op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0)) { - zend_exception_restore(TSRMLS_C); - return ZEND_GENERATOR_RETURN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_exception_restore(TSRMLS_C); - return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + EG(exception) = EX(delayed_exception); + EX(delayed_exception) = NULL; + if (opline->extended_value == ZEND_FAST_RET_TO_CATCH) { + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[opline->op2.opline_num]); + ZEND_VM_CONTINUE(); + } else if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_GENERATOR) != 0)) { + return ZEND_GENERATOR_RETURN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } } } @@ -1218,7 +1463,7 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLE zend_exception_save(TSRMLS_C); } if (IS_CONST == IS_UNUSED) { - EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(NULL, opline->extended_value TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { @@ -1226,16 +1471,16 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLE zval *class_name = opline->op2.zv; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - EX_T(opline->result.var).class_entry = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(class_name))) { + Z_CE_P(EX_VAR(opline->result.var)) = CACHED_PTR(Z_CACHE_SLOT_P(class_name)); } else { - EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); - CACHE_PTR(opline->op2.literal->cache_slot, EX_T(opline->result.var).class_entry); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class_by_name(Z_STR_P(class_name), opline->op2.zv + 1, opline->extended_value TSRMLS_CC); + CACHE_PTR(Z_CACHE_SLOT_P(class_name), Z_CE_P(EX_VAR(opline->result.var))); } } else if (Z_TYPE_P(class_name) == IS_OBJECT) { - EX_T(opline->result.var).class_entry = Z_OBJCE_P(class_name); + Z_CE_P(EX_VAR(opline->result.var)) = Z_OBJCE_P(class_name); } else if (Z_TYPE_P(class_name) == IS_STRING) { - EX_T(opline->result.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(Z_STR_P(class_name), opline->extended_value TSRMLS_CC); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); @@ -1251,207 +1496,225 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *function_name; - call_slot *call = EX(call_slots) + opline->result.num; + zend_function *fbc; + zval *function_name, *func; - if (IS_CONST == IS_CONST) { - function_name = (zval*)(opline->op2.literal+1); - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); - } else if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &call->fbc) == FAILURE)) { + if (IS_CONST == IS_CONST && Z_TYPE_P(opline->op2.zv) == IS_STRING) { + function_name = (zval*)(opline->op2.zv+1); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if (UNEXPECTED((func = zend_hash_find(EG(function_table), Z_STR_P(function_name))) == NULL)) { SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } else { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), fbc); } - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, NULL, NULL, EX(call) TSRMLS_CC); + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } else { - char *function_name_strval, *lcname; - int function_name_strlen; + zend_string *lcname; + zend_class_entry *called_scope; + zend_object *object; + zval *function_name_ptr; SAVE_OPLINE(); - function_name = opline->op2.zv; + function_name_ptr = function_name = opline->op2.zv; + ZVAL_DEREF(function_name); if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + if (Z_STRVAL_P(function_name)[0] == '\\') { + lcname = zend_string_alloc(Z_STRLEN_P(function_name) - 1, 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name) + 1, Z_STRLEN_P(function_name) - 1); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + lcname = zend_string_alloc(Z_STRLEN_P(function_name), 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)); } - if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &call->fbc) == FAILURE)) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + if (UNEXPECTED((func = zend_hash_find(EG(function_table), lcname)) == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(function_name)); } - efree(lcname); + zend_string_free(lcname); - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_CONST != IS_CONST && IS_CONST != IS_TMP_VAR && + fbc = Z_FUNC_P(func); + called_scope = NULL; + object = NULL; + } else if (IS_CONST != IS_CONST && EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && - Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &call->called_scope, &call->fbc, &call->object TSRMLS_CC) == SUCCESS) { - if (call->object) { - Z_ADDREF_P(call->object); + Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &called_scope, &fbc, &object TSRMLS_CC) == SUCCESS) { + if (object) { + GC_REFCOUNT(object)++; } if (IS_CONST == IS_VAR && 0 && Z_REFCOUNT_P(function_name) == 1 && - call->fbc->common.fn_flags & ZEND_ACC_CLOSURE) { + fbc->common.fn_flags & ZEND_ACC_CLOSURE) { /* Delay closure destruction until its invocation */ - call->fbc->common.prototype = (zend_function*)function_name; - } else { + fbc->common.prototype = (zend_function*)Z_OBJ_P(function_name_ptr); + } else if (IS_CONST == IS_CV) { } - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_CONST != IS_CONST && - EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && + } else if (EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) { - zend_class_entry *ce; - zval **method = NULL; - zval **obj = NULL; + zval *obj; + zval *method; - zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) &obj); - zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) &method); + obj = zend_hash_index_find(Z_ARRVAL_P(function_name), 0); + method = zend_hash_index_find(Z_ARRVAL_P(function_name), 1); if (!obj || !method) { zend_error_noreturn(E_ERROR, "Array callback has to contain indices 0 and 1"); } - if (Z_TYPE_PP(obj) != IS_STRING && Z_TYPE_PP(obj) != IS_OBJECT) { + ZVAL_DEREF(obj); + if (Z_TYPE_P(obj) != IS_STRING && Z_TYPE_P(obj) != IS_OBJECT) { zend_error_noreturn(E_ERROR, "First array member is not a valid class name or object"); } - if (Z_TYPE_PP(method) != IS_STRING) { + ZVAL_DEREF(method); + if (Z_TYPE_P(method) != IS_STRING) { zend_error_noreturn(E_ERROR, "Second array member is not a valid method"); } - if (Z_TYPE_PP(obj) == IS_STRING) { - ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC); - if (UNEXPECTED(ce == NULL)) { + if (Z_TYPE_P(obj) == IS_STRING) { + object = NULL; + called_scope = zend_fetch_class_by_name(Z_STR_P(obj), NULL, 0 TSRMLS_CC); + if (UNEXPECTED(called_scope == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - call->called_scope = ce; - call->object = NULL; - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC); + if (called_scope->get_static_method) { + fbc = called_scope->get_static_method(called_scope, Z_STR_P(method) TSRMLS_CC); } else { - call->fbc = zend_std_get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); + fbc = zend_std_get_static_method(called_scope, Z_STR_P(method), NULL TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", called_scope->name->val, Z_STRVAL_P(method)); + } + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } } } else { - call->object = *obj; - ce = call->called_scope = Z_OBJCE_PP(obj); + called_scope = Z_OBJCE_P(obj); + object = Z_OBJ_P(obj); - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), Z_STRVAL_PP(method)); + fbc = Z_OBJ_HT_P(obj)->get_method(&object, Z_STR_P(method), NULL TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", object->ce->name->val, Z_STRVAL_P(method)); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; + if ((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { + object = NULL; } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; - } + GC_REFCOUNT(object)++; /* For $this pointer */ } } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, Z_STRVAL_PP(method)); - } - call->is_ctor_call = 0; - EX(call) = call; - - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - ZEND_VM_NEXT_OPCODE(); /* Never reached */ + ZEND_VM_CONTINUE(); /* Never reached */ } + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } } - static int ZEND_FASTCALL ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_literal *func_name; - call_slot *call = EX(call_slots) + opline->result.num; + zval *func_name; + zval *func; + zend_function *fbc; - func_name = opline->op2.literal + 1; - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); - } else if (zend_hash_quick_find(EG(function_table), Z_STRVAL(func_name->constant), Z_STRLEN(func_name->constant)+1, func_name->hash_value, (void **) &call->fbc)==FAILURE) { + func_name = opline->op2.zv + 1; + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if ((func = zend_hash_find(EG(function_table), Z_STR_P(func_name))) == NULL) { func_name++; - if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL(func_name->constant), Z_STRLEN(func_name->constant)+1, func_name->hash_value, (void **) &call->fbc)==FAILURE)) { + if (UNEXPECTED((func = zend_hash_find(EG(function_table), Z_STR_P(func_name))) == NULL)) { SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } else { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), fbc); } } else { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), fbc); + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, NULL, NULL, EX(call) TSRMLS_CC); + + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_INIT_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *fname = opline->op2.zv; + zval *func; + zend_function *fbc; + + if (CACHED_PTR(Z_CACHE_SLOT_P(fname))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(fname)); + } else if (UNEXPECTED((func = zend_hash_find(EG(function_table), Z_STR_P(fname))) == NULL)) { + SAVE_OPLINE(); + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(fname)); + } else { + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(fname), fbc); } - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, NULL, NULL, EX(call) TSRMLS_CC); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_RECV_INIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *assignment_value; - zend_uint arg_num = opline->op1.num; - zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); - zval **var_ptr; + uint32_t arg_num = opline->op1.num; + zval *param; SAVE_OPLINE(); - if (param == NULL) { - ALLOC_ZVAL(assignment_value); - *assignment_value = *opline->op2.zv; - if ((Z_TYPE_P(assignment_value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || - Z_TYPE_P(assignment_value)==IS_CONSTANT_ARRAY) { - Z_SET_REFCOUNT_P(assignment_value, 1); - zval_update_constant(&assignment_value, 0 TSRMLS_CC); + param = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->result.var TSRMLS_CC); + if (arg_num > EX(num_args)) { + ZVAL_COPY_VALUE(param, opline->op2.zv); + if (Z_OPT_CONSTANT_P(param)) { + zval_update_constant(param, 0 TSRMLS_CC); } else { - zval_copy_ctor(assignment_value); + /* IS_CONST can't be IS_OBJECT, IS_RESOURCE or IS_REFERENCE */ + if (UNEXPECTED(Z_OPT_COPYABLE_P(param))) { + zval_copy_ctor_func(param); + } } - INIT_PZVAL(assignment_value); - } else { - assignment_value = *param; - Z_ADDREF_P(assignment_value); } - zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value, opline->extended_value TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->result.var TSRMLS_CC); - zval_ptr_dtor(var_ptr); - *var_ptr = assignment_value; + if (UNEXPECTED((EX(func)->op_array.fn_flags & ZEND_ACC_HAS_TYPE_HINTS) != 0)) { + zend_verify_arg_type(EX(func), arg_num, param, opline->extended_value TSRMLS_CC); + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -1464,8 +1727,8 @@ static int ZEND_FASTCALL ZEND_BRK_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); el = zend_brk_cont(Z_LVAL_P(opline->op2.zv), opline->op1.opline_num, - EX(op_array), execute_data TSRMLS_CC); - ZEND_VM_JMP(EX(op_array)->opcodes + el->brk); + &EX(func)->op_array, execute_data TSRMLS_CC); + ZEND_VM_JMP(EX(func)->op_array.opcodes + el->brk); } static int ZEND_FASTCALL ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -1475,8 +1738,8 @@ static int ZEND_FASTCALL ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); el = zend_brk_cont(Z_LVAL_P(opline->op2.zv), opline->op1.opline_num, - EX(op_array), execute_data TSRMLS_CC); - ZEND_VM_JMP(EX(op_array)->opcodes + el->cont); + &EX(func)->op_array, execute_data TSRMLS_CC); + ZEND_VM_JMP(EX(func)->op_array.opcodes + el->cont); } static int ZEND_FASTCALL ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -1487,21 +1750,14 @@ static int ZEND_FASTCALL ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); el = zend_brk_cont(Z_LVAL_P(opline->op2.zv), opline->extended_value, - EX(op_array), execute_data TSRMLS_CC); + &EX(func)->op_array, execute_data TSRMLS_CC); - brk_opline = EX(op_array)->opcodes + el->brk; + brk_opline = EX(func)->op_array.opcodes + el->brk; - switch (brk_opline->opcode) { - case ZEND_SWITCH_FREE: - if (!(brk_opline->extended_value & EXT_TYPE_FREE_ON_RETURN)) { - zval_ptr_dtor(&EX_T(brk_opline->op1.var).var.ptr); - } - break; - case ZEND_FREE: - if (!(brk_opline->extended_value & EXT_TYPE_FREE_ON_RETURN)) { - zendi_zval_dtor(EX_T(brk_opline->op1.var).tmp_var); - } - break; + if (brk_opline->opcode == ZEND_FREE) { + if (!(brk_opline->extended_value & EXT_TYPE_FREE_ON_RETURN)) { + zval_ptr_dtor_nogc(EX_VAR(brk_opline->op1.var)); + } } ZEND_VM_JMP(opline->op1.jmp_addr); } @@ -1509,23 +1765,23 @@ static int ZEND_FASTCALL ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_class_entry *ce = EX_T(opline->op1.var).class_entry; + zend_class_entry *ce = Z_CE_P(EX_VAR(opline->op1.var)); zend_class_entry *iface; SAVE_OPLINE(); - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - iface = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + iface = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - iface = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); + iface = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, opline->extended_value TSRMLS_CC); if (UNEXPECTED(iface == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, iface); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), iface); } if (UNEXPECTED((iface->ce_flags & ZEND_ACC_INTERFACE) == 0)) { - zend_error_noreturn(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name, iface->name); + zend_error_noreturn(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name->val, iface->name->val); } zend_do_implement_interface(ce, iface TSRMLS_CC); @@ -1542,7 +1798,7 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ zend_exception_save(TSRMLS_C); } if (IS_TMP_VAR == IS_UNUSED) { - EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(NULL, opline->extended_value TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { @@ -1550,16 +1806,16 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ zval *class_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); if (IS_TMP_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - EX_T(opline->result.var).class_entry = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(class_name))) { + Z_CE_P(EX_VAR(opline->result.var)) = CACHED_PTR(Z_CACHE_SLOT_P(class_name)); } else { - EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); - CACHE_PTR(opline->op2.literal->cache_slot, EX_T(opline->result.var).class_entry); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class_by_name(Z_STR_P(class_name), opline->op2.zv + 1, opline->extended_value TSRMLS_CC); + CACHE_PTR(Z_CACHE_SLOT_P(class_name), Z_CE_P(EX_VAR(opline->result.var))); } } else if (Z_TYPE_P(class_name) == IS_OBJECT) { - EX_T(opline->result.var).class_entry = Z_OBJCE_P(class_name); + Z_CE_P(EX_VAR(opline->result.var)) = Z_OBJCE_P(class_name); } else if (Z_TYPE_P(class_name) == IS_STRING) { - EX_T(opline->result.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(Z_STR_P(class_name), opline->extended_value TSRMLS_CC); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); @@ -1567,7 +1823,7 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string"); } - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -1576,150 +1832,149 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *function_name; - call_slot *call = EX(call_slots) + opline->result.num; + zend_function *fbc; + zval *function_name, *func; - if (IS_TMP_VAR == IS_CONST) { - function_name = (zval*)(opline->op2.literal+1); - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); - } else if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &call->fbc) == FAILURE)) { + if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(opline->op2.zv) == IS_STRING) { + function_name = (zval*)(opline->op2.zv+1); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if (UNEXPECTED((func = zend_hash_find(EG(function_table), Z_STR_P(function_name))) == NULL)) { SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } else { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), fbc); } - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, NULL, NULL, EX(call) TSRMLS_CC); + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } else { - char *function_name_strval, *lcname; - int function_name_strlen; + zend_string *lcname; zend_free_op free_op2; + zend_class_entry *called_scope; + zend_object *object; + zval *function_name_ptr; SAVE_OPLINE(); - function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + function_name_ptr = function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + ZVAL_DEREF(function_name); if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + if (Z_STRVAL_P(function_name)[0] == '\\') { + lcname = zend_string_alloc(Z_STRLEN_P(function_name) - 1, 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name) + 1, Z_STRLEN_P(function_name) - 1); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + lcname = zend_string_alloc(Z_STRLEN_P(function_name), 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)); } - if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &call->fbc) == FAILURE)) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + if (UNEXPECTED((func = zend_hash_find(EG(function_table), lcname)) == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(function_name)); } - efree(lcname); - zval_dtor(free_op2.var); - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_TMP_VAR != IS_CONST && IS_TMP_VAR != IS_TMP_VAR && + zend_string_free(lcname); + zval_ptr_dtor_nogc(free_op2.var); + + fbc = Z_FUNC_P(func); + called_scope = NULL; + object = NULL; + } else if (IS_TMP_VAR != IS_CONST && EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && - Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &call->called_scope, &call->fbc, &call->object TSRMLS_CC) == SUCCESS) { - if (call->object) { - Z_ADDREF_P(call->object); + Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &called_scope, &fbc, &object TSRMLS_CC) == SUCCESS) { + if (object) { + GC_REFCOUNT(object)++; } if (IS_TMP_VAR == IS_VAR && 1 && Z_REFCOUNT_P(function_name) == 1 && - call->fbc->common.fn_flags & ZEND_ACC_CLOSURE) { + fbc->common.fn_flags & ZEND_ACC_CLOSURE) { /* Delay closure destruction until its invocation */ - call->fbc->common.prototype = (zend_function*)function_name; - } else { - zval_dtor(free_op2.var); + fbc->common.prototype = (zend_function*)Z_OBJ_P(function_name_ptr); + } else if (IS_TMP_VAR == IS_CV) { + zval_ptr_dtor_nogc(free_op2.var); } - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_TMP_VAR != IS_CONST && - EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && + } else if (EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) { - zend_class_entry *ce; - zval **method = NULL; - zval **obj = NULL; + zval *obj; + zval *method; - zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) &obj); - zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) &method); + obj = zend_hash_index_find(Z_ARRVAL_P(function_name), 0); + method = zend_hash_index_find(Z_ARRVAL_P(function_name), 1); if (!obj || !method) { zend_error_noreturn(E_ERROR, "Array callback has to contain indices 0 and 1"); } - if (Z_TYPE_PP(obj) != IS_STRING && Z_TYPE_PP(obj) != IS_OBJECT) { + ZVAL_DEREF(obj); + if (Z_TYPE_P(obj) != IS_STRING && Z_TYPE_P(obj) != IS_OBJECT) { zend_error_noreturn(E_ERROR, "First array member is not a valid class name or object"); } - if (Z_TYPE_PP(method) != IS_STRING) { + ZVAL_DEREF(method); + if (Z_TYPE_P(method) != IS_STRING) { zend_error_noreturn(E_ERROR, "Second array member is not a valid method"); } - if (Z_TYPE_PP(obj) == IS_STRING) { - ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC); - if (UNEXPECTED(ce == NULL)) { + if (Z_TYPE_P(obj) == IS_STRING) { + object = NULL; + called_scope = zend_fetch_class_by_name(Z_STR_P(obj), NULL, 0 TSRMLS_CC); + if (UNEXPECTED(called_scope == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - call->called_scope = ce; - call->object = NULL; - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC); + if (called_scope->get_static_method) { + fbc = called_scope->get_static_method(called_scope, Z_STR_P(method) TSRMLS_CC); } else { - call->fbc = zend_std_get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); + fbc = zend_std_get_static_method(called_scope, Z_STR_P(method), NULL TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", called_scope->name->val, Z_STRVAL_P(method)); + } + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } } } else { - call->object = *obj; - ce = call->called_scope = Z_OBJCE_PP(obj); + called_scope = Z_OBJCE_P(obj); + object = Z_OBJ_P(obj); - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), Z_STRVAL_PP(method)); + fbc = Z_OBJ_HT_P(obj)->get_method(&object, Z_STR_P(method), NULL TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", object->ce->name->val, Z_STRVAL_P(method)); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; + if ((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { + object = NULL; } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; - } + GC_REFCOUNT(object)++; /* For $this pointer */ } } - - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, Z_STRVAL_PP(method)); - } - call->is_ctor_call = 0; - EX(call) = call; - zval_dtor(free_op2.var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + zval_ptr_dtor_nogc(free_op2.var); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - ZEND_VM_NEXT_OPCODE(); /* Never reached */ + ZEND_VM_CONTINUE(); /* Never reached */ } + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } } - static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -1729,24 +1984,24 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ zend_exception_save(TSRMLS_C); } if (IS_VAR == IS_UNUSED) { - EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(NULL, opline->extended_value TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_free_op free_op2; - zval *class_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + zval *class_name = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - EX_T(opline->result.var).class_entry = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(class_name))) { + Z_CE_P(EX_VAR(opline->result.var)) = CACHED_PTR(Z_CACHE_SLOT_P(class_name)); } else { - EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); - CACHE_PTR(opline->op2.literal->cache_slot, EX_T(opline->result.var).class_entry); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class_by_name(Z_STR_P(class_name), opline->op2.zv + 1, opline->extended_value TSRMLS_CC); + CACHE_PTR(Z_CACHE_SLOT_P(class_name), Z_CE_P(EX_VAR(opline->result.var))); } } else if (Z_TYPE_P(class_name) == IS_OBJECT) { - EX_T(opline->result.var).class_entry = Z_OBJCE_P(class_name); + Z_CE_P(EX_VAR(opline->result.var)) = Z_OBJCE_P(class_name); } else if (Z_TYPE_P(class_name) == IS_STRING) { - EX_T(opline->result.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(Z_STR_P(class_name), opline->extended_value TSRMLS_CC); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); @@ -1754,7 +2009,7 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string"); } - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -1763,150 +2018,149 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *function_name; - call_slot *call = EX(call_slots) + opline->result.num; + zend_function *fbc; + zval *function_name, *func; - if (IS_VAR == IS_CONST) { - function_name = (zval*)(opline->op2.literal+1); - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); - } else if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &call->fbc) == FAILURE)) { + if (IS_VAR == IS_CONST && Z_TYPE_P(opline->op2.zv) == IS_STRING) { + function_name = (zval*)(opline->op2.zv+1); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if (UNEXPECTED((func = zend_hash_find(EG(function_table), Z_STR_P(function_name))) == NULL)) { SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } else { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), fbc); } - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, NULL, NULL, EX(call) TSRMLS_CC); + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } else { - char *function_name_strval, *lcname; - int function_name_strlen; + zend_string *lcname; zend_free_op free_op2; + zend_class_entry *called_scope; + zend_object *object; + zval *function_name_ptr; SAVE_OPLINE(); - function_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + function_name_ptr = function_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + ZVAL_DEREF(function_name); if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + if (Z_STRVAL_P(function_name)[0] == '\\') { + lcname = zend_string_alloc(Z_STRLEN_P(function_name) - 1, 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name) + 1, Z_STRLEN_P(function_name) - 1); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + lcname = zend_string_alloc(Z_STRLEN_P(function_name), 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)); } - if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &call->fbc) == FAILURE)) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + if (UNEXPECTED((func = zend_hash_find(EG(function_table), lcname)) == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(function_name)); } - efree(lcname); - zval_ptr_dtor(&free_op2.var); - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_VAR != IS_CONST && IS_VAR != IS_TMP_VAR && + zend_string_free(lcname); + zval_ptr_dtor_nogc(free_op2.var); + + fbc = Z_FUNC_P(func); + called_scope = NULL; + object = NULL; + } else if (IS_VAR != IS_CONST && EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && - Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &call->called_scope, &call->fbc, &call->object TSRMLS_CC) == SUCCESS) { - if (call->object) { - Z_ADDREF_P(call->object); + Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &called_scope, &fbc, &object TSRMLS_CC) == SUCCESS) { + if (object) { + GC_REFCOUNT(object)++; } if (IS_VAR == IS_VAR && (free_op2.var != NULL) && Z_REFCOUNT_P(function_name) == 1 && - call->fbc->common.fn_flags & ZEND_ACC_CLOSURE) { + fbc->common.fn_flags & ZEND_ACC_CLOSURE) { /* Delay closure destruction until its invocation */ - call->fbc->common.prototype = (zend_function*)function_name; - } else { - zval_ptr_dtor(&free_op2.var); + fbc->common.prototype = (zend_function*)Z_OBJ_P(function_name_ptr); + } else if (IS_VAR == IS_CV) { + zval_ptr_dtor_nogc(free_op2.var); } - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_VAR != IS_CONST && - EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && + } else if (EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) { - zend_class_entry *ce; - zval **method = NULL; - zval **obj = NULL; + zval *obj; + zval *method; - zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) &obj); - zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) &method); + obj = zend_hash_index_find(Z_ARRVAL_P(function_name), 0); + method = zend_hash_index_find(Z_ARRVAL_P(function_name), 1); if (!obj || !method) { zend_error_noreturn(E_ERROR, "Array callback has to contain indices 0 and 1"); } - if (Z_TYPE_PP(obj) != IS_STRING && Z_TYPE_PP(obj) != IS_OBJECT) { + ZVAL_DEREF(obj); + if (Z_TYPE_P(obj) != IS_STRING && Z_TYPE_P(obj) != IS_OBJECT) { zend_error_noreturn(E_ERROR, "First array member is not a valid class name or object"); } - if (Z_TYPE_PP(method) != IS_STRING) { + ZVAL_DEREF(method); + if (Z_TYPE_P(method) != IS_STRING) { zend_error_noreturn(E_ERROR, "Second array member is not a valid method"); } - if (Z_TYPE_PP(obj) == IS_STRING) { - ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC); - if (UNEXPECTED(ce == NULL)) { + if (Z_TYPE_P(obj) == IS_STRING) { + object = NULL; + called_scope = zend_fetch_class_by_name(Z_STR_P(obj), NULL, 0 TSRMLS_CC); + if (UNEXPECTED(called_scope == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - call->called_scope = ce; - call->object = NULL; - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC); + if (called_scope->get_static_method) { + fbc = called_scope->get_static_method(called_scope, Z_STR_P(method) TSRMLS_CC); } else { - call->fbc = zend_std_get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); + fbc = zend_std_get_static_method(called_scope, Z_STR_P(method), NULL TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", called_scope->name->val, Z_STRVAL_P(method)); + } + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } } } else { - call->object = *obj; - ce = call->called_scope = Z_OBJCE_PP(obj); + called_scope = Z_OBJCE_P(obj); + object = Z_OBJ_P(obj); - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), Z_STRVAL_PP(method)); + fbc = Z_OBJ_HT_P(obj)->get_method(&object, Z_STR_P(method), NULL TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", object->ce->name->val, Z_STRVAL_P(method)); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; + if ((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { + object = NULL; } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; - } + GC_REFCOUNT(object)++; /* For $this pointer */ } } - - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, Z_STRVAL_PP(method)); - } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op2.var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + zval_ptr_dtor_nogc(free_op2.var); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - ZEND_VM_NEXT_OPCODE(); /* Never reached */ + ZEND_VM_CONTINUE(); /* Never reached */ } + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } } - static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -1916,7 +2170,7 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDL zend_exception_save(TSRMLS_C); } if (IS_UNUSED == IS_UNUSED) { - EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(NULL, opline->extended_value TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { @@ -1924,16 +2178,16 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDL zval *class_name = NULL; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - EX_T(opline->result.var).class_entry = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(class_name))) { + Z_CE_P(EX_VAR(opline->result.var)) = CACHED_PTR(Z_CACHE_SLOT_P(class_name)); } else { - EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); - CACHE_PTR(opline->op2.literal->cache_slot, EX_T(opline->result.var).class_entry); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class_by_name(Z_STR_P(class_name), opline->op2.zv + 1, opline->extended_value TSRMLS_CC); + CACHE_PTR(Z_CACHE_SLOT_P(class_name), Z_CE_P(EX_VAR(opline->result.var))); } } else if (Z_TYPE_P(class_name) == IS_OBJECT) { - EX_T(opline->result.var).class_entry = Z_OBJCE_P(class_name); + Z_CE_P(EX_VAR(opline->result.var)) = Z_OBJCE_P(class_name); } else if (Z_TYPE_P(class_name) == IS_STRING) { - EX_T(opline->result.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(Z_STR_P(class_name), opline->extended_value TSRMLS_CC); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); @@ -1955,24 +2209,24 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_A zend_exception_save(TSRMLS_C); } if (IS_CV == IS_UNUSED) { - EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(NULL, opline->extended_value TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - zval *class_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + zval *class_name = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); if (IS_CV == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - EX_T(opline->result.var).class_entry = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(class_name))) { + Z_CE_P(EX_VAR(opline->result.var)) = CACHED_PTR(Z_CACHE_SLOT_P(class_name)); } else { - EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); - CACHE_PTR(opline->op2.literal->cache_slot, EX_T(opline->result.var).class_entry); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class_by_name(Z_STR_P(class_name), opline->op2.zv + 1, opline->extended_value TSRMLS_CC); + CACHE_PTR(Z_CACHE_SLOT_P(class_name), Z_CE_P(EX_VAR(opline->result.var))); } } else if (Z_TYPE_P(class_name) == IS_OBJECT) { - EX_T(opline->result.var).class_entry = Z_OBJCE_P(class_name); + Z_CE_P(EX_VAR(opline->result.var)) = Z_OBJCE_P(class_name); } else if (Z_TYPE_P(class_name) == IS_STRING) { - EX_T(opline->result.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC); + Z_CE_P(EX_VAR(opline->result.var)) = zend_fetch_class(Z_STR_P(class_name), opline->extended_value TSRMLS_CC); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); @@ -1988,157 +2242,155 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_A static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *function_name; - call_slot *call = EX(call_slots) + opline->result.num; + zend_function *fbc; + zval *function_name, *func; - if (IS_CV == IS_CONST) { - function_name = (zval*)(opline->op2.literal+1); - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); - } else if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &call->fbc) == FAILURE)) { + if (IS_CV == IS_CONST && Z_TYPE_P(opline->op2.zv) == IS_STRING) { + function_name = (zval*)(opline->op2.zv+1); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if (UNEXPECTED((func = zend_hash_find(EG(function_table), Z_STR_P(function_name))) == NULL)) { SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } else { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); + fbc = Z_FUNC_P(func); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), fbc); } - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, NULL, NULL, EX(call) TSRMLS_CC); + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } else { - char *function_name_strval, *lcname; - int function_name_strlen; + zend_string *lcname; + zend_class_entry *called_scope; + zend_object *object; + zval *function_name_ptr; SAVE_OPLINE(); - function_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + function_name_ptr = function_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + ZVAL_DEREF(function_name); if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + if (Z_STRVAL_P(function_name)[0] == '\\') { + lcname = zend_string_alloc(Z_STRLEN_P(function_name) - 1, 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name) + 1, Z_STRLEN_P(function_name) - 1); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + lcname = zend_string_alloc(Z_STRLEN_P(function_name), 0); + zend_str_tolower_copy(lcname->val, Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)); } - if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &call->fbc) == FAILURE)) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + if (UNEXPECTED((func = zend_hash_find(EG(function_table), lcname)) == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(function_name)); } - efree(lcname); + zend_string_free(lcname); - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_CV != IS_CONST && IS_CV != IS_TMP_VAR && + fbc = Z_FUNC_P(func); + called_scope = NULL; + object = NULL; + } else if (IS_CV != IS_CONST && EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && - Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &call->called_scope, &call->fbc, &call->object TSRMLS_CC) == SUCCESS) { - if (call->object) { - Z_ADDREF_P(call->object); + Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &called_scope, &fbc, &object TSRMLS_CC) == SUCCESS) { + if (object) { + GC_REFCOUNT(object)++; } if (IS_CV == IS_VAR && 0 && Z_REFCOUNT_P(function_name) == 1 && - call->fbc->common.fn_flags & ZEND_ACC_CLOSURE) { + fbc->common.fn_flags & ZEND_ACC_CLOSURE) { /* Delay closure destruction until its invocation */ - call->fbc->common.prototype = (zend_function*)function_name; - } else { + fbc->common.prototype = (zend_function*)Z_OBJ_P(function_name_ptr); + } else if (IS_CV == IS_CV) { } - call->is_ctor_call = 0; - EX(call) = call; - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (IS_CV != IS_CONST && - EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && + } else if (EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) { - zend_class_entry *ce; - zval **method = NULL; - zval **obj = NULL; + zval *obj; + zval *method; - zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) &obj); - zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) &method); + obj = zend_hash_index_find(Z_ARRVAL_P(function_name), 0); + method = zend_hash_index_find(Z_ARRVAL_P(function_name), 1); if (!obj || !method) { zend_error_noreturn(E_ERROR, "Array callback has to contain indices 0 and 1"); } - if (Z_TYPE_PP(obj) != IS_STRING && Z_TYPE_PP(obj) != IS_OBJECT) { + ZVAL_DEREF(obj); + if (Z_TYPE_P(obj) != IS_STRING && Z_TYPE_P(obj) != IS_OBJECT) { zend_error_noreturn(E_ERROR, "First array member is not a valid class name or object"); } - if (Z_TYPE_PP(method) != IS_STRING) { + ZVAL_DEREF(method); + if (Z_TYPE_P(method) != IS_STRING) { zend_error_noreturn(E_ERROR, "Second array member is not a valid method"); } - if (Z_TYPE_PP(obj) == IS_STRING) { - ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC); - if (UNEXPECTED(ce == NULL)) { + if (Z_TYPE_P(obj) == IS_STRING) { + object = NULL; + called_scope = zend_fetch_class_by_name(Z_STR_P(obj), NULL, 0 TSRMLS_CC); + if (UNEXPECTED(called_scope == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - call->called_scope = ce; - call->object = NULL; - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC); + if (called_scope->get_static_method) { + fbc = called_scope->get_static_method(called_scope, Z_STR_P(method) TSRMLS_CC); } else { - call->fbc = zend_std_get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); + fbc = zend_std_get_static_method(called_scope, Z_STR_P(method), NULL TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", called_scope->name->val, Z_STRVAL_P(method)); + } + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + fbc->common.scope->name->val, fbc->common.function_name->val); + } } } else { - call->object = *obj; - ce = call->called_scope = Z_OBJCE_PP(obj); + called_scope = Z_OBJCE_P(obj); + object = Z_OBJ_P(obj); - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, Z_STRVAL_PP(method), Z_STRLEN_PP(method), NULL TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), Z_STRVAL_PP(method)); + fbc = Z_OBJ_HT_P(obj)->get_method(&object, Z_STR_P(method), NULL TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", object->ce->name->val, Z_STRVAL_P(method)); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; + if ((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { + object = NULL; } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; - } + GC_REFCOUNT(object)++; /* For $this pointer */ } } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, Z_STRVAL_PP(method)); - } - call->is_ctor_call = 0; - EX(call) = call; - - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); } else { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - ZEND_VM_NEXT_OPCODE(); /* Never reached */ + ZEND_VM_CONTINUE(); /* Never reached */ } + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } } - static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE SAVE_OPLINE(); - bitwise_not_function(&EX_T(opline->result.var).tmp_var, + bitwise_not_function(EX_VAR(opline->result.var), opline->op1.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -2151,7 +2403,7 @@ static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); - boolean_not_function(&EX_T(opline->result.var).tmp_var, + boolean_not_function(EX_VAR(opline->result.var), opline->op1.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -2167,10 +2419,7 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); z = opline->op1.zv; - if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) { - INIT_PZVAL(z); - } - zend_print_variable(z); + zend_print_variable(z TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -2180,7 +2429,7 @@ static int ZEND_FASTCALL ZEND_PRINT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE - ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); + ZVAL_LONG(EX_VAR(opline->result.var), 1); return ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } @@ -2189,29 +2438,30 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *val; - int ret; SAVE_OPLINE(); val = opline->op1.zv; - if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CONST == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (!ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + opline++; + } else { + opline = opline->op2.jmp_addr; } - ZEND_VM_NEXT_OPCODE(); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -2219,29 +2469,30 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS USE_OPLINE zval *val; - int ret; SAVE_OPLINE(); val = opline->op1.zv; - if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CONST == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - if (ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + opline = opline->op2.jmp_addr; + } else { + opline++; } - ZEND_VM_NEXT_OPCODE(); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -2249,33 +2500,30 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG USE_OPLINE zval *val; - int retval; SAVE_OPLINE(); val = opline->op1.zv; - if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CONST == IS_TMP_VAR) { + if (EXPECTED(Z_TYPE_P(val) == IS_TRUE)) { + ZEND_VM_SET_RELATIVE_OPCODE(opline, opline->extended_value); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (EXPECTED(retval != 0)) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on true to %d\n", opline->extended_value); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + + if (i_zend_is_true(val TSRMLS_CC)) { + opline = (zend_op*)(((char*)opline) + opline->extended_value); } else { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on false to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + opline = opline->op2.jmp_addr; + } + + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -2283,30 +2531,34 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE zval *val; - int retval; SAVE_OPLINE(); val = opline->op1.zv; - if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CONST == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (!retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline++; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; } - ZEND_VM_NEXT_OPCODE(); + + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -2314,54 +2566,33 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A USE_OPLINE zval *val; - int retval; SAVE_OPLINE(); val = opline->op1.zv; - if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CONST == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); - } - ZEND_VM_NEXT_OPCODE(); -} - -static int ZEND_FASTCALL ZEND_DO_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - USE_OPLINE - - zval *fname = opline->op1.zv; - call_slot *call = EX(call_slots) + opline->op2.num; - - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - EX(function_state).function = CACHED_PTR(opline->op1.literal->cache_slot); - } else if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(fname), Z_STRLEN_P(fname)+1, Z_HASH_P(fname), (void **) &EX(function_state).function)==FAILURE)) { - SAVE_OPLINE(); - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", fname->value.str.val); + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; } else { - CACHE_PTR(opline->op1.literal->cache_slot, EX(function_state).function); + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline++; } - call->fbc = EX(function_state).function; - call->object = NULL; - call->called_scope = NULL; - call->is_ctor_call = 0; - EX(call) = call; - return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -2373,34 +2604,23 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); retval_ptr = opline->op1.zv; - if (!EG(return_value_ptr_ptr)) { + if (!EX(return_value)) { } else { - if (IS_CONST == IS_CONST || - IS_CONST == IS_TMP_VAR || - PZVAL_IS_REF(retval_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - if (IS_CONST != IS_TMP_VAR) { - zval_copy_ctor(ret); + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(EX(return_value)))) { + zval_copy_ctor_func(EX(return_value)); + } } - *EG(return_value_ptr_ptr) = ret; + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(retval_ptr)) { + ZVAL_COPY(EX(return_value), Z_REFVAL_P(retval_ptr)); - } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && - retval_ptr == &EG(uninitialized_zval)) { - zval *ret; - - if (IS_CONST == IS_VAR) { - Z_DELREF_P(retval_ptr); - } - ALLOC_INIT_ZVAL(ret); - *EG(return_value_ptr_ptr) = ret; } else { - *EG(return_value_ptr_ptr) = retval_ptr; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); if (IS_CONST == IS_CV) { - Z_ADDREF_P(retval_ptr); + if (Z_OPT_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } } } @@ -2411,66 +2631,56 @@ static int ZEND_FASTCALL ZEND_RETURN_BY_REF_SPEC_CONST_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zval *retval_ptr; - zval **retval_ptr_ptr; SAVE_OPLINE(); do { - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR || + (IS_CONST == IS_VAR && opline->extended_value == ZEND_RETURNS_VALUE)) { /* Not supposed to happen, but we'll allow it */ zend_error(E_NOTICE, "Only variable references should be returned by reference"); retval_ptr = opline->op1.zv; - if (!EG(return_value_ptr_ptr)) { + if (!EX(return_value)) { if (IS_CONST == IS_TMP_VAR) { } - } else if (!0) { /* Not a temp var */ - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; } else { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - *EG(return_value_ptr_ptr) = ret; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (IS_CONST != IS_TMP_VAR) { + zval_opt_copy_ctor_no_imm(EX(return_value)); + } } break; } - retval_ptr_ptr = NULL; + retval_ptr = NULL; - if (IS_CONST == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { + if (IS_CONST == IS_VAR && UNEXPECTED(retval_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } - if (IS_CONST == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) { + if (IS_CONST == IS_VAR && !Z_ISREF_P(retval_ptr)) { if (opline->extended_value == ZEND_RETURNS_FUNCTION && - EX_T(opline->op1.var).var.fcall_returned_reference) { - } else if (EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + (Z_VAR_FLAGS_P(retval_ptr) & IS_VAR_RET_REF)) { + } else { zend_error(E_NOTICE, "Only variable references should be returned by reference"); - if (EG(return_value_ptr_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, *retval_ptr_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; + if (EX(return_value)) { + ZVAL_NEW_REF(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (Z_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } break; } } - if (EG(return_value_ptr_ptr)) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr); - Z_ADDREF_PP(retval_ptr_ptr); - - *EG(return_value_ptr_ptr) = *retval_ptr_ptr; + if (EX(return_value)) { + ZVAL_MAKE_REF(retval_ptr); + Z_ADDREF_P(retval_ptr); + ZVAL_REF(EX(return_value), Z_REF_P(retval_ptr)); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; } } while (0); @@ -2481,7 +2691,6 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zval *value; - zval *exception; SAVE_OPLINE(); @@ -2495,14 +2704,11 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS } zend_exception_save(TSRMLS_C); - /* Not sure if a complete copy is what we want here */ - ALLOC_ZVAL(exception); - INIT_PZVAL_COPY(exception, value); - if (!0) { - zval_copy_ctor(exception); + if (IS_CONST != IS_TMP_VAR) { + if (Z_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - zend_throw_exception_object(exception TSRMLS_CC); + zend_throw_exception_object(value TSRMLS_CC); zend_exception_restore(TSRMLS_C); HANDLE_EXCEPTION(); @@ -2511,28 +2717,41 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value, *arg; + SAVE_OPLINE(); - if (opline->extended_value==ZEND_DO_FCALL_BY_NAME - && ARG_MUST_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { - zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); + value = opline->op1.zv; + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY_VALUE(arg, value); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(arg))) { + zval_copy_ctor_func(arg); + } } - { - zval *valptr; - zval *value; + ZEND_VM_NEXT_OPCODE(); +} +static int ZEND_FASTCALL ZEND_SEND_VAL_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *value, *arg; - value = opline->op1.zv; - ALLOC_ZVAL(valptr); - INIT_PZVAL_COPY(valptr, value); - if (!0) { - zval_copy_ctor(valptr); + SAVE_OPLINE(); + if (ARG_MUST_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.num); + } + value = opline->op1.zv; + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY_VALUE(arg, value); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(arg))) { + zval_copy_ctor_func(arg); } - zend_vm_stack_push(valptr TSRMLS_CC); - } - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -2540,11 +2759,11 @@ static int ZEND_FASTCALL ZEND_BOOL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *retval = EX_VAR(opline->result.var); SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - ZVAL_BOOL(retval, i_zend_is_true(opline->op1.zv)); + ZVAL_BOOL(retval, i_zend_is_true(opline->op1.zv TSRMLS_CC)); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -2563,7 +2782,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS obj = opline->op1.zv; if (IS_CONST == IS_CONST || - UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { + (IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT))) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } @@ -2575,7 +2794,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS clone_call = Z_OBJ_HT_P(obj)->clone_obj; if (UNEXPECTED(clone_call == NULL)) { if (ce) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); + zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name->val); } else { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object"); } @@ -2585,30 +2804,22 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (UNEXPECTED(ce != EG(scope))) { - zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(ce != EX(scope))) { + zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EG(scope)))) { - zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EX(scope)))) { + zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } } if (EXPECTED(EG(exception) == NULL)) { - zval *retval; - - ALLOC_ZVAL(retval); - Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(retval) = IS_OBJECT; - Z_SET_REFCOUNT_P(retval, 1); - Z_SET_ISREF_P(retval); + ZVAL_OBJ(EX_VAR(opline->result.var), clone_call(obj TSRMLS_CC)); if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&retval); - } else { - AI_SET_PTR(&EX_T(opline->result.var), retval); + zval_ptr_dtor(EX_VAR(opline->result.var)); } } @@ -2621,54 +2832,95 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *expr; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); expr = opline->op1.zv; - if (opline->extended_value != IS_STRING) { - ZVAL_COPY_VALUE(result, expr); - if (!0) { - zendi_zval_copy_ctor(*result); - } - } switch (opline->extended_value) { case IS_NULL: - convert_to_null(result); + /* This code is taken from convert_to_null. However, it does not seems very useful, + * because a conversion to null always results in the same value. This could only + * be relevant if a cast_object handler for IS_NULL has some kind of side-effect. */ +#if 0 + if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { + ZVAL_DEREF(expr); + } + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->cast_object) { + if (Z_OBJ_HT_P(expr)->cast_object(expr, result, IS_NULL TSRMLS_CC) == SUCCESS) { + break; + } + } +#endif + + ZVAL_NULL(result); break; - case IS_BOOL: - convert_to_boolean(result); + case _IS_BOOL: + ZVAL_BOOL(result, zend_is_true(expr TSRMLS_CC)); break; case IS_LONG: - convert_to_long(result); + ZVAL_LONG(result, zval_get_long(expr)); break; case IS_DOUBLE: - convert_to_double(result); + ZVAL_DOUBLE(result, zval_get_double(expr)); + break; + case IS_STRING: + ZVAL_STR(result, zval_get_string(expr)); break; - case IS_STRING: { - zval var_copy; - int use_copy; + default: + /* If value is already of correct type, return it directly */ + if (Z_TYPE_P(expr) == opline->extended_value) { + ZVAL_COPY_VALUE(result, expr); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(result))) { + zval_copy_ctor_func(result); + } + } else if (IS_CONST != IS_TMP_VAR) { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } - zend_make_printable_zval(expr, &var_copy, &use_copy); - if (use_copy) { - ZVAL_COPY_VALUE(result, &var_copy); - if (0) { + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + if (opline->extended_value == IS_ARRAY) { + if (Z_TYPE_P(expr) != IS_OBJECT) { + ZVAL_NEW_ARR(result); + zend_hash_init(Z_ARRVAL_P(result), 8, NULL, ZVAL_PTR_DTOR, 0); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_index_add_new(Z_ARRVAL_P(result), 0, expr); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + Z_ADDREF_P(result); + convert_to_array(result); } } else { - ZVAL_COPY_VALUE(result, expr); - if (!0) { - zendi_zval_copy_ctor(*result); + if (Z_TYPE_P(expr) != IS_ARRAY) { + object_init(result); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_str_add_new(Z_OBJPROP_P(result), "scalar", sizeof("scalar")-1, expr); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + zval_opt_copy_ctor(result); + convert_to_object(result); } } - break; - } - case IS_ARRAY: - convert_to_array(result); - break; - case IS_OBJECT: - convert_to_object(result); - break; } CHECK_EXCEPTION(); @@ -2681,18 +2933,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA zend_op_array *new_op_array=NULL; zval *inc_filename; - zval *tmp_inc_filename = NULL; + zval tmp_inc_filename; zend_bool failure_retval=0; SAVE_OPLINE(); inc_filename = opline->op1.zv; - if (inc_filename->type!=IS_STRING) { - MAKE_STD_ZVAL(tmp_inc_filename); - ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename); - zval_copy_ctor(tmp_inc_filename); - convert_to_string(tmp_inc_filename); - inc_filename = tmp_inc_filename; + ZVAL_UNDEF(&tmp_inc_filename); + if (Z_TYPE_P(inc_filename) != IS_STRING) { + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); + inc_filename = &tmp_inc_filename; } if (opline->extended_value != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { @@ -2708,9 +2958,9 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA zend_file_handle file_handle; char *resolved_path; - resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC); + resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), (int)Z_STRLEN_P(inc_filename) TSRMLS_CC); if (resolved_path) { - failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1); + failure_retval = zend_hash_str_exists(&EG(included_files), resolved_path, (int)strlen(resolved_path)); } else { resolved_path = Z_STRVAL_P(inc_filename); } @@ -2723,7 +2973,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA file_handle.opened_path = estrdup(resolved_path); } - if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) { + if (zend_hash_str_add_empty_element(&EG(included_files), file_handle.opened_path, (int)strlen(file_handle.opened_path))) { new_op_array = zend_compile_file(&file_handle, (opline->extended_value==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC); zend_destroy_file_handle(&file_handle TSRMLS_CC); } else { @@ -2756,55 +3006,47 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA EMPTY_SWITCH_DEFAULT_CASE() } } - if (tmp_inc_filename) { + if (Z_TYPE(tmp_inc_filename) != IS_UNDEF) { zval_ptr_dtor(&tmp_inc_filename); } if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } else if (EXPECTED(new_op_array != NULL)) { - EX(original_return_value) = EG(return_value_ptr_ptr); - EG(active_op_array) = new_op_array; + zval *return_value = NULL; + zend_execute_data *call; + if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr = NULL; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; - } else { - EG(return_value_ptr_ptr) = NULL; + return_value = EX_VAR(opline->result.var); } - EX(function_state).function = (zend_function *) new_op_array; - EX(object) = NULL; + call = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_CODE, + (zend_function*)new_op_array, 0, EX(called_scope), Z_OBJ(EX(This)), NULL TSRMLS_CC); - if (!EG(active_symbol_table)) { - zend_rebuild_symbol_table(TSRMLS_C); + if (EX(symbol_table)) { + call->symbol_table = EX(symbol_table); + } else { + call->symbol_table = zend_rebuild_symbol_table(TSRMLS_C); } + call->prev_execute_data = execute_data; + i_init_code_execute_data(call, new_op_array, return_value TSRMLS_CC); if (EXPECTED(zend_execute_ex == execute_ex)) { ZEND_VM_ENTER(); } else { - zend_execute(new_op_array TSRMLS_CC); + call->frame_info = VM_FRAME_TOP_CODE; + zend_execute_ex(call TSRMLS_CC); } - EX(function_state).function = (zend_function *) EX(op_array); - - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); - efree(new_op_array); + efree_size(new_op_array, sizeof(zend_op_array)); if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } else if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_BOOL(retval, failure_retval); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_BOOL(EX_VAR(opline->result.var), failure_retval); } ZEND_VM_NEXT_OPCODE(); } @@ -2813,7 +3055,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A { USE_OPLINE - zval *array_ptr, **array_ptr_ptr; + zval *array_ptr, *array_ref, iterator, tmp; HashTable *fe_ht; zend_object_iterator *iter = NULL; zend_class_entry *ce = NULL; @@ -2822,104 +3064,119 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && - (opline->extended_value & ZEND_FE_RESET_VARIABLE)) { - array_ptr_ptr = NULL; - if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - MAKE_STD_ZVAL(array_ptr); - ZVAL_NULL(array_ptr); - } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { - if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { - zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); - } - - ce = Z_OBJCE_PP(array_ptr_ptr); - if (!ce || ce->get_iterator == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - Z_ADDREF_PP(array_ptr_ptr); + (opline->extended_value & ZEND_FE_FETCH_BYREF)) { + array_ptr = array_ref = NULL; + ZVAL_DEREF(array_ptr); + if (Z_TYPE_P(array_ptr) == IS_ARRAY) { + SEPARATE_ARRAY(array_ptr); + if (!Z_ISREF_P(array_ref)) { + ZVAL_NEW_REF(array_ref, array_ref); + array_ptr = Z_REFVAL_P(array_ref); + } + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); + } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { + ce = Z_OBJCE_P(array_ptr); + if (ce->get_iterator == NULL) { + Z_ADDREF_P(array_ptr); } - array_ptr = *array_ptr_ptr; + array_ref = array_ptr; } else { - if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - if (opline->extended_value & ZEND_FE_FETCH_BYREF) { - Z_SET_ISREF_PP(array_ptr_ptr); - } - } - array_ptr = *array_ptr_ptr; - Z_ADDREF_P(array_ptr); + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); } } else { - array_ptr = opline->op1.zv; - if (0) { /* IS_TMP_VAR */ - zval *tmp; - - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - array_ptr = tmp; + array_ptr = array_ref = opline->op1.zv; + ZVAL_DEREF(array_ptr); + if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&tmp, array_ptr); + if (Z_OPT_IMMUTABLE_P(&tmp)) { + zval_copy_ctor_func(&tmp); + } + array_ref = array_ptr = &tmp; if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); if (ce && ce->get_iterator) { - Z_DELREF_P(array_ptr); + Z_DELREF_P(array_ref); } } } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); - if (!ce || !ce->get_iterator) { + if (!ce->get_iterator) { if (IS_CONST == IS_CV) { - Z_ADDREF_P(array_ptr); + Z_ADDREF_P(array_ref); } } - } else if (IS_CONST == IS_CONST || - (IS_CONST == IS_CV && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 1) || - (IS_CONST == IS_VAR && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 2)) { - zval *tmp; - - if (IS_CONST == IS_VAR) { - Z_DELREF_P(array_ptr); + } else if (Z_IMMUTABLE_P(array_ref)) { + if (IS_CONST == IS_CV) { + zval_copy_ctor_func(array_ref); + Z_ADDREF_P(array_ref); + } else { + ZVAL_COPY_VALUE(&tmp, array_ref); + zval_copy_ctor_func(&tmp); + array_ptr = array_ref = &tmp; + } + } else if (Z_REFCOUNTED_P(array_ref)) { + if (IS_CONST == IS_CONST || + (IS_CONST == IS_CV && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 1) || + (IS_CONST == IS_VAR && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 2)) { + if (IS_CONST == IS_VAR) { + Z_DELREF_P(array_ref); + } + ZVAL_DUP(&tmp, array_ref); + array_ptr = array_ref = &tmp; + } else if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { + if (Z_ISREF_P(array_ref) && Z_REFCOUNT_P(array_ref) == 1) { + ZVAL_UNREF(array_ref); + array_ptr = array_ref; + } + if (Z_IMMUTABLE_P(array_ptr)) { + zval_copy_ctor_func(array_ptr); + } else if (Z_ISREF_P(array_ref) && + Z_COPYABLE_P(array_ptr) && + Z_REFCOUNT_P(array_ptr) > 1) { + Z_DELREF_P(array_ptr); + zval_copy_ctor_func(array_ptr); + } + if (IS_CONST == IS_CV) { + Z_ADDREF_P(array_ref); + } } - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - zval_copy_ctor(tmp); - array_ptr = tmp; - } else if (IS_CONST == IS_CV) { - Z_ADDREF_P(array_ptr); } } if (ce && ce->get_iterator) { - iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); + iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_FETCH_BYREF TSRMLS_CC); - if (IS_CONST == IS_VAR && !(opline->extended_value & ZEND_FE_RESET_VARIABLE)) { + if (IS_CONST == IS_VAR && !(opline->extended_value & ZEND_FE_FETCH_BYREF)) { } if (iter && EXPECTED(EG(exception) == NULL)) { - array_ptr = zend_iterator_wrap(iter TSRMLS_CC); + ZVAL_OBJ(&iterator, &iter->std); + array_ptr = array_ref = &iterator; } else { - if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } if (!EG(exception)) { - zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); + zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name->val); } zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } - EX_T(opline->result.var).fe.ptr = array_ptr; + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), array_ref); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + zval_ptr_dtor(array_ref); + if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } HANDLE_EXCEPTION(); @@ -2927,44 +3184,56 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + zval_ptr_dtor(array_ref); + if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { - zend_hash_internal_pointer_reset(fe_ht); - if (ce) { - zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC); - while (zend_hash_has_more_elements(fe_ht) == SUCCESS) { - char *str_key; - uint str_key_len; - ulong int_key; - zend_uchar key_type; - - key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL); - if (key_type != HASH_KEY_NON_EXISTENT && - (key_type == HASH_KEY_IS_LONG || - zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) { - break; + HashPointer *ptr = (HashPointer*)EX_VAR((opline+2)->op1.var); + HashPosition pos = 0; + Bucket *p; + + while (1) { + if (pos >= fe_ht->nNumUsed) { + is_empty = 1; + if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + } - zend_hash_move_forward(fe_ht); + ZEND_VM_JMP(opline->op2.jmp_addr); + } + p = fe_ht->arData + pos; + if (Z_TYPE(p->val) == IS_UNDEF || + (Z_TYPE(p->val) == IS_INDIRECT && + Z_TYPE_P(Z_INDIRECT(p->val)) == IS_UNDEF)) { + pos++; + continue; + } + if (!ce || + !p->key || + zend_check_property_access(Z_OBJ_P(array_ptr), p->key TSRMLS_CC) == SUCCESS) { + break; } + pos++; } - is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS; - zend_hash_get_pointer(fe_ht, &EX_T(opline->result.var).fe.fe_pos); + fe_ht->nInternalPointer = pos; + ptr->pos = pos; + ptr->ht = fe_ht; + ptr->h = fe_ht->arData[pos].h; + ptr->key = fe_ht->arData[pos].key; + is_empty = 0; } else { zend_error(E_WARNING, "Invalid argument supplied for foreach()"); is_empty = 1; } - if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + if (IS_CONST == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } if (is_empty) { - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); } else { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -2984,7 +3253,7 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); } else { - zend_print_variable(ptr); + zend_print_variable(ptr TSRMLS_CC); } } @@ -2998,19 +3267,27 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE zval *value; + int is_ref = 0; SAVE_OPLINE(); value = opline->op1.zv; - if (i_zend_is_true(value)) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!0) { - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); - } + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + if (i_zend_is_true(value TSRMLS_CC)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_CONST == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif + } ZEND_VM_JMP(opline->op2.jmp_addr); } @@ -3018,33 +3295,33 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_JMP_SET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_COALESCE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *value, *ret; + zval *value; + int is_ref = 0; SAVE_OPLINE(); value = opline->op1.zv; - if (i_zend_is_true(value)) { - if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!0) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + + if (Z_TYPE_P(value) > IS_NULL) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); } - } + } else if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_CONST == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif + } ZEND_VM_JMP(opline->op2.jmp_addr); } @@ -3061,38 +3338,123 @@ static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); value = opline->op1.zv; - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!0) { - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(value)) { + ZVAL_COPY(EX_VAR(opline->result.var), Z_REFVAL_P(value)); + + } else { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_CONST == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } + } + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_STRLEN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *value; + + + SAVE_OPLINE(); + value = opline->op1.zv; + if (EXPECTED(Z_TYPE_P(value) == IS_STRING)) { + ZVAL_LONG(EX_VAR(opline->result.var), Z_STRLEN_P(value)); + } else { + if (Z_TYPE_P(value) < IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 0); + } else if (Z_TYPE_P(value) == IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 1); + } else if (Z_TYPE_P(value) <= IS_DOUBLE) { + zend_string *str = zval_get_string(value); + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zend_string_release(str); + } else if (Z_TYPE_P(value) == IS_OBJECT) { + zend_string *str; + zval tmp; + + ZVAL_COPY(&tmp, value); + if (parse_arg_object_to_str(&tmp, &str, IS_STRING TSRMLS_CC) == FAILURE) { + goto strlen_error; + } + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zval_dtor(&tmp); + } else { +strlen_error: + zend_error(E_WARNING, "strlen() expects parameter 1 to be string, %s given", zend_get_type_by_const(Z_TYPE_P(value))); + ZVAL_NULL(EX_VAR(opline->result.var)); + } } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_QM_ASSIGN_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_TYPE_CHECK_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value; - zval *value, *ret; SAVE_OPLINE(); value = opline->op1.zv; + switch (opline->extended_value) { + case IS_NULL: + case IS_LONG: + case IS_DOUBLE: + case IS_STRING: + case IS_ARRAY: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == opline->extended_value); + break; + case _IS_BOOL: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == IS_TRUE || Z_TYPE_P(value) == IS_FALSE); + break; + case IS_OBJECT: + if (Z_TYPE_P(value) == opline->extended_value) { + zend_class_entry *ce = Z_OBJCE_P(value); + if (ce->name->len == sizeof("__PHP_Incomplete_Class") - 1 + && !strncmp(ce->name->val, "__PHP_Incomplete_Class", ce->name->len)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } else { + ZVAL_TRUE(EX_VAR(opline->result.var)); + } + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + case IS_RESOURCE: + if (Z_TYPE_P(value) == opline->extended_value) { + const char *type_name = zend_rsrc_list_get_rsrc_type(Z_RES_P(value) TSRMLS_CC); + ZVAL_BOOL(EX_VAR(opline->result.var), type_name != NULL); + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + EMPTY_SWITCH_DEFAULT_CASE() + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; +static int ZEND_FASTCALL ZEND_DEFINED_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_constant *c; + + SAVE_OPLINE(); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + } else if ((c = zend_quick_get_constant(opline->op1.zv, 0 TSRMLS_CC)) == NULL) { + ZVAL_FALSE(EX_VAR(opline->result.var)); } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!0) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); - } + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), c); + ZVAL_TRUE(EX_VAR(opline->result.var)); } - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -3103,7 +3465,7 @@ static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3118,7 +3480,7 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3133,7 +3495,7 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3148,7 +3510,7 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3163,7 +3525,7 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3178,7 +3540,7 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3193,7 +3555,7 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3208,7 +3570,7 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDL SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3223,7 +3585,7 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3236,13 +3598,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OP { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, opline->op1.zv, opline->op2.zv TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); CHECK_EXCEPTION(); @@ -3253,12 +3614,12 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, opline->op1.zv, - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -3269,12 +3630,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, opline->op1.zv, - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -3285,12 +3646,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, opline->op1.zv, - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -3301,12 +3662,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, opline->op1.zv, - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -3319,7 +3680,7 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLE SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3334,7 +3695,7 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDL SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3349,7 +3710,7 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDL SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3364,7 +3725,7 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HAN SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), opline->op1.zv, opline->op2.zv TSRMLS_CC); @@ -3376,128 +3737,113 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST_CONST(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1; + zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = opline->op1.zv; - if (IS_CONST != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_CONST == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CONST != IS_CONST) { + zend_string_release(name); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + retval = zend_std_get_static_property(ce, name, 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_CONST == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_CONST != IS_TMP_VAR) { - + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; - case ZEND_FETCH_LOCAL: + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_CONST == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - break; } } - - if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CONST != IS_CONST) { + zend_string_release(name); } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); - } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -3522,7 +3868,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CONST_CONST_HANDLER(ZEND_OPCO { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_CONST_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_CONST_CONST(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_CONST_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -3539,47 +3889,191 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_ { USE_OPLINE - zval **container; + zval *container; SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_CONST == IS_TMP_VAR || IS_CONST == IS_CONST) { - zval *container = opline->op1.zv; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } - if (IS_CONST == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + } else { + if (IS_CONST == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = opline->op2.zv; + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *container; + zval *offset; + SAVE_OPLINE(); container = opline->op1.zv; + offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_ARRAY)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - zval *value = *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1; + zval *property; + SAVE_OPLINE(); + property = opline->op2.zv; + container = NULL; + + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CONST, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + +static int ZEND_FASTCALL ZEND_FETCH_LIST_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + SAVE_OPLINE(); + container = opline->op1.zv; + + if (EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + + zval *value = zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + + ZVAL_COPY(EX_VAR(opline->result.var), value); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT) && + EXPECTED(Z_OBJ_HT_P(container)->read_dimension)) { + zval *result = EX_VAR(opline->result.var); + zval *retval = Z_OBJ_HT_P(container)->read_dimension(container, opline->op2.zv, BP_VAR_R, result TSRMLS_CC); + + if (retval) { + if (result != retval) { + ZVAL_COPY(result, retval); + } + } else { + ZVAL_NULL(result); + } + } else { + ZVAL_NULL(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -3590,82 +4084,65 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER( USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_CONST == IS_CONST && IS_CONST == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_CONST != IS_CONST && IS_CONST == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_CONST != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; - if (IS_CONST == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = opline->op2.zv; - + function_name = opline->op2.zv; + if (IS_CONST != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_CONST == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CONST == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_CONST == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_CONST == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_CONST == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_CONST != IS_CONST) { @@ -3675,34 +4152,105 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER( if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_CONST != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); + } + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_CONST == IS_UNUSED) { + EX(call)->return_value = NULL; + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_INIT_USER_CALL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *function_name = opline->op2.zv; + zend_fcall_info_cache fcc; + char *error = NULL; + zend_function *func; + zend_class_entry *called_scope; + zend_object *object; + + if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error TSRMLS_CC)) { + if (error) { + efree(error); + } + func = fcc.function_handler; + if (func->common.fn_flags & ZEND_ACC_CLOSURE) { + /* Delay closure destruction until its invocation */ + func->common.prototype = (zend_function*)Z_OBJ_P(function_name); + Z_ADDREF_P(function_name); + } + called_scope = fcc.called_scope; + object = fcc.object; + if (object) { + GC_REFCOUNT(object)++; /* For $this pointer */ + } else if (func->common.scope && + !(func->common.fn_flags & ZEND_ACC_STATIC)) { + if (func->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + func->common.scope->name->val, func->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + func->common.scope->name->val, func->common.function_name->val); + } } + } else { + zend_error(E_WARNING, "%s() expects parameter 1 to be a valid callback, %s", Z_STRVAL_P(opline->op1.zv), error); + efree(error); + func = (zend_function*)&zend_pass_function; + called_scope = NULL; + object = NULL; } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + func, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -3712,11 +4260,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - opline->op1.zv, - opline->op2.zv TSRMLS_CC); + fast_equal_function(result, + opline->op1.zv, + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -3731,9 +4280,9 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCO zend_constant *c; zval *retval; - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - c = CACHED_PTR(opline->op2.literal->cache_slot); - } else if ((c = zend_quick_get_constant(opline->op2.literal + 1, opline->extended_value TSRMLS_CC)) == NULL) { + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + c = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if ((c = zend_quick_get_constant(opline->op2.zv + 1, opline->extended_value TSRMLS_CC)) == NULL) { if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) { char *actual = (char *)zend_memrchr(Z_STRVAL_P(opline->op2.zv), '\\', Z_STRLEN_P(opline->op2.zv)); if(!actual) { @@ -3743,115 +4292,112 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCO } /* non-qualified constant - allow text substitution */ zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); - ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); + ZVAL_STRINGL(EX_VAR(opline->result.var), actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv))); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { - CACHE_PTR(opline->op2.literal->cache_slot, c); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), c); } - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); ZVAL_COPY_VALUE(retval, &c->value); - zval_copy_ctor(retval); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + if (Z_OPT_COPYABLE_P(retval) || Z_OPT_REFCOUNTED_P(retval)) { + if (Z_OPT_COPYABLE_P(retval)) { + zval_copy_ctor_func(retval); + } else { + Z_ADDREF_P(retval); + } + } } else { /* class constant */ zend_class_entry *ce; - zval **value; + zval *value; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - value = CACHED_PTR(opline->op2.literal->cache_slot); - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); - } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + value = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + ZVAL_DEREF(value); + ZVAL_DUP(EX_VAR(opline->result.var), value); + goto constant_fetch_end; + } else if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); + } else { + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, opline->extended_value TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } } else { - ce = EX_T(opline->op1.var).class_entry; - if ((value = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce)) != NULL) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + ce = Z_CE_P(EX_VAR(opline->op1.var)); + if ((value = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce)) != NULL) { + ZVAL_DEREF(value); + ZVAL_DUP(EX_VAR(opline->result.var), value); + goto constant_fetch_end; } } - if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { - if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || - (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { - zend_class_entry *old_scope = EG(scope); - + if (EXPECTED((value = zend_hash_find(&ce->constants_table, Z_STR_P(opline->op2.zv))) != NULL)) { + ZVAL_DEREF(value); + if (Z_CONSTANT_P(value)) { EG(scope) = ce; - zval_update_constant(value, (void *) 1 TSRMLS_CC); - EG(scope) = old_scope; + zval_update_constant(value, 1 TSRMLS_CC); + EG(scope) = EX(scope); } if (IS_CONST == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, value); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), value); } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, value); + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce, value); } - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - } else if (Z_STRLEN_P(opline->op2.zv) == sizeof("class")-1 && strcmp(Z_STRVAL_P(opline->op2.zv), "class") == 0) { + ZVAL_DUP(EX_VAR(opline->result.var), value); + } else if (Z_STRLEN_P(opline->op2.zv) == sizeof("class")-1 && memcmp(Z_STRVAL_P(opline->op2.zv), "class", sizeof("class") - 1) == 0) { /* "class" is assigned as a case-sensitive keyword from zend_do_resolve_class_name */ - ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, ce->name, ce->name_length, 1); + ZVAL_STR_COPY(EX_VAR(opline->result.var), ce->name); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } - - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); } +constant_fetch_end: + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=opline->op1.zv; - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = opline->op1.zv; + if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CONST == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CONST == IS_CV) { + } else if (IS_CONST == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -3859,42 +4405,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_O if (IS_CONST != IS_UNUSED) { zval *offset = opline->op2.zv; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -3902,9 +4457,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CONST != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CONST != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CONST == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CONST != IS_UNUSED @@ -3925,14 +4497,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HA if (IS_CONST == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -3940,28 +4518,23 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HA varname = opline->op1.zv; + ZVAL_UNDEF(&tmp); if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - Z_ADDREF_P(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CONST != IS_CONST && varname == &tmp) { + if (IS_CONST != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - zval_ptr_dtor(&varname); } HANDLE_EXCEPTION(); @@ -3969,23 +4542,19 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HA if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_CONST != IS_CONST && varname == &tmp) { + if (IS_CONST != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - zval_ptr_dtor(&varname); } CHECK_EXCEPTION(); @@ -3995,33 +4564,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_CONST == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zval tmp, *varname = opline->op1.zv; if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -4029,50 +4594,184 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_CONST_HANDLER(ZEND_O zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_CONST != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } +} - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = opline->op2.zv; + + if (IS_CONST != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = opline->op2.zv; + + if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); } + ZVAL_BOOL(EX_VAR(opline->result.var), result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4089,24 +4788,17 @@ static int ZEND_FASTCALL ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCOD name = opline->op1.zv; val = opline->op2.zv; - if ((Z_TYPE_P(val) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE_P(val) == IS_CONSTANT_ARRAY) { - zval tmp; - zval *tmp_ptr = &tmp; - - ZVAL_COPY_VALUE(&tmp, val); - if (Z_TYPE_P(val) == IS_CONSTANT_ARRAY) { - zval_copy_ctor(&tmp); - } - INIT_PZVAL(&tmp); - zval_update_constant(&tmp_ptr, NULL TSRMLS_CC); - c.value = *tmp_ptr; + ZVAL_COPY_VALUE(&c.value, val); + if (Z_OPT_CONSTANT(c.value)) { + zval_update_constant(&c.value, 0 TSRMLS_CC); } else { - INIT_PZVAL_COPY(&c.value, val); - zval_copy_ctor(&c.value); + /* IS_CONST can't be IS_OBJECT, IS_RESOURCE or IS_REFERENCE */ + if (UNEXPECTED(Z_OPT_COPYABLE(c.value))) { + zval_copy_ctor_func(&c.value); + } } c.flags = CONST_CS; /* non persistent, case sensetive */ - c.name = str_strndup(Z_STRVAL_P(name), Z_STRLEN_P(name)); - c.name_len = Z_STRLEN_P(name)+1; + c.name = zend_string_dup(Z_STR_P(name), 0); c.module_number = PHP_USER_CONSTANT; if (zend_register_constant(&c TSRMLS_CC) == FAILURE) { @@ -4121,47 +4813,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CONST != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = opline->op1.zv; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CONST != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_CONST == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -4169,51 +4855,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLE /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CONST == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CONST == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = opline->op1.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CONST == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -4222,44 +4894,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLE zval *key = opline->op2.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -4272,17 +4939,32 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLE ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + opline->op1.zv, + opline->op2.zv TSRMLS_CC); + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4293,11 +4975,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4308,11 +4990,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4323,11 +5005,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4338,11 +5020,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4353,11 +5035,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4368,11 +5050,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4383,11 +5065,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4398,11 +5080,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_H zend_free_op free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4411,15 +5093,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4428,14 +5109,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4444,14 +5125,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4460,14 +5141,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4476,14 +5157,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_O { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4494,11 +5175,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4509,11 +5190,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4524,11 +5205,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4539,11 +5220,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDL zend_free_op free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4552,147 +5233,339 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - if (IS_CONST == IS_TMP_VAR || IS_CONST == IS_CONST) { - zval *container = opline->op1.zv; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *container; - } else { + SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_CONST == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + zval_ptr_dtor_nogc(free_op2.var); + + } else { + if (IS_TMP_VAR == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1, free_op2; + zval *property; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = NULL; + + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CONST, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_CONST == IS_CONST && IS_TMP_VAR == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_CONST != IS_CONST && IS_TMP_VAR == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_TMP_VAR != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; zend_free_op free_op2; - if (IS_TMP_VAR == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - + function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + if (IS_TMP_VAR != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_TMP_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_TMP_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_CONST == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_TMP_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_CONST == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_TMP_VAR != IS_CONST) { - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } } else { if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_CONST != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); + } + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_TMP_VAR == IS_UNUSED) { + EX(call)->return_value = NULL; + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_INIT_USER_CALL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + zend_fcall_info_cache fcc; + char *error = NULL; + zend_function *func; + zend_class_entry *called_scope; + zend_object *object; + + if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error TSRMLS_CC)) { + if (error) { + efree(error); + } + func = fcc.function_handler; + if (func->common.fn_flags & ZEND_ACC_CLOSURE) { + /* Delay closure destruction until its invocation */ + func->common.prototype = (zend_function*)Z_OBJ_P(function_name); + Z_ADDREF_P(function_name); + } + called_scope = fcc.called_scope; + object = fcc.object; + if (object) { + GC_REFCOUNT(object)++; /* For $this pointer */ + } else if (func->common.scope && + !(func->common.fn_flags & ZEND_ACC_STATIC)) { + if (func->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + func->common.scope->name->val, func->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + func->common.scope->name->val, func->common.function_name->val); + } } + } else { + zend_error(E_WARNING, "%s() expects parameter 1 to be a valid callback, %s", Z_STRVAL_P(opline->op1.zv), error); + efree(error); + func = (zend_function*)&zend_pass_function; + called_scope = NULL; + object = NULL; } - call->is_ctor_call = 0; - EX(call) = call; + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + func, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4701,13 +5574,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_A { USE_OPLINE zend_free_op free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + opline->op1.zv, + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4716,35 +5590,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPC { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=opline->op1.zv; - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = opline->op1.zv; + if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CONST == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CONST == IS_CV) { + } else if (IS_CONST == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -4752,42 +5624,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPC if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -4795,9 +5676,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CONST != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CONST != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CONST == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CONST != IS_UNUSED @@ -4807,51 +5705,192 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HAN } } +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_CONST != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } + } + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CONST != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = opline->op1.zv; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CONST != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_CONST == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -4859,51 +5898,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CONST == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CONST == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = opline->op1.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CONST == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -4912,44 +5937,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ zval *key = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -4962,17 +5982,32 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + opline->op1.zv, + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4983,11 +6018,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4998,11 +6033,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5013,11 +6048,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5028,11 +6063,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5043,11 +6078,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5058,11 +6093,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5073,11 +6108,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5088,11 +6123,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_H zend_free_op free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5101,15 +6136,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5118,14 +6152,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5134,14 +6168,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5150,14 +6184,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5166,14 +6200,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_O { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5184,11 +6218,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5199,11 +6233,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5214,11 +6248,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5229,11 +6263,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDL zend_free_op free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5241,128 +6275,113 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST_VAR(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1; + zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = opline->op1.zv; - if (IS_CONST != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_CONST == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CONST != IS_CONST) { + zend_string_release(name); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + retval = zend_std_get_static_property(ce, name, 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_CONST == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_CONST != IS_TMP_VAR) { - + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; - case ZEND_FETCH_LOCAL: + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_CONST == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - break; } } - - if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CONST != IS_CONST) { + zend_string_release(name); } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); - } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -5387,7 +6406,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_CONST_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_CONST_VAR(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_CONST_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -5404,162 +6427,355 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); - if (IS_CONST == IS_TMP_VAR || IS_CONST == IS_CONST) { - zval *container = opline->op1.zv; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *container; + + SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_CONST == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + zval_ptr_dtor_nogc(free_op2.var); + + } else { + if (IS_VAR == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1, free_op2; + zval *property; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = NULL; + + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CONST, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_CONST == IS_CONST && IS_VAR == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_CONST != IS_CONST && IS_VAR == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_VAR != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; zend_free_op free_op2; - if (IS_VAR == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - + function_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + if (IS_VAR != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_CONST == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_CONST == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_VAR != IS_CONST) { - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } } else { if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_CONST != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_VAR == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_INIT_USER_CALL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *function_name = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + zend_fcall_info_cache fcc; + char *error = NULL; + zend_function *func; + zend_class_entry *called_scope; + zend_object *object; + + if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error TSRMLS_CC)) { + if (error) { + efree(error); + } + func = fcc.function_handler; + if (func->common.fn_flags & ZEND_ACC_CLOSURE) { + /* Delay closure destruction until its invocation */ + func->common.prototype = (zend_function*)Z_OBJ_P(function_name); + Z_ADDREF_P(function_name); + } + called_scope = fcc.called_scope; + object = fcc.object; + if (object) { + GC_REFCOUNT(object)++; /* For $this pointer */ + } else if (func->common.scope && + !(func->common.fn_flags & ZEND_ACC_STATIC)) { + if (func->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + func->common.scope->name->val, func->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + func->common.scope->name->val, func->common.function_name->val); + } + } + } else { + zend_error(E_WARNING, "%s() expects parameter 1 to be a valid callback, %s", Z_STRVAL_P(opline->op1.zv), error); + efree(error); + func = (zend_function*)&zend_pass_function; + called_scope = NULL; + object = NULL; + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + func, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + opline->op1.zv, + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5568,35 +6784,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPC { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=opline->op1.zv; - if (0) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = opline->op1.zv; + if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CONST == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CONST == IS_CV) { + } else if (IS_CONST == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -5604,42 +6818,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPC if (IS_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -5647,9 +6870,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CONST != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CONST != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CONST == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CONST != IS_UNUSED @@ -5670,14 +6910,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HAND if (IS_CONST == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); + + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -5685,28 +6931,23 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HAND varname = opline->op1.zv; + ZVAL_UNDEF(&tmp); if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - Z_ADDREF_P(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CONST != IS_CONST && varname == &tmp) { + if (IS_CONST != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - zval_ptr_dtor(&varname); } HANDLE_EXCEPTION(); @@ -5714,23 +6955,19 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HAND if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_CONST != IS_CONST && varname == &tmp) { + if (IS_CONST != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - zval_ptr_dtor(&varname); } CHECK_EXCEPTION(); @@ -5740,33 +6977,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_CONST == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zval tmp, *varname = opline->op1.zv; if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -5774,50 +7007,186 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_VAR_HANDLER(ZEND_OPC zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_CONST != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } +} - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_CONST != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); } + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -5826,47 +7195,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CONST != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = opline->op1.zv; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CONST != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_CONST == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -5874,51 +7237,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CONST == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CONST == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = opline->op1.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CONST == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -5927,45 +7276,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ zval *key = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); + zval_ptr_dtor_nogc(free_op2.var); + } else { + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); } - - generator->key = copy; - } else { - Z_ADDREF_P(key); - generator->key = key; } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - - zval_ptr_dtor(&free_op2.var); } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -5978,131 +7321,131 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + opline->op1.zv, + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST_UNUSED(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1; + zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = opline->op1.zv; - if (IS_CONST != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_CONST == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CONST != IS_CONST) { + zend_string_release(name); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + retval = zend_std_get_static_property(ce, name, 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_CONST == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_CONST != IS_TMP_VAR) { - + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; - case ZEND_FETCH_LOCAL: + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_CONST == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - break; } } - - if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_CONST != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -6127,7 +7470,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CONST_UNUSED_HANDLER(ZEND_OPC { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_CONST_UNUSED(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_CONST_UNUSED(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_CONST_UNUSED(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -6140,87 +7487,105 @@ static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HA return zend_fetch_var_address_helper_SPEC_CONST_UNUSED(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = NULL; + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + + } else { + if (IS_UNUSED == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + + + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_CONST == IS_CONST && IS_UNUSED == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_CONST != IS_CONST && IS_UNUSED == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_UNUSED != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; - - if (IS_UNUSED == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = NULL; + function_name = NULL; + if (IS_UNUSED != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_UNUSED == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_UNUSED == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_CONST == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_UNUSED == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_UNUSED == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_CONST == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_UNUSED != IS_CONST) { @@ -6230,34 +7595,52 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_CONST != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_UNUSED == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -6267,35 +7650,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_ { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=opline->op1.zv; - if (0) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = opline->op1.zv; + if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CONST == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CONST == IS_CV) { + } else if (IS_CONST == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -6303,42 +7684,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_ if (IS_UNUSED != IS_UNUSED) { zval *offset = NULL; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_UNUSED == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_UNUSED != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -6346,9 +7736,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CONST != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CONST != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CONST == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CONST != IS_UNUSED @@ -6369,14 +7776,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_H if (IS_CONST == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -6384,28 +7797,23 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_H varname = opline->op1.zv; + ZVAL_UNDEF(&tmp); if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - Z_ADDREF_P(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CONST != IS_CONST && varname == &tmp) { + if (IS_CONST != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - zval_ptr_dtor(&varname); } HANDLE_EXCEPTION(); @@ -6413,23 +7821,19 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_H if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_CONST != IS_CONST && varname == &tmp) { + if (IS_CONST != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { - zval_ptr_dtor(&varname); } CHECK_EXCEPTION(); @@ -6439,33 +7843,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_CONST == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zval tmp, *varname = opline->op1.zv; if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -6473,67 +7873,63 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_UNUSED_HANDLER(ZEND_ zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_CONST == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_CONST != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } static int ZEND_FASTCALL ZEND_DECLARE_LAMBDA_FUNCTION_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_function *op_array; + zval *zfunc; + int closure_is_static, closure_is_being_defined_inside_static_context; SAVE_OPLINE(); - if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void *) &op_array) == FAILURE) || - UNEXPECTED(op_array->type != ZEND_USER_FUNCTION)) { + if (UNEXPECTED((zfunc = zend_hash_find(EG(function_table), Z_STR_P(opline->op1.zv))) == NULL) || + UNEXPECTED(Z_FUNC_P(zfunc)->type != ZEND_USER_FUNCTION)) { zend_error_noreturn(E_ERROR, "Base lambda function for closure not found"); } - zend_create_closure(&EX_T(opline->result.var).tmp_var, (zend_function *) op_array, EG(scope), EG(This) TSRMLS_CC); + closure_is_static = Z_FUNC_P(zfunc)->common.fn_flags & ZEND_ACC_STATIC; + closure_is_being_defined_inside_static_context = EX(func)->common.fn_flags & ZEND_ACC_STATIC; + if (closure_is_static || closure_is_being_defined_inside_static_context) { + zend_create_closure(EX_VAR(opline->result.var), Z_FUNC_P(zfunc), EX(called_scope), NULL TSRMLS_CC); + } else { + zend_create_closure(EX_VAR(opline->result.var), Z_FUNC_P(zfunc), EX(scope), Z_OBJ(EX(This)) ? &EX(This) : NULL TSRMLS_CC); + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -6543,47 +7939,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CONST != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = opline->op1.zv; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CONST != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_CONST == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -6591,51 +7981,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDL /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CONST == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CONST == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = opline->op1.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CONST == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -6644,44 +8020,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDL zval *key = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_UNUSED == IS_VAR || IS_UNUSED == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_UNUSED == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -6700,7 +8071,7 @@ static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -6715,7 +8086,7 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -6730,7 +8101,7 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -6745,7 +8116,7 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), opline->op1.zv, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -6760,9 +8131,9 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6775,9 +8146,9 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6790,9 +8161,9 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6805,9 +8176,9 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6820,9 +8191,9 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HA SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6833,13 +8204,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCOD { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6850,12 +8220,12 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6866,12 +8236,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HA { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6882,12 +8252,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6898,12 +8268,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OP { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6916,9 +8286,9 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6931,9 +8301,9 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6946,9 +8316,9 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6961,9 +8331,9 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLE SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -6974,109 +8344,227 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE - zval **container; + zval *container; SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_CONST == IS_TMP_VAR || IS_CONST == IS_CONST) { - zval *container = opline->op1.zv; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + SAVE_OPLINE(); + container = opline->op1.zv; + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + + } else { + if (IS_CV == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = opline->op1.zv; + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + + + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; - if (IS_CONST == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if ((IS_CONST != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1; + zval *property; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + container = NULL; + + if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_CONST == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CONST, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + + if (IS_CONST == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_CONST == IS_CONST && IS_CV == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_CONST != IS_CONST && IS_CV == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_CV != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; - - if (IS_CV == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + if (IS_CV != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_CV == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CV == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_CONST == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_CV == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_CONST == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_CV != IS_CONST) { @@ -7086,34 +8574,105 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEN if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_CONST != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_CV == IS_UNUSED) { + EX(call)->return_value = NULL; + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_INIT_USER_CALL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *function_name = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + zend_fcall_info_cache fcc; + char *error = NULL; + zend_function *func; + zend_class_entry *called_scope; + zend_object *object; + + if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error TSRMLS_CC)) { + if (error) { + efree(error); + } + func = fcc.function_handler; + if (func->common.fn_flags & ZEND_ACC_CLOSURE) { + /* Delay closure destruction until its invocation */ + func->common.prototype = (zend_function*)Z_OBJ_P(function_name); + Z_ADDREF_P(function_name); + } + called_scope = fcc.called_scope; + object = fcc.object; + if (object) { + GC_REFCOUNT(object)++; /* For $this pointer */ + } else if (func->common.scope && + !(func->common.fn_flags & ZEND_ACC_STATIC)) { + if (func->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error(E_STRICT, + "Non-static method %s::%s() should not be called statically", + func->common.scope->name->val, func->common.function_name->val); + } else { + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically", + func->common.scope->name->val, func->common.function_name->val); + } + } + } else { + zend_error(E_WARNING, "%s() expects parameter 1 to be a valid callback, %s", Z_STRVAL_P(opline->op1.zv), error); + efree(error); + func = (zend_function*)&zend_pass_function; + called_scope = NULL; + object = NULL; + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + func, opline->extended_value, called_scope, object, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -7123,23 +8682,23 @@ static int ZEND_FASTCALL ZEND_CATCH_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A { USE_OPLINE zend_class_entry *ce, *catch_ce; - zval *exception; + zend_object *exception; SAVE_OPLINE(); /* Check whether an exception has been thrown, if not, jump over code */ zend_exception_restore(TSRMLS_C); if (EG(exception) == NULL) { - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[opline->extended_value]); ZEND_VM_CONTINUE(); /* CHECK_ME */ } - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - catch_ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + catch_ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - catch_ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, ZEND_FETCH_CLASS_NO_AUTOLOAD TSRMLS_CC); + catch_ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_NO_AUTOLOAD TSRMLS_CC); - CACHE_PTR(opline->op1.literal->cache_slot, catch_ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), catch_ce); } - ce = Z_OBJCE_P(EG(exception)); + ce = EG(exception)->ce; #ifdef HAVE_DTRACE if (DTRACE_EXCEPTION_CAUGHT_ENABLED()) { @@ -7153,25 +8712,18 @@ static int ZEND_FASTCALL ZEND_CATCH_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + ZEND_VM_SET_OPCODE(&EX(func)->op_array.opcodes[opline->extended_value]); ZEND_VM_CONTINUE(); /* CHECK_ME */ } } exception = EG(exception); - if (!EG(active_symbol_table)) { - if (EX_CV(opline->op2.var)) { - zval_ptr_dtor(EX_CV(opline->op2.var)); - } - EX_CV(opline->op2.var) = (zval**)EX_CV_NUM(execute_data, EX(op_array)->last_var + opline->op2.var); - *EX_CV(opline->op2.var) = EG(exception); - } else { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op2.var); - zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, - &EG(exception), sizeof(zval *), (void**)&EX_CV(opline->op2.var)); + if (Z_REFCOUNTED_P(EX_VAR(opline->op2.var))) { + zval_ptr_dtor(EX_VAR(opline->op2.var)); } + ZVAL_OBJ(EX_VAR(opline->op2.var), EG(exception)); if (UNEXPECTED(EG(exception) != exception)) { - Z_ADDREF_P(EG(exception)); + GC_REFCOUNT(EG(exception))++; HANDLE_EXCEPTION(); } else { EG(exception) = NULL; @@ -7183,11 +8735,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_AR { USE_OPLINE + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - opline->op1.zv, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + opline->op1.zv, + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -7197,35 +8750,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCO { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_CONST == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=opline->op1.zv; - if (0) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = opline->op1.zv; + if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CONST == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CONST == IS_CV) { + } else if (IS_CONST == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -7233,42 +8784,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCO if (IS_CV != IS_UNUSED) { zval *offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -7276,9 +8836,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CONST != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CONST != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CONST == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CONST != IS_UNUSED @@ -7288,51 +8865,190 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HAND } } +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_CONST != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } + } + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = opline->op1.zv; + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_CONST == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CONST != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = opline->op1.zv; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CONST != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_CONST == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -7340,51 +9056,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CONST == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CONST == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = opline->op1.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CONST == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -7393,44 +9095,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A zval *key = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -7443,15 +9140,30 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + opline->op1.zv, + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; SAVE_OPLINE(); - bitwise_not_function(&EX_T(opline->result.var).tmp_var, + bitwise_not_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -7462,9 +9174,9 @@ static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - boolean_not_function(&EX_T(opline->result.var).tmp_var, + boolean_not_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -7478,12 +9190,9 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); z = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) { - INIT_PZVAL(z); - } - zend_print_variable(z); + zend_print_variable(z TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -7492,7 +9201,7 @@ static int ZEND_FASTCALL ZEND_PRINT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); + ZVAL_LONG(EX_VAR(opline->result.var), 1); return ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } @@ -7501,29 +9210,30 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *val; - int ret; SAVE_OPLINE(); val = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - zval_dtor(free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_TMP_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (!ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); - } - ZEND_VM_NEXT_OPCODE(); + if (i_zend_is_true(val TSRMLS_CC)) { + opline++; + } else { + opline = opline->op2.jmp_addr; + } + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -7531,29 +9241,30 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *val; - int ret; SAVE_OPLINE(); val = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - zval_dtor(free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_TMP_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - if (ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); - } - ZEND_VM_NEXT_OPCODE(); + if (i_zend_is_true(val TSRMLS_CC)) { + opline = opline->op2.jmp_addr; + } else { + opline++; + } + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -7561,33 +9272,30 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *val; - int retval; SAVE_OPLINE(); val = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - zval_dtor(free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_TMP_VAR == IS_TMP_VAR) { + if (EXPECTED(Z_TYPE_P(val) == IS_TRUE)) { + ZEND_VM_SET_RELATIVE_OPCODE(opline, opline->extended_value); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (EXPECTED(retval != 0)) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on true to %d\n", opline->extended_value); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + + if (i_zend_is_true(val TSRMLS_CC)) { + opline = (zend_op*)(((char*)opline) + opline->extended_value); } else { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on false to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + opline = opline->op2.jmp_addr; + } + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -7595,30 +9303,34 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS USE_OPLINE zend_free_op free_op1; zval *val; - int retval; SAVE_OPLINE(); val = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - zval_dtor(free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_TMP_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (!retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline++; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; } - ZEND_VM_NEXT_OPCODE(); + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -7626,30 +9338,33 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG USE_OPLINE zend_free_op free_op1; zval *val; - int retval; SAVE_OPLINE(); val = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - zval_dtor(free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_TMP_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline++; } - ZEND_VM_NEXT_OPCODE(); + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_FREE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -7657,11 +9372,7 @@ static int ZEND_FASTCALL ZEND_FREE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE SAVE_OPLINE(); - if (IS_TMP_VAR == IS_TMP_VAR) { - zendi_zval_dtor(EX_T(opline->op1.var).tmp_var); - } else { - zval_ptr_dtor(&EX_T(opline->op1.var).var.ptr); - } + zval_ptr_dtor_nogc(EX_VAR(opline->op1.var)); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -7675,34 +9386,23 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); retval_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (!EG(return_value_ptr_ptr)) { - zval_dtor(free_op1.var); + if (!EX(return_value)) { + zval_ptr_dtor_nogc(free_op1.var); } else { - if (IS_TMP_VAR == IS_CONST || - IS_TMP_VAR == IS_TMP_VAR || - PZVAL_IS_REF(retval_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - if (IS_TMP_VAR != IS_TMP_VAR) { - zval_copy_ctor(ret); + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(EX(return_value)))) { + zval_copy_ctor_func(EX(return_value)); + } } - *EG(return_value_ptr_ptr) = ret; - - } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && - retval_ptr == &EG(uninitialized_zval)) { - zval *ret; + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(retval_ptr)) { + ZVAL_COPY(EX(return_value), Z_REFVAL_P(retval_ptr)); - if (IS_TMP_VAR == IS_VAR) { - Z_DELREF_P(retval_ptr); - } - ALLOC_INIT_ZVAL(ret); - *EG(return_value_ptr_ptr) = ret; } else { - *EG(return_value_ptr_ptr) = retval_ptr; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(retval_ptr); + if (Z_OPT_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } } } @@ -7713,66 +9413,56 @@ static int ZEND_FASTCALL ZEND_RETURN_BY_REF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zval *retval_ptr; - zval **retval_ptr_ptr; zend_free_op free_op1; SAVE_OPLINE(); do { - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR || + (IS_TMP_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_VALUE)) { /* Not supposed to happen, but we'll allow it */ zend_error(E_NOTICE, "Only variable references should be returned by reference"); retval_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (!EG(return_value_ptr_ptr)) { + if (!EX(return_value)) { if (IS_TMP_VAR == IS_TMP_VAR) { - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } - } else if (!1) { /* Not a temp var */ - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; } else { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - *EG(return_value_ptr_ptr) = ret; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (IS_TMP_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor_no_imm(EX(return_value)); + } } break; } - retval_ptr_ptr = NULL; + retval_ptr = NULL; - if (IS_TMP_VAR == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(retval_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } - if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) { + if (IS_TMP_VAR == IS_VAR && !Z_ISREF_P(retval_ptr)) { if (opline->extended_value == ZEND_RETURNS_FUNCTION && - EX_T(opline->op1.var).var.fcall_returned_reference) { - } else if (EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + (Z_VAR_FLAGS_P(retval_ptr) & IS_VAR_RET_REF)) { + } else { zend_error(E_NOTICE, "Only variable references should be returned by reference"); - if (EG(return_value_ptr_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, *retval_ptr_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; + if (EX(return_value)) { + ZVAL_NEW_REF(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (Z_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } break; } } - if (EG(return_value_ptr_ptr)) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr); - Z_ADDREF_PP(retval_ptr_ptr); - - *EG(return_value_ptr_ptr) = *retval_ptr_ptr; + if (EX(return_value)) { + ZVAL_MAKE_REF(retval_ptr); + Z_ADDREF_P(retval_ptr); + ZVAL_REF(EX(return_value), Z_REF_P(retval_ptr)); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; } } while (0); @@ -7783,7 +9473,6 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *value; - zval *exception; zend_free_op free_op1; SAVE_OPLINE(); @@ -7797,14 +9486,11 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } zend_exception_save(TSRMLS_C); - /* Not sure if a complete copy is what we want here */ - ALLOC_ZVAL(exception); - INIT_PZVAL_COPY(exception, value); - if (!1) { - zval_copy_ctor(exception); + if (IS_TMP_VAR != IS_TMP_VAR) { + if (Z_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - zend_throw_exception_object(exception TSRMLS_CC); + zend_throw_exception_object(value TSRMLS_CC); zend_exception_restore(TSRMLS_C); HANDLE_EXCEPTION(); @@ -7813,28 +9499,41 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value, *arg; + zend_free_op free_op1; SAVE_OPLINE(); - if (opline->extended_value==ZEND_DO_FCALL_BY_NAME - && ARG_MUST_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { - zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); + value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY_VALUE(arg, value); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(arg))) { + zval_copy_ctor_func(arg); + } } - { - zval *valptr; - zval *value; - zend_free_op free_op1; + ZEND_VM_NEXT_OPCODE(); +} - value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); +static int ZEND_FASTCALL ZEND_SEND_VAL_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *value, *arg; + zend_free_op free_op1; - ALLOC_ZVAL(valptr); - INIT_PZVAL_COPY(valptr, value); - if (!1) { - zval_copy_ctor(valptr); + SAVE_OPLINE(); + if (ARG_MUST_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.num); + } + value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY_VALUE(arg, value); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(arg))) { + zval_copy_ctor_func(arg); } - zend_vm_stack_push(valptr TSRMLS_CC); - } - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -7842,12 +9541,12 @@ static int ZEND_FASTCALL ZEND_BOOL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *retval = EX_VAR(opline->result.var); SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC))); - zval_dtor(free_op1.var); + ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC)); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -7866,7 +9565,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) obj = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_TMP_VAR == IS_CONST || - UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { + (IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT))) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } @@ -7878,7 +9577,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) clone_call = Z_OBJ_HT_P(obj)->clone_obj; if (UNEXPECTED(clone_call == NULL)) { if (ce) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); + zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name->val); } else { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object"); } @@ -7888,30 +9587,22 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (UNEXPECTED(ce != EG(scope))) { - zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(ce != EX(scope))) { + zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EG(scope)))) { - zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EX(scope)))) { + zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } } if (EXPECTED(EG(exception) == NULL)) { - zval *retval; - - ALLOC_ZVAL(retval); - Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(retval) = IS_OBJECT; - Z_SET_REFCOUNT_P(retval, 1); - Z_SET_ISREF_P(retval); + ZVAL_OBJ(EX_VAR(opline->result.var), clone_call(obj TSRMLS_CC)); if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&retval); - } else { - AI_SET_PTR(&EX_T(opline->result.var), retval); + zval_ptr_dtor(EX_VAR(opline->result.var)); } } @@ -7924,56 +9615,98 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *expr; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); expr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (opline->extended_value != IS_STRING) { - ZVAL_COPY_VALUE(result, expr); - if (!1) { - zendi_zval_copy_ctor(*result); - } - } switch (opline->extended_value) { case IS_NULL: - convert_to_null(result); + /* This code is taken from convert_to_null. However, it does not seems very useful, + * because a conversion to null always results in the same value. This could only + * be relevant if a cast_object handler for IS_NULL has some kind of side-effect. */ +#if 0 + if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { + ZVAL_DEREF(expr); + } + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->cast_object) { + if (Z_OBJ_HT_P(expr)->cast_object(expr, result, IS_NULL TSRMLS_CC) == SUCCESS) { + break; + } + } +#endif + + ZVAL_NULL(result); break; - case IS_BOOL: - convert_to_boolean(result); + case _IS_BOOL: + ZVAL_BOOL(result, zend_is_true(expr TSRMLS_CC)); break; case IS_LONG: - convert_to_long(result); + ZVAL_LONG(result, zval_get_long(expr)); break; case IS_DOUBLE: - convert_to_double(result); + ZVAL_DOUBLE(result, zval_get_double(expr)); break; - case IS_STRING: { - zval var_copy; - int use_copy; + case IS_STRING: + ZVAL_STR(result, zval_get_string(expr)); + break; + default: + /* If value is already of correct type, return it directly */ + if (Z_TYPE_P(expr) == opline->extended_value) { + ZVAL_COPY_VALUE(result, expr); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(result))) { + zval_copy_ctor_func(result); + } + } else if (IS_TMP_VAR != IS_TMP_VAR) { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } - zend_make_printable_zval(expr, &var_copy, &use_copy); - if (use_copy) { - ZVAL_COPY_VALUE(result, &var_copy); - if (1) { - zval_dtor(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + + if (opline->extended_value == IS_ARRAY) { + if (Z_TYPE_P(expr) != IS_OBJECT) { + ZVAL_NEW_ARR(result); + zend_hash_init(Z_ARRVAL_P(result), 8, NULL, ZVAL_PTR_DTOR, 0); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_index_add_new(Z_ARRVAL_P(result), 0, expr); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + Z_ADDREF_P(result); + convert_to_array(result); } } else { - ZVAL_COPY_VALUE(result, expr); - if (!1) { - zendi_zval_copy_ctor(*result); + if (Z_TYPE_P(expr) != IS_ARRAY) { + object_init(result); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_str_add_new(Z_OBJPROP_P(result), "scalar", sizeof("scalar")-1, expr); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + zval_opt_copy_ctor(result); + convert_to_object(result); } } - break; - } - case IS_ARRAY: - convert_to_array(result); - break; - case IS_OBJECT: - convert_to_object(result); - break; } + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -7984,18 +9717,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND zend_op_array *new_op_array=NULL; zend_free_op free_op1; zval *inc_filename; - zval *tmp_inc_filename = NULL; + zval tmp_inc_filename; zend_bool failure_retval=0; SAVE_OPLINE(); inc_filename = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (inc_filename->type!=IS_STRING) { - MAKE_STD_ZVAL(tmp_inc_filename); - ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename); - zval_copy_ctor(tmp_inc_filename); - convert_to_string(tmp_inc_filename); - inc_filename = tmp_inc_filename; + ZVAL_UNDEF(&tmp_inc_filename); + if (Z_TYPE_P(inc_filename) != IS_STRING) { + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); + inc_filename = &tmp_inc_filename; } if (opline->extended_value != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { @@ -8011,9 +9742,9 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND zend_file_handle file_handle; char *resolved_path; - resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC); + resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), (int)Z_STRLEN_P(inc_filename) TSRMLS_CC); if (resolved_path) { - failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1); + failure_retval = zend_hash_str_exists(&EG(included_files), resolved_path, (int)strlen(resolved_path)); } else { resolved_path = Z_STRVAL_P(inc_filename); } @@ -8026,7 +9757,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND file_handle.opened_path = estrdup(resolved_path); } - if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) { + if (zend_hash_str_add_empty_element(&EG(included_files), file_handle.opened_path, (int)strlen(file_handle.opened_path))) { new_op_array = zend_compile_file(&file_handle, (opline->extended_value==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC); zend_destroy_file_handle(&file_handle TSRMLS_CC); } else { @@ -8059,55 +9790,47 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND EMPTY_SWITCH_DEFAULT_CASE() } } - if (tmp_inc_filename) { + if (Z_TYPE(tmp_inc_filename) != IS_UNDEF) { zval_ptr_dtor(&tmp_inc_filename); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } else if (EXPECTED(new_op_array != NULL)) { - EX(original_return_value) = EG(return_value_ptr_ptr); - EG(active_op_array) = new_op_array; + zval *return_value = NULL; + zend_execute_data *call; + if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr = NULL; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; - } else { - EG(return_value_ptr_ptr) = NULL; + return_value = EX_VAR(opline->result.var); } - EX(function_state).function = (zend_function *) new_op_array; - EX(object) = NULL; + call = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_CODE, + (zend_function*)new_op_array, 0, EX(called_scope), Z_OBJ(EX(This)), NULL TSRMLS_CC); - if (!EG(active_symbol_table)) { - zend_rebuild_symbol_table(TSRMLS_C); + if (EX(symbol_table)) { + call->symbol_table = EX(symbol_table); + } else { + call->symbol_table = zend_rebuild_symbol_table(TSRMLS_C); } + call->prev_execute_data = execute_data; + i_init_code_execute_data(call, new_op_array, return_value TSRMLS_CC); if (EXPECTED(zend_execute_ex == execute_ex)) { ZEND_VM_ENTER(); } else { - zend_execute(new_op_array TSRMLS_CC); + call->frame_info = VM_FRAME_TOP_CODE; + zend_execute_ex(call TSRMLS_CC); } - EX(function_state).function = (zend_function *) EX(op_array); - - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); - efree(new_op_array); + efree_size(new_op_array, sizeof(zend_op_array)); if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } else if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_BOOL(retval, failure_retval); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_BOOL(EX_VAR(opline->result.var), failure_retval); } ZEND_VM_NEXT_OPCODE(); } @@ -8116,7 +9839,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1; - zval *array_ptr, **array_ptr_ptr; + zval *array_ptr, *array_ref, iterator, tmp; HashTable *fe_ht; zend_object_iterator *iter = NULL; zend_class_entry *ce = NULL; @@ -8125,104 +9848,119 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && - (opline->extended_value & ZEND_FE_RESET_VARIABLE)) { - array_ptr_ptr = NULL; - if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - MAKE_STD_ZVAL(array_ptr); - ZVAL_NULL(array_ptr); - } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { - if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { - zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); - } - - ce = Z_OBJCE_PP(array_ptr_ptr); - if (!ce || ce->get_iterator == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - Z_ADDREF_PP(array_ptr_ptr); + (opline->extended_value & ZEND_FE_FETCH_BYREF)) { + array_ptr = array_ref = NULL; + ZVAL_DEREF(array_ptr); + if (Z_TYPE_P(array_ptr) == IS_ARRAY) { + SEPARATE_ARRAY(array_ptr); + if (!Z_ISREF_P(array_ref)) { + ZVAL_NEW_REF(array_ref, array_ref); + array_ptr = Z_REFVAL_P(array_ref); + } + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); + } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { + ce = Z_OBJCE_P(array_ptr); + if (ce->get_iterator == NULL) { + Z_ADDREF_P(array_ptr); } - array_ptr = *array_ptr_ptr; + array_ref = array_ptr; } else { - if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - if (opline->extended_value & ZEND_FE_FETCH_BYREF) { - Z_SET_ISREF_PP(array_ptr_ptr); - } - } - array_ptr = *array_ptr_ptr; - Z_ADDREF_P(array_ptr); + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); } } else { - array_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { /* IS_TMP_VAR */ - zval *tmp; - - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - array_ptr = tmp; + array_ptr = array_ref = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_DEREF(array_ptr); + if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&tmp, array_ptr); + if (Z_OPT_IMMUTABLE_P(&tmp)) { + zval_copy_ctor_func(&tmp); + } + array_ref = array_ptr = &tmp; if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); if (ce && ce->get_iterator) { - Z_DELREF_P(array_ptr); + Z_DELREF_P(array_ref); } } } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); - if (!ce || !ce->get_iterator) { + if (!ce->get_iterator) { if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(array_ptr); + Z_ADDREF_P(array_ref); } } - } else if (IS_TMP_VAR == IS_CONST || - (IS_TMP_VAR == IS_CV && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 1) || - (IS_TMP_VAR == IS_VAR && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 2)) { - zval *tmp; - - if (IS_TMP_VAR == IS_VAR) { - Z_DELREF_P(array_ptr); + } else if (Z_IMMUTABLE_P(array_ref)) { + if (IS_TMP_VAR == IS_CV) { + zval_copy_ctor_func(array_ref); + Z_ADDREF_P(array_ref); + } else { + ZVAL_COPY_VALUE(&tmp, array_ref); + zval_copy_ctor_func(&tmp); + array_ptr = array_ref = &tmp; + } + } else if (Z_REFCOUNTED_P(array_ref)) { + if (IS_TMP_VAR == IS_CONST || + (IS_TMP_VAR == IS_CV && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 1) || + (IS_TMP_VAR == IS_VAR && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 2)) { + if (IS_TMP_VAR == IS_VAR) { + Z_DELREF_P(array_ref); + } + ZVAL_DUP(&tmp, array_ref); + array_ptr = array_ref = &tmp; + } else if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { + if (Z_ISREF_P(array_ref) && Z_REFCOUNT_P(array_ref) == 1) { + ZVAL_UNREF(array_ref); + array_ptr = array_ref; + } + if (Z_IMMUTABLE_P(array_ptr)) { + zval_copy_ctor_func(array_ptr); + } else if (Z_ISREF_P(array_ref) && + Z_COPYABLE_P(array_ptr) && + Z_REFCOUNT_P(array_ptr) > 1) { + Z_DELREF_P(array_ptr); + zval_copy_ctor_func(array_ptr); + } + if (IS_TMP_VAR == IS_CV) { + Z_ADDREF_P(array_ref); + } } - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - zval_copy_ctor(tmp); - array_ptr = tmp; - } else if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(array_ptr); } } if (ce && ce->get_iterator) { - iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); + iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_FETCH_BYREF TSRMLS_CC); - if (IS_TMP_VAR == IS_VAR && !(opline->extended_value & ZEND_FE_RESET_VARIABLE)) { + if (IS_TMP_VAR == IS_VAR && !(opline->extended_value & ZEND_FE_FETCH_BYREF)) { } if (iter && EXPECTED(EG(exception) == NULL)) { - array_ptr = zend_iterator_wrap(iter TSRMLS_CC); + ZVAL_OBJ(&iterator, &iter->std); + array_ptr = array_ref = &iterator; } else { - if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } if (!EG(exception)) { - zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); + zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name->val); } zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } - EX_T(opline->result.var).fe.ptr = array_ptr; + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), array_ref); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + zval_ptr_dtor(array_ref); + if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } HANDLE_EXCEPTION(); @@ -8230,44 +9968,56 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + zval_ptr_dtor(array_ref); + if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { - zend_hash_internal_pointer_reset(fe_ht); - if (ce) { - zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC); - while (zend_hash_has_more_elements(fe_ht) == SUCCESS) { - char *str_key; - uint str_key_len; - ulong int_key; - zend_uchar key_type; - - key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL); - if (key_type != HASH_KEY_NON_EXISTENT && - (key_type == HASH_KEY_IS_LONG || - zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) { - break; + HashPointer *ptr = (HashPointer*)EX_VAR((opline+2)->op1.var); + HashPosition pos = 0; + Bucket *p; + + while (1) { + if (pos >= fe_ht->nNumUsed) { + is_empty = 1; + if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + } - zend_hash_move_forward(fe_ht); + ZEND_VM_JMP(opline->op2.jmp_addr); + } + p = fe_ht->arData + pos; + if (Z_TYPE(p->val) == IS_UNDEF || + (Z_TYPE(p->val) == IS_INDIRECT && + Z_TYPE_P(Z_INDIRECT(p->val)) == IS_UNDEF)) { + pos++; + continue; } + if (!ce || + !p->key || + zend_check_property_access(Z_OBJ_P(array_ptr), p->key TSRMLS_CC) == SUCCESS) { + break; + } + pos++; } - is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS; - zend_hash_get_pointer(fe_ht, &EX_T(opline->result.var).fe.fe_pos); + fe_ht->nInternalPointer = pos; + ptr->pos = pos; + ptr->ht = fe_ht; + ptr->h = fe_ht->arData[pos].h; + ptr->key = fe_ht->arData[pos].key; + is_empty = 0; } else { zend_error(E_WARNING, "Invalid argument supplied for foreach()"); is_empty = 1; } - if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + if (IS_TMP_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } if (is_empty) { - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); } else { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8287,9 +10037,9 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); } else { - zend_print_variable(ptr); + zend_print_variable(ptr TSRMLS_CC); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } #endif zend_bailout(); @@ -8299,29 +10049,14 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_END_SILENCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval restored_error_reporting; SAVE_OPLINE(); - if (!EG(error_reporting) && Z_LVAL(EX_T(opline->op1.var).tmp_var) != 0) { - Z_TYPE(restored_error_reporting) = IS_LONG; - Z_LVAL(restored_error_reporting) = Z_LVAL(EX_T(opline->op1.var).tmp_var); - EG(error_reporting) = Z_LVAL(restored_error_reporting); - convert_to_string(&restored_error_reporting); - if (EXPECTED(EG(error_reporting_ini_entry) != NULL)) { - if (EXPECTED(EG(error_reporting_ini_entry)->modified && - EG(error_reporting_ini_entry)->value != EG(error_reporting_ini_entry)->orig_value)) { - efree(EG(error_reporting_ini_entry)->value); - } - EG(error_reporting_ini_entry)->value = Z_STRVAL(restored_error_reporting); - EG(error_reporting_ini_entry)->value_length = Z_STRLEN(restored_error_reporting); - } else { - zendi_zval_dtor(restored_error_reporting); - } + if (!EG(error_reporting) && Z_LVAL_P(EX_VAR(opline->op1.var)) != 0) { + EG(error_reporting) = Z_LVAL_P(EX_VAR(opline->op1.var)); } - if (EX(old_error_reporting) == &EX_T(opline->op1.var).tmp_var) { - EX(old_error_reporting) = NULL; + if (EX(silence_op_num) == opline->op2.num) { + EX(silence_op_num) = -1; } - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -8330,58 +10065,66 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS USE_OPLINE zend_free_op free_op1; zval *value; + int is_ref = 0; SAVE_OPLINE(); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (i_zend_is_true(value)) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!1) { - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + if (i_zend_is_true(value TSRMLS_CC)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_TMP_VAR == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + zval_ptr_dtor_nogc(free_op1.var); } - -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif ZEND_VM_JMP(opline->op2.jmp_addr); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_JMP_SET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_COALESCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval *value, *ret; + zval *value; + int is_ref = 0; SAVE_OPLINE(); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (i_zend_is_true(value)) { - if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!1) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + + if (Z_TYPE_P(value) > IS_NULL) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); } + } else if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_TMP_VAR == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + zval_ptr_dtor_nogc(free_op1.var); } - -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif ZEND_VM_JMP(opline->op2.jmp_addr); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -8395,59 +10138,126 @@ static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR SAVE_OPLINE(); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!1) { - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(value)) { + ZVAL_COPY(EX_VAR(opline->result.var), Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_TMP_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } } + ZEND_VM_NEXT_OPCODE(); +} +static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *expr; + zend_bool result; + + SAVE_OPLINE(); + expr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (Z_TYPE_P(expr) == IS_OBJECT) { + result = instanceof_function(Z_OBJCE_P(expr), Z_CE_P(EX_VAR(opline->op2.var)) TSRMLS_CC); + } else { + result = 0; + } + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_QM_ASSIGN_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_STRLEN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value; zend_free_op free_op1; - zval *value, *ret; SAVE_OPLINE(); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!1) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); + if (EXPECTED(Z_TYPE_P(value) == IS_STRING)) { + ZVAL_LONG(EX_VAR(opline->result.var), Z_STRLEN_P(value)); + } else { + if (Z_TYPE_P(value) < IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 0); + } else if (Z_TYPE_P(value) == IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 1); + } else if (Z_TYPE_P(value) <= IS_DOUBLE) { + zend_string *str = zval_get_string(value); + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zend_string_release(str); + } else if (Z_TYPE_P(value) == IS_OBJECT) { + zend_string *str; + zval tmp; + + ZVAL_COPY(&tmp, value); + if (parse_arg_object_to_str(&tmp, &str, IS_STRING TSRMLS_CC) == FAILURE) { + goto strlen_error; + } + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zval_dtor(&tmp); + } else { +strlen_error: + zend_error(E_WARNING, "strlen() expects parameter 1 to be string, %s given", zend_get_type_by_const(Z_TYPE_P(value))); + ZVAL_NULL(EX_VAR(opline->result.var)); } } - + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_TYPE_CHECK_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value; zend_free_op free_op1; - zval *expr; - zend_bool result; SAVE_OPLINE(); - expr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { - result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); - } else { - result = 0; + value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + switch (opline->extended_value) { + case IS_NULL: + case IS_LONG: + case IS_DOUBLE: + case IS_STRING: + case IS_ARRAY: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == opline->extended_value); + break; + case _IS_BOOL: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == IS_TRUE || Z_TYPE_P(value) == IS_FALSE); + break; + case IS_OBJECT: + if (Z_TYPE_P(value) == opline->extended_value) { + zend_class_entry *ce = Z_OBJCE_P(value); + if (ce->name->len == sizeof("__PHP_Incomplete_Class") - 1 + && !strncmp(ce->name->val, "__PHP_Incomplete_Class", ce->name->len)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } else { + ZVAL_TRUE(EX_VAR(opline->result.var)); + } + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + case IS_RESOURCE: + if (Z_TYPE_P(value) == opline->extended_value) { + const char *type_name = zend_rsrc_list_get_rsrc_type(Z_RES_P(value) TSRMLS_CC); + ZVAL_BOOL(EX_VAR(opline->result.var), type_name != NULL); + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + EMPTY_SWITCH_DEFAULT_CASE() } - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -8458,10 +10268,10 @@ static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8473,10 +10283,10 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8488,10 +10298,10 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8503,10 +10313,10 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8518,10 +10328,10 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8533,10 +10343,10 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8548,10 +10358,10 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8563,10 +10373,10 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8578,10 +10388,10 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_H zend_free_op free_op1; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8591,14 +10401,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8608,13 +10417,13 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_dtor(free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8624,13 +10433,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_dtor(free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8640,13 +10449,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_dtor(free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8656,13 +10465,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_O { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_dtor(free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8674,10 +10483,10 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op1; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8689,10 +10498,10 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8704,10 +10513,10 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8719,10 +10528,10 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDL zend_free_op free_op1; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8733,126 +10542,111 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP_CONST(int type, USE_OPLINE zend_free_op free_op1; zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_TMP_VAR == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_TMP_VAR != IS_CONST) { + zend_string_release(name); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - zval_dtor(free_op1.var); + retval = zend_std_get_static_property(ce, name, 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_TMP_VAR == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_TMP_VAR != IS_TMP_VAR) { - zval_dtor(free_op1.var); - } - break; - case ZEND_FETCH_LOCAL: - zval_dtor(free_op1.var); - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_TMP_VAR == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { + zval_ptr_dtor_nogc(free_op1.var); } } - - if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_TMP_VAR != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8877,7 +10671,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_TMP_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_TMP_CONST(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_TMP_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -8894,47 +10692,191 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR || IS_TMP_VAR == IS_CONST) { - zval *container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - zval_dtor(free_op1.var); - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + + } else { + if (IS_CONST == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op1.var); + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = opline->op2.zv; - if (IS_TMP_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *container; + zval *offset; + SAVE_OPLINE(); container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_ARRAY)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } else { + zval *retval; - zval *value = *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1; + zval *property; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = NULL; + + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_TMP_VAR, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + +static int ZEND_FASTCALL ZEND_FETCH_LIST_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + + zval *value = zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + + ZVAL_COPY(EX_VAR(opline->result.var), value); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT) && + EXPECTED(Z_OBJ_HT_P(container)->read_dimension)) { + zval *result = EX_VAR(opline->result.var); + zval *retval = Z_OBJ_HT_P(container)->read_dimension(container, opline->op2.zv, BP_VAR_R, result TSRMLS_CC); + + if (retval) { + if (result != retval) { + ZVAL_COPY(result, retval); + } + } else { + ZVAL_NULL(result); + } + } else { + ZVAL_NULL(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -8943,17 +10885,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPC static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); SAVE_OPLINE(); if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_char_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } add_char_to_string(str, str, opline->op2.zv); @@ -8966,17 +10904,13 @@ static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); SAVE_OPLINE(); if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } add_string_to_string(str, str, opline->op2.zv); @@ -8990,10 +10924,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCO { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -9007,58 +10942,84 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCO zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CONST != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CONST == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CONST != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CONST == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CONST == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); @@ -9069,11 +11030,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_A { USE_OPLINE zend_free_op free_op1; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -9083,35 +11045,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPC { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_TMP_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_TMP_VAR == IS_CV) { + } else if (IS_TMP_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -9119,42 +11079,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPC if (IS_CONST != IS_UNUSED) { zval *offset = opline->op2.zv; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -9162,9 +11131,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_TMP_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_TMP_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_TMP_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_TMP_VAR != IS_UNUSED @@ -9185,14 +11171,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HAND if (IS_TMP_VAR == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -9200,54 +11192,45 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HAND varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_TMP_VAR != IS_CONST && varname == &tmp) { + if (IS_TMP_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_TMP_VAR != IS_CONST && varname == &tmp) { + if (IS_TMP_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9255,33 +11238,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_TMP_VAR == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zend_free_op free_op1; zval tmp, *varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -9289,50 +11268,185 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPC zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_TMP_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); + + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = opline->op2.zv; - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); + if (IS_TMP_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } + } + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = opline->op2.zv; + + if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); } + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9341,47 +11455,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); + if (IS_TMP_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_TMP_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -9389,51 +11497,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_TMP_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -9442,44 +11536,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ zval *key = opline->op2.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -9492,17 +11581,32 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9513,11 +11617,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9528,11 +11632,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9543,11 +11647,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9558,11 +11662,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9573,11 +11677,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9588,11 +11692,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9603,11 +11707,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9618,11 +11722,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HAN zend_free_op free_op1, free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9631,15 +11735,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9648,14 +11751,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9664,14 +11767,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9680,14 +11783,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9696,14 +11799,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPC { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9714,11 +11817,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9729,11 +11832,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9744,11 +11847,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9759,11 +11862,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1, free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9772,33 +11875,170 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - if (IS_TMP_VAR == IS_TMP_VAR || IS_TMP_VAR == IS_CONST) { - zval *container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - zval_dtor(free_op1.var); - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_TMP_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + zval_ptr_dtor_nogc(free_op2.var); + + } else { + if (IS_TMP_VAR == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1, free_op2; + zval *property; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = NULL; + + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_TMP_VAR, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); zval *var; zval var_copy; int use_copy = 0; @@ -9808,18 +12048,17 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } if (Z_TYPE_P(var) != IS_STRING) { - zend_make_printable_zval(var, &var_copy, &use_copy); + ZVAL_DEREF(var); + if (Z_TYPE_P(var) != IS_STRING) { + use_copy = zend_make_printable_zval(var, &var_copy TSRMLS_CC); - if (use_copy) { - var = &var_copy; + if (use_copy) { + var = &var_copy; + } } } add_string_to_string(str, str, var); @@ -9833,7 +12072,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're * string offsets or overloaded objects */ - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -9843,10 +12082,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1, free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -9860,60 +12100,86 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_TMP_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_TMP_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_dtor(free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_TMP_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_TMP_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_TMP_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_dtor(free_op2.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -9923,13 +12189,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1, free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9938,35 +12205,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCOD { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_TMP_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_TMP_VAR == IS_CV) { + } else if (IS_TMP_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -9974,42 +12239,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCOD if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -10017,9 +12291,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_TMP_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_TMP_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_TMP_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_TMP_VAR != IS_UNUSED @@ -10029,51 +12320,192 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDL } } +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_TMP_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } + } + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); + if (IS_TMP_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_TMP_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -10081,51 +12513,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_TMP_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -10134,44 +12552,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zval *key = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -10184,17 +12597,32 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10205,11 +12633,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10220,11 +12648,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10235,11 +12663,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10250,11 +12678,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10265,11 +12693,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10280,11 +12708,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10295,11 +12723,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10310,11 +12738,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HAN zend_free_op free_op1, free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10323,15 +12751,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10340,14 +12767,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10356,14 +12783,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10372,14 +12799,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10388,14 +12815,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPC { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10406,11 +12833,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10421,11 +12848,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10436,11 +12863,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10451,11 +12878,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1, free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10465,126 +12892,111 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP_VAR(int type, ZE USE_OPLINE zend_free_op free_op1; zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_TMP_VAR == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_TMP_VAR != IS_CONST) { + zend_string_release(name); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - zval_dtor(free_op1.var); + retval = zend_std_get_static_property(ce, name, 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_TMP_VAR == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_TMP_VAR != IS_TMP_VAR) { - zval_dtor(free_op1.var); - } - break; - case ZEND_FETCH_LOCAL: - zval_dtor(free_op1.var); - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_TMP_VAR == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { + zval_ptr_dtor_nogc(free_op1.var); } } - - if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_TMP_VAR != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -10609,7 +13021,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_H { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_TMP_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_TMP_VAR(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_TMP_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -10626,33 +13042,170 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - if (IS_TMP_VAR == IS_TMP_VAR || IS_TMP_VAR == IS_CONST) { - zval *container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - zval_dtor(free_op1.var); - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_TMP_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + zval_ptr_dtor_nogc(free_op2.var); + } else { + if (IS_VAR == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1, free_op2; + zval *property; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = NULL; + + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_TMP_VAR, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); zval *var; zval var_copy; int use_copy = 0; @@ -10662,18 +13215,17 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } if (Z_TYPE_P(var) != IS_STRING) { - zend_make_printable_zval(var, &var_copy, &use_copy); + ZVAL_DEREF(var); + if (Z_TYPE_P(var) != IS_STRING) { + use_copy = zend_make_printable_zval(var, &var_copy TSRMLS_CC); - if (use_copy) { - var = &var_copy; + if (use_copy) { + var = &var_copy; + } } } add_string_to_string(str, str, var); @@ -10687,7 +13239,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're * string offsets or overloaded objects */ - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -10697,10 +13249,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1, free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -10714,60 +13267,86 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op2.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -10777,13 +13356,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1, free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10792,35 +13372,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCOD { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_TMP_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_TMP_VAR == IS_CV) { + } else if (IS_TMP_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -10828,42 +13406,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCOD if (IS_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -10871,9 +13458,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_TMP_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_TMP_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_TMP_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_TMP_VAR != IS_UNUSED @@ -10894,14 +13498,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLE if (IS_TMP_VAR == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); + + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -10909,54 +13519,45 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLE varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_TMP_VAR != IS_CONST && varname == &tmp) { + if (IS_TMP_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_TMP_VAR != IS_CONST && varname == &tmp) { + if (IS_TMP_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -10964,33 +13565,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_TMP_VAR == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zend_free_op free_op1; zval tmp, *varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -10998,50 +13595,187 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCOD zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_TMP_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); + + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } +} - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_TMP_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } + } + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); } + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11050,47 +13784,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); + if (IS_TMP_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_TMP_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -11098,51 +13826,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_TMP_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -11151,45 +13865,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zval *key = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); + zval_ptr_dtor_nogc(free_op2.var); + } else { + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); } - - generator->key = copy; - } else { - Z_ADDREF_P(key); - generator->key = key; } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - - zval_ptr_dtor(&free_op2.var); } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -11202,131 +13910,131 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP_UNUSED(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_TMP_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_TMP_VAR == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_TMP_VAR != IS_CONST) { + zend_string_release(name); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - zval_dtor(free_op1.var); + retval = zend_std_get_static_property(ce, name, 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_TMP_VAR == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_TMP_VAR != IS_TMP_VAR) { - zval_dtor(free_op1.var); - } - break; - case ZEND_FETCH_LOCAL: - zval_dtor(free_op1.var); - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_TMP_VAR == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { + zval_ptr_dtor_nogc(free_op1.var); } } - - if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_TMP_VAR != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11351,7 +14059,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCOD { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_TMP_UNUSED(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_TMP_UNUSED(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_TMP_UNUSED(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -11364,39 +14076,72 @@ static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HAND return zend_fetch_var_address_helper_SPEC_TMP_UNUSED(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval *expr_ptr; SAVE_OPLINE(); - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = NULL; + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { /* temporary variable */ - zval *new_expr; + if (IS_UNUSED == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op1.var); + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; +static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *expr_ptr, new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + SAVE_OPLINE(); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); + } + ZVAL_MAKE_REF(expr_ptr); + Z_ADDREF_P(expr_ptr); - } else if (IS_TMP_VAR == IS_CV) { + } else { + expr_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_TMP_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); + + } else if (IS_TMP_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -11404,42 +14149,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OP if (IS_UNUSED != IS_UNUSED) { zval *offset = NULL; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_UNUSED == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_UNUSED != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11447,9 +14201,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_TMP_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_TMP_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_TMP_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_TMP_VAR != IS_UNUSED @@ -11470,14 +14241,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HAN if (IS_TMP_VAR == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11485,54 +14262,45 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HAN varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_TMP_VAR != IS_CONST && varname == &tmp) { + if (IS_TMP_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_TMP_VAR != IS_CONST && varname == &tmp) { + if (IS_TMP_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11540,33 +14308,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_TMP_VAR == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zend_free_op free_op1; zval tmp, *varname = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -11574,99 +14338,83 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_UNUSED_HANDLER(ZEND_OP zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_TMP_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_TMP_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - zval_dtor(free_op1.var); - } + zval_ptr_dtor_nogc(free_op1.var); - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); + if (IS_TMP_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_TMP_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -11674,51 +14422,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_TMP_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -11727,44 +14461,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER zval *key = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_UNUSED == IS_VAR || IS_UNUSED == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_UNUSED == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -11783,10 +14512,10 @@ static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11798,10 +14527,10 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11813,10 +14542,10 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11828,10 +14557,10 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11843,10 +14572,10 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, + fast_mod_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11858,10 +14587,10 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, + shift_left_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11873,10 +14602,10 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, + shift_right_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11888,10 +14617,10 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, + concat_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11903,10 +14632,10 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HAND zend_free_op free_op1; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, + fast_is_identical_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11916,14 +14645,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, + fast_is_not_identical_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11933,13 +14661,13 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11949,13 +14677,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11965,13 +14693,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11981,13 +14709,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -11999,10 +14727,10 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, + bitwise_or_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -12014,10 +14742,10 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, + bitwise_and_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -12029,10 +14757,10 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, + bitwise_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -12044,10 +14772,10 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op1; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, + boolean_xor_function(EX_VAR(opline->result.var), _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op1.var); + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -12057,33 +14785,168 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_TMP_VAR == IS_TMP_VAR || IS_TMP_VAR == IS_CONST) { - zval *container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} - zval_dtor(free_op1.var); - } else { +static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + zend_free_op free_op1; + + SAVE_OPLINE(); + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = NULL; - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + + } else { + if (IS_CV == IS_UNUSED) { + zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); + } + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_TMP_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { + zval_ptr_dtor_nogc(free_op1.var); + } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } + } + + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if ((IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } else { + zval *retval; + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } +static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *container; + + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + /* Behave like FETCH_OBJ_W */ + zend_free_op free_op1; + zval *property; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + container = NULL; + + if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_TMP_VAR, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + + if (IS_TMP_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else { + return ZEND_FETCH_OBJ_R_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } +} + static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); zval *var; zval var_copy; int use_copy = 0; @@ -12093,18 +14956,17 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_A if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } if (Z_TYPE_P(var) != IS_STRING) { - zend_make_printable_zval(var, &var_copy, &use_copy); + ZVAL_DEREF(var); + if (Z_TYPE_P(var) != IS_STRING) { + use_copy = zend_make_printable_zval(var, &var_copy TSRMLS_CC); - if (use_copy) { - var = &var_copy; + if (use_copy) { + var = &var_copy; + } } } add_string_to_string(str, str, var); @@ -12127,10 +14989,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_ { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -12144,58 +15007,84 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_ zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CV == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CV != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CV == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); } + if (IS_CV == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); + } + } + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); @@ -12206,11 +15095,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zend_free_op free_op1; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -12220,35 +15110,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = NULL; - - if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = NULL; + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_TMP_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_TMP_VAR == IS_CV) { + } else if (IS_TMP_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -12256,42 +15144,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE if (IS_CV != IS_UNUSED) { zval *offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -12299,9 +15196,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_TMP_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_TMP_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_TMP_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_TMP_VAR != IS_UNUSED @@ -12311,51 +15225,190 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLE } } +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + int result; + zend_ulong hval; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_TMP_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; + +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; + } + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } + } + + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); + } + } else if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ + zval tmp; + + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { + ZVAL_DUP(&tmp, offset); + convert_to_long(&tmp); + offset = &tmp; + } + } + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { + result = 1; + } + } + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_TMP_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); + if (IS_TMP_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_TMP_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -12363,51 +15416,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_TMP_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_TMP_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -12416,44 +15455,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG zval *key = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -12466,15 +15500,30 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_tmp(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; SAVE_OPLINE(); - bitwise_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + bitwise_not_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12485,9 +15534,9 @@ static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - boolean_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + boolean_not_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12496,7 +15545,7 @@ static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zend_free_op free_op1; - zval **var_ptr; + zval *var_ptr; SAVE_OPLINE(); var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -12504,37 +15553,33 @@ static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { + + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + fast_increment_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + } + ZEND_VM_NEXT_OPCODE(); + } + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_increment_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); - } else { - fast_increment_function(*var_ptr); - } + increment_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12543,7 +15588,7 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zend_free_op free_op1; - zval **var_ptr; + zval *var_ptr; SAVE_OPLINE(); var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -12551,37 +15596,33 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { + + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + fast_decrement_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + } + ZEND_VM_NEXT_OPCODE(); + } + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_decrement_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); - } else { - fast_decrement_function(*var_ptr); - } + decrement_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12590,7 +15631,7 @@ static int ZEND_FASTCALL ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1; - zval **var_ptr, *retval; + zval *var_ptr; SAVE_OPLINE(); var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -12598,33 +15639,30 @@ static int ZEND_FASTCALL ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { - ZVAL_NULL(&EX_T(opline->result.var).tmp_var); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + fast_increment_function(var_ptr); ZEND_VM_NEXT_OPCODE(); } - retval = &EX_T(opline->result.var).tmp_var; - ZVAL_COPY_VALUE(retval, *var_ptr); - zendi_zval_copy_ctor(*retval); - - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_increment_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); + if (UNEXPECTED(Z_ISREF_P(var_ptr))) { + var_ptr = Z_REFVAL_P(var_ptr); + ZVAL_DUP(EX_VAR(opline->result.var), var_ptr); } else { - fast_increment_function(*var_ptr); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + zval_opt_copy_ctor(var_ptr); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + increment_function(var_ptr); + + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12633,7 +15671,7 @@ static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1; - zval **var_ptr, *retval; + zval *var_ptr; SAVE_OPLINE(); var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -12641,33 +15679,30 @@ static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { - ZVAL_NULL(&EX_T(opline->result.var).tmp_var); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + fast_decrement_function(var_ptr); ZEND_VM_NEXT_OPCODE(); } - retval = &EX_T(opline->result.var).tmp_var; - ZVAL_COPY_VALUE(retval, *var_ptr); - zendi_zval_copy_ctor(*retval); - - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_decrement_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); + if (UNEXPECTED(Z_ISREF_P(var_ptr))) { + var_ptr = Z_REFVAL_P(var_ptr); + ZVAL_DUP(EX_VAR(opline->result.var), var_ptr); } else { - fast_decrement_function(*var_ptr); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + zval_opt_copy_ctor(var_ptr); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + decrement_function(var_ptr); + + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12679,14 +15714,11 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zval *z; SAVE_OPLINE(); - z = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + z = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) { - INIT_PZVAL(z); - } - zend_print_variable(z); + zend_print_variable(z TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12695,7 +15727,7 @@ static int ZEND_FASTCALL ZEND_PRINT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); + ZVAL_LONG(EX_VAR(opline->result.var), 1); return ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } @@ -12704,29 +15736,30 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *val; - int ret; SAVE_OPLINE(); - val = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + val = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - zval_ptr_dtor(&free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (!ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); - } - ZEND_VM_NEXT_OPCODE(); + if (i_zend_is_true(val TSRMLS_CC)) { + opline++; + } else { + opline = opline->op2.jmp_addr; + } + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -12734,29 +15767,30 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *val; - int ret; SAVE_OPLINE(); - val = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + val = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - zval_ptr_dtor(&free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - if (ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); - } - ZEND_VM_NEXT_OPCODE(); + if (i_zend_is_true(val TSRMLS_CC)) { + opline = opline->op2.jmp_addr; + } else { + opline++; + } + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -12764,33 +15798,30 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *val; - int retval; SAVE_OPLINE(); - val = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + val = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - zval_ptr_dtor(&free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_VAR == IS_TMP_VAR) { + if (EXPECTED(Z_TYPE_P(val) == IS_TRUE)) { + ZEND_VM_SET_RELATIVE_OPCODE(opline, opline->extended_value); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (EXPECTED(retval != 0)) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on true to %d\n", opline->extended_value); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + + if (i_zend_is_true(val TSRMLS_CC)) { + opline = (zend_op*)(((char*)opline) + opline->extended_value); } else { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on false to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + opline = opline->op2.jmp_addr; } + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -12798,30 +15829,34 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS USE_OPLINE zend_free_op free_op1; zval *val; - int retval; SAVE_OPLINE(); - val = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + val = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - zval_ptr_dtor(&free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (!retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline++; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; } - ZEND_VM_NEXT_OPCODE(); + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -12829,30 +15864,33 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG USE_OPLINE zend_free_op free_op1; zval *val; - int retval; SAVE_OPLINE(); - val = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + val = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - zval_ptr_dtor(&free_op1.var); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_VAR == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline++; } - ZEND_VM_NEXT_OPCODE(); + zval_ptr_dtor_nogc(free_op1.var); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -12860,11 +15898,7 @@ static int ZEND_FASTCALL ZEND_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE SAVE_OPLINE(); - if (IS_VAR == IS_TMP_VAR) { - zendi_zval_dtor(EX_T(opline->op1.var).tmp_var); - } else { - zval_ptr_dtor(&EX_T(opline->op1.var).var.ptr); - } + zval_ptr_dtor_nogc(EX_VAR(opline->op1.var)); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12878,34 +15912,23 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); retval_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (!EG(return_value_ptr_ptr)) { - zval_ptr_dtor(&free_op1.var); + if (!EX(return_value)) { + zval_ptr_dtor_nogc(free_op1.var); } else { - if (IS_VAR == IS_CONST || - IS_VAR == IS_TMP_VAR || - PZVAL_IS_REF(retval_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - if (IS_VAR != IS_TMP_VAR) { - zval_copy_ctor(ret); - } - *EG(return_value_ptr_ptr) = ret; - zval_ptr_dtor(&free_op1.var); - } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && - retval_ptr == &EG(uninitialized_zval)) { - zval *ret; - - if (IS_VAR == IS_VAR) { - Z_DELREF_P(retval_ptr); + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(EX(return_value)))) { + zval_copy_ctor_func(EX(return_value)); + } } - ALLOC_INIT_ZVAL(ret); - *EG(return_value_ptr_ptr) = ret; + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(retval_ptr)) { + ZVAL_COPY(EX(return_value), Z_REFVAL_P(retval_ptr)); + zval_ptr_dtor_nogc(free_op1.var); } else { - *EG(return_value_ptr_ptr) = retval_ptr; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); if (IS_VAR == IS_CV) { - Z_ADDREF_P(retval_ptr); + if (Z_OPT_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } } } @@ -12916,70 +15939,60 @@ static int ZEND_FASTCALL ZEND_RETURN_BY_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zval *retval_ptr; - zval **retval_ptr_ptr; zend_free_op free_op1; SAVE_OPLINE(); do { - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR || + (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_VALUE)) { /* Not supposed to happen, but we'll allow it */ zend_error(E_NOTICE, "Only variable references should be returned by reference"); retval_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (!EG(return_value_ptr_ptr)) { + if (!EX(return_value)) { if (IS_VAR == IS_TMP_VAR) { - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } - } else if (!0) { /* Not a temp var */ - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; } else { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - *EG(return_value_ptr_ptr) = ret; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (IS_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor_no_imm(EX(return_value)); + } } break; } - retval_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + retval_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(retval_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } - if (IS_VAR == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) { + if (IS_VAR == IS_VAR && !Z_ISREF_P(retval_ptr)) { if (opline->extended_value == ZEND_RETURNS_FUNCTION && - EX_T(opline->op1.var).var.fcall_returned_reference) { - } else if (EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + (Z_VAR_FLAGS_P(retval_ptr) & IS_VAR_RET_REF)) { + } else { zend_error(E_NOTICE, "Only variable references should be returned by reference"); - if (EG(return_value_ptr_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, *retval_ptr_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; + if (EX(return_value)) { + ZVAL_NEW_REF(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (Z_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } break; } } - if (EG(return_value_ptr_ptr)) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr); - Z_ADDREF_PP(retval_ptr_ptr); - - *EG(return_value_ptr_ptr) = *retval_ptr_ptr; + if (EX(return_value)) { + ZVAL_MAKE_REF(retval_ptr); + Z_ADDREF_P(retval_ptr); + ZVAL_REF(EX(return_value), Z_REF_P(retval_ptr)); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; } } while (0); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } @@ -12987,11 +16000,10 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *value; - zval *exception; zend_free_op free_op1; SAVE_OPLINE(); - value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + value = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { if (UNEXPECTED(EG(exception) != NULL)) { @@ -13001,49 +16013,34 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } zend_exception_save(TSRMLS_C); - /* Not sure if a complete copy is what we want here */ - ALLOC_ZVAL(exception); - INIT_PZVAL_COPY(exception, value); - if (!0) { - zval_copy_ctor(exception); + if (IS_VAR != IS_TMP_VAR) { + if (Z_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - zend_throw_exception_object(exception TSRMLS_CC); + zend_throw_exception_object(value TSRMLS_CC); zend_exception_restore(TSRMLS_C); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } -static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *varptr; + zval *varptr, *arg; zend_free_op free_op1; - varptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (varptr == &EG(uninitialized_zval)) { - if (IS_VAR == IS_VAR) { - Z_DELREF_P(varptr); - } - ALLOC_INIT_ZVAL(varptr); - } else if (PZVAL_IS_REF(varptr)) { - if (IS_VAR == IS_CV || - (IS_VAR == IS_VAR && Z_REFCOUNT_P(varptr) > 2)) { - zval *original_var = varptr; - - ALLOC_ZVAL(varptr); - INIT_PZVAL_COPY(varptr, original_var); - zval_copy_ctor(varptr); - zval_ptr_dtor(&free_op1.var); - } else { - Z_UNSET_ISREF_P(varptr); + varptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(varptr)) { + ZVAL_COPY(arg, Z_REFVAL_P(varptr)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(arg, varptr); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(arg)) Z_ADDREF_P(arg); } - } else if (IS_VAR == IS_CV) { - Z_ADDREF_P(varptr); } - zend_vm_stack_push(varptr TSRMLS_CC); - - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13051,42 +16048,41 @@ static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval *varptr; + zval *varptr, *arg; SAVE_OPLINE(); if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */ if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) { - return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } + } else { + if (!ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + return ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } - } else if (!ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { - return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } varptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) || - EX_T(opline->op1.var).var.fcall_returned_reference) && - varptr != &EG(uninitialized_zval) && - (PZVAL_IS_REF(varptr) || Z_REFCOUNT_P(varptr) == 1)) { - Z_SET_ISREF_P(varptr); + (Z_VAR_FLAGS_P(varptr) & IS_VAR_RET_REF)) && + (Z_ISREF_P(varptr) || Z_TYPE_P(varptr) == IS_OBJECT)) { + + ZVAL_MAKE_REF(varptr); if (IS_VAR == IS_CV) { Z_ADDREF_P(varptr); } - zend_vm_stack_push(varptr TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY_VALUE(arg, varptr); } else { - zval *valptr; - if ((opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) ? !(opline->extended_value & ZEND_ARG_SEND_SILENT) : - !ARG_MAY_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { + !ARG_MAY_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { zend_error(E_STRICT, "Only variables should be passed by reference"); } - ALLOC_ZVAL(valptr); - INIT_PZVAL_COPY(valptr, varptr); - if (!0) { - zval_copy_ctor(valptr); - } - zval_ptr_dtor(&free_op1.var); - zend_vm_stack_push(valptr TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY(arg, varptr); + zval_ptr_dtor_nogc(free_op1.var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13096,72 +16092,153 @@ static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1; - zval **varptr_ptr; - zval *varptr; + zval *varptr, *arg; SAVE_OPLINE(); - varptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + varptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && UNEXPECTED(varptr_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(varptr == NULL)) { zend_error_noreturn(E_ERROR, "Only variables can be passed by reference"); } - if (IS_VAR == IS_VAR && UNEXPECTED(*varptr_ptr == &EG(error_zval))) { - ALLOC_INIT_ZVAL(varptr); - zend_vm_stack_push(varptr TSRMLS_CC); - CHECK_EXCEPTION(); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + if (IS_VAR == IS_VAR && UNEXPECTED(varptr == &EG(error_zval))) { + ZVAL_NEW_REF(arg, &EG(uninitialized_zval)); ZEND_VM_NEXT_OPCODE(); } - if (opline->extended_value == ZEND_DO_FCALL_BY_NAME && - EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && - !ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { - return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (Z_ISREF_P(varptr)) { + Z_ADDREF_P(varptr); + ZVAL_COPY_VALUE(arg, varptr); + } else if (IS_VAR == IS_VAR && + UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT)) { + ZVAL_COPY_VALUE(arg, varptr); + ZVAL_MAKE_REF(arg); + } else { + ZVAL_MAKE_REF(varptr); + Z_ADDREF_P(varptr); + ZVAL_REF(arg, Z_REF_P(varptr)); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr); - varptr = *varptr_ptr; - Z_ADDREF_P(varptr); - zend_vm_stack_push(varptr TSRMLS_CC); - - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_VAR_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *varptr, *arg; + zend_free_op free_op1; - if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME) - && ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { return ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } - SAVE_OPLINE(); - return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + varptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(varptr)) { + ZVAL_COPY(arg, Z_REFVAL_P(varptr)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(arg, varptr); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(arg)) Z_ADDREF_P(arg); + } + } + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_BOOL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_USER_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *arg, *param, tmp; zend_free_op free_op1; - zval *retval = &EX_T(opline->result.var).tmp_var; - SAVE_OPLINE(); - /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC))); - zval_ptr_dtor(&free_op1.var); + arg = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + param = ZEND_CALL_ARG(EX(call), opline->op2.num); + + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + // TODO: Scalar values don't have reference counters anymore. + // They are assumed to be 1, and they may be easily passed by + // reference now. However, previously scalars with refcount==1 + // might be passed and with refcount>1 might not. We can support + // only single behavior ??? +#if 0 + if (Z_REFCOUNTED_P(arg) && + // This solution breaks the following test (omit warning message) ??? + // Zend/tests/bug61273.phpt + // ext/reflection/tests/bug42976.phpt + // ext/standard/tests/general_functions/call_user_func_array_variation_001.phpt +#else + if (!Z_REFCOUNTED_P(arg) || + // This solution breaks the following test (emit warning message) ??? + // ext/pdo_sqlite/tests/pdo_005.phpt +#endif + (!Z_ISREF_P(arg) /*&& Z_REFCOUNT_P(arg) > 1???*/)) { + + if (!ARG_MAY_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + zend_error(E_WARNING, "Parameter %d to %s%s%s() expected to be a reference, value given", + opline->op2.num, + EX(call)->func->common.scope ? EX(call)->func->common.scope->name->val : "", + EX(call)->func->common.scope ? "::" : "", + EX(call)->func->common.function_name->val); + + if (EX(call)->func->common.fn_flags & ZEND_ACC_CLOSURE) { + OBJ_RELEASE((zend_object*)EX(call)->func->common.prototype); + } + if (Z_OBJ(EX(call)->This)) { + OBJ_RELEASE(Z_OBJ(EX(call)->This)); + } + EX(call)->func = (zend_function*)&zend_pass_function; + EX(call)->called_scope = NULL; + Z_OBJ(EX(call)->This) = NULL; + + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + + if (Z_REFCOUNTED_P(arg)) { + Z_DELREF_P(arg); + } + ZVAL_DUP(&tmp, arg); + ZVAL_NEW_REF(arg, &tmp); + Z_ADDREF_P(arg); + } else if (!Z_ISREF_P(arg)) { + ZVAL_NEW_REF(arg, arg); + Z_ADDREF_P(arg); + } else if (Z_REFCOUNTED_P(arg)) { + Z_ADDREF_P(arg); + } + ZVAL_COPY_VALUE(param, arg); + } else if (Z_ISREF_P(arg) && + /* don't separate references for __call */ + (EX(call)->func->common.fn_flags & ZEND_ACC_CALL_VIA_HANDLER) == 0) { + ZVAL_DUP(param, Z_REFVAL_P(arg)); + } else { + ZVAL_COPY(param, arg); + } + + EX(call)->num_args = opline->op2.num; + + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_SWITCH_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_BOOL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zend_free_op free_op1; + zval *retval = EX_VAR(opline->result.var); SAVE_OPLINE(); - zval_ptr_dtor(&EX_T(opline->op1.var).var.ptr); + /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ + ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC) TSRMLS_CC)); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13176,10 +16253,10 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_object_clone_obj_t clone_call; SAVE_OPLINE(); - obj = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + obj = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_CONST || - UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { + (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT))) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } @@ -13191,7 +16268,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) clone_call = Z_OBJ_HT_P(obj)->clone_obj; if (UNEXPECTED(clone_call == NULL)) { if (ce) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); + zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name->val); } else { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object"); } @@ -13201,33 +16278,25 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (UNEXPECTED(ce != EG(scope))) { - zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(ce != EX(scope))) { + zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EG(scope)))) { - zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EX(scope)))) { + zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } } if (EXPECTED(EG(exception) == NULL)) { - zval *retval; - - ALLOC_ZVAL(retval); - Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(retval) = IS_OBJECT; - Z_SET_REFCOUNT_P(retval, 1); - Z_SET_ISREF_P(retval); + ZVAL_OBJ(EX_VAR(opline->result.var), clone_call(obj TSRMLS_CC)); if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&retval); - } else { - AI_SET_PTR(&EX_T(opline->result.var), retval); + zval_ptr_dtor(EX_VAR(opline->result.var)); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13237,56 +16306,99 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zend_free_op free_op1; zval *expr; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - expr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + expr = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (opline->extended_value != IS_STRING) { - ZVAL_COPY_VALUE(result, expr); - if (!0) { - zendi_zval_copy_ctor(*result); - } - } switch (opline->extended_value) { case IS_NULL: - convert_to_null(result); + /* This code is taken from convert_to_null. However, it does not seems very useful, + * because a conversion to null always results in the same value. This could only + * be relevant if a cast_object handler for IS_NULL has some kind of side-effect. */ +#if 0 + if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { + ZVAL_DEREF(expr); + } + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->cast_object) { + if (Z_OBJ_HT_P(expr)->cast_object(expr, result, IS_NULL TSRMLS_CC) == SUCCESS) { + break; + } + } +#endif + + ZVAL_NULL(result); break; - case IS_BOOL: - convert_to_boolean(result); + case _IS_BOOL: + ZVAL_BOOL(result, zend_is_true(expr TSRMLS_CC)); break; case IS_LONG: - convert_to_long(result); + ZVAL_LONG(result, zval_get_long(expr)); break; case IS_DOUBLE: - convert_to_double(result); + ZVAL_DOUBLE(result, zval_get_double(expr)); + break; + case IS_STRING: + ZVAL_STR(result, zval_get_string(expr)); break; - case IS_STRING: { - zval var_copy; - int use_copy; + default: + /* If value is already of correct type, return it directly */ + if (Z_TYPE_P(expr) == opline->extended_value) { + ZVAL_COPY_VALUE(result, expr); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(result))) { + zval_copy_ctor_func(result); + } + } else if (IS_VAR != IS_TMP_VAR) { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } - zend_make_printable_zval(expr, &var_copy, &use_copy); - if (use_copy) { - ZVAL_COPY_VALUE(result, &var_copy); - if (0) { - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + + if (opline->extended_value == IS_ARRAY) { + if (Z_TYPE_P(expr) != IS_OBJECT) { + ZVAL_NEW_ARR(result); + zend_hash_init(Z_ARRVAL_P(result), 8, NULL, ZVAL_PTR_DTOR, 0); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_index_add_new(Z_ARRVAL_P(result), 0, expr); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + Z_ADDREF_P(result); + convert_to_array(result); } } else { - ZVAL_COPY_VALUE(result, expr); - if (!0) { - zendi_zval_copy_ctor(*result); + if (Z_TYPE_P(expr) != IS_ARRAY) { + object_init(result); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_str_add_new(Z_OBJPROP_P(result), "scalar", sizeof("scalar")-1, expr); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + zval_opt_copy_ctor(result); + convert_to_object(result); } } - break; - } - case IS_ARRAY: - convert_to_array(result); - break; - case IS_OBJECT: - convert_to_object(result); - break; } - zval_ptr_dtor(&free_op1.var); + + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13297,18 +16409,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND zend_op_array *new_op_array=NULL; zend_free_op free_op1; zval *inc_filename; - zval *tmp_inc_filename = NULL; + zval tmp_inc_filename; zend_bool failure_retval=0; SAVE_OPLINE(); inc_filename = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (inc_filename->type!=IS_STRING) { - MAKE_STD_ZVAL(tmp_inc_filename); - ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename); - zval_copy_ctor(tmp_inc_filename); - convert_to_string(tmp_inc_filename); - inc_filename = tmp_inc_filename; + ZVAL_UNDEF(&tmp_inc_filename); + if (Z_TYPE_P(inc_filename) != IS_STRING) { + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); + inc_filename = &tmp_inc_filename; } if (opline->extended_value != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { @@ -13324,9 +16434,9 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND zend_file_handle file_handle; char *resolved_path; - resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC); + resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), (int)Z_STRLEN_P(inc_filename) TSRMLS_CC); if (resolved_path) { - failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1); + failure_retval = zend_hash_str_exists(&EG(included_files), resolved_path, (int)strlen(resolved_path)); } else { resolved_path = Z_STRVAL_P(inc_filename); } @@ -13339,7 +16449,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND file_handle.opened_path = estrdup(resolved_path); } - if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) { + if (zend_hash_str_add_empty_element(&EG(included_files), file_handle.opened_path, (int)strlen(file_handle.opened_path))) { new_op_array = zend_compile_file(&file_handle, (opline->extended_value==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC); zend_destroy_file_handle(&file_handle TSRMLS_CC); } else { @@ -13372,55 +16482,47 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND EMPTY_SWITCH_DEFAULT_CASE() } } - if (tmp_inc_filename) { + if (Z_TYPE(tmp_inc_filename) != IS_UNDEF) { zval_ptr_dtor(&tmp_inc_filename); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } else if (EXPECTED(new_op_array != NULL)) { - EX(original_return_value) = EG(return_value_ptr_ptr); - EG(active_op_array) = new_op_array; + zval *return_value = NULL; + zend_execute_data *call; + if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr = NULL; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; - } else { - EG(return_value_ptr_ptr) = NULL; + return_value = EX_VAR(opline->result.var); } - EX(function_state).function = (zend_function *) new_op_array; - EX(object) = NULL; + call = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_CODE, + (zend_function*)new_op_array, 0, EX(called_scope), Z_OBJ(EX(This)), NULL TSRMLS_CC); - if (!EG(active_symbol_table)) { - zend_rebuild_symbol_table(TSRMLS_C); + if (EX(symbol_table)) { + call->symbol_table = EX(symbol_table); + } else { + call->symbol_table = zend_rebuild_symbol_table(TSRMLS_C); } + call->prev_execute_data = execute_data; + i_init_code_execute_data(call, new_op_array, return_value TSRMLS_CC); if (EXPECTED(zend_execute_ex == execute_ex)) { ZEND_VM_ENTER(); } else { - zend_execute(new_op_array TSRMLS_CC); + call->frame_info = VM_FRAME_TOP_CODE; + zend_execute_ex(call TSRMLS_CC); } - EX(function_state).function = (zend_function *) EX(op_array); - - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); - efree(new_op_array); + efree_size(new_op_array, sizeof(zend_op_array)); if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } else if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_BOOL(retval, failure_retval); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_BOOL(EX_VAR(opline->result.var), failure_retval); } ZEND_VM_NEXT_OPCODE(); } @@ -13429,7 +16531,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1; - zval *array_ptr, **array_ptr_ptr; + zval *array_ptr, *array_ref, iterator, tmp; HashTable *fe_ht; zend_object_iterator *iter = NULL; zend_class_entry *ce = NULL; @@ -13438,149 +16540,176 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && - (opline->extended_value & ZEND_FE_RESET_VARIABLE)) { - array_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - MAKE_STD_ZVAL(array_ptr); - ZVAL_NULL(array_ptr); - } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { - if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { - zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); - } - - ce = Z_OBJCE_PP(array_ptr_ptr); - if (!ce || ce->get_iterator == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - Z_ADDREF_PP(array_ptr_ptr); + (opline->extended_value & ZEND_FE_FETCH_BYREF)) { + array_ptr = array_ref = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_DEREF(array_ptr); + if (Z_TYPE_P(array_ptr) == IS_ARRAY) { + SEPARATE_ARRAY(array_ptr); + if (!Z_ISREF_P(array_ref)) { + ZVAL_NEW_REF(array_ref, array_ref); + array_ptr = Z_REFVAL_P(array_ref); + } + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); + } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { + ce = Z_OBJCE_P(array_ptr); + if (ce->get_iterator == NULL) { + Z_ADDREF_P(array_ptr); } - array_ptr = *array_ptr_ptr; + array_ref = array_ptr; } else { - if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - if (opline->extended_value & ZEND_FE_FETCH_BYREF) { - Z_SET_ISREF_PP(array_ptr_ptr); - } - } - array_ptr = *array_ptr_ptr; - Z_ADDREF_P(array_ptr); + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); } } else { - array_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { /* IS_TMP_VAR */ - zval *tmp; - - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - array_ptr = tmp; + array_ptr = array_ref = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_DEREF(array_ptr); + if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&tmp, array_ptr); + if (Z_OPT_IMMUTABLE_P(&tmp)) { + zval_copy_ctor_func(&tmp); + } + array_ref = array_ptr = &tmp; if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); if (ce && ce->get_iterator) { - Z_DELREF_P(array_ptr); + Z_DELREF_P(array_ref); } } } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); - if (!ce || !ce->get_iterator) { + if (!ce->get_iterator) { if (IS_VAR == IS_CV) { - Z_ADDREF_P(array_ptr); + Z_ADDREF_P(array_ref); } } - } else if (IS_VAR == IS_CONST || - (IS_VAR == IS_CV && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 1) || - (IS_VAR == IS_VAR && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 2)) { - zval *tmp; - - if (IS_VAR == IS_VAR) { - Z_DELREF_P(array_ptr); + } else if (Z_IMMUTABLE_P(array_ref)) { + if (IS_VAR == IS_CV) { + zval_copy_ctor_func(array_ref); + Z_ADDREF_P(array_ref); + } else { + ZVAL_COPY_VALUE(&tmp, array_ref); + zval_copy_ctor_func(&tmp); + array_ptr = array_ref = &tmp; + } + } else if (Z_REFCOUNTED_P(array_ref)) { + if (IS_VAR == IS_CONST || + (IS_VAR == IS_CV && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 1) || + (IS_VAR == IS_VAR && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 2)) { + if (IS_VAR == IS_VAR) { + Z_DELREF_P(array_ref); + } + ZVAL_DUP(&tmp, array_ref); + array_ptr = array_ref = &tmp; + } else if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { + if (Z_ISREF_P(array_ref) && Z_REFCOUNT_P(array_ref) == 1) { + ZVAL_UNREF(array_ref); + array_ptr = array_ref; + } + if (Z_IMMUTABLE_P(array_ptr)) { + zval_copy_ctor_func(array_ptr); + } else if (Z_ISREF_P(array_ref) && + Z_COPYABLE_P(array_ptr) && + Z_REFCOUNT_P(array_ptr) > 1) { + Z_DELREF_P(array_ptr); + zval_copy_ctor_func(array_ptr); + } + if (IS_VAR == IS_CV) { + Z_ADDREF_P(array_ref); + } } - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - zval_copy_ctor(tmp); - array_ptr = tmp; - } else if (IS_VAR == IS_CV) { - Z_ADDREF_P(array_ptr); } } if (ce && ce->get_iterator) { - iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); + iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_FETCH_BYREF TSRMLS_CC); - if (IS_VAR == IS_VAR && !(opline->extended_value & ZEND_FE_RESET_VARIABLE)) { - zval_ptr_dtor(&free_op1.var); + if (IS_VAR == IS_VAR && !(opline->extended_value & ZEND_FE_FETCH_BYREF)) { + zval_ptr_dtor_nogc(free_op1.var); } if (iter && EXPECTED(EG(exception) == NULL)) { - array_ptr = zend_iterator_wrap(iter TSRMLS_CC); + ZVAL_OBJ(&iterator, &iter->std); + array_ptr = array_ref = &iterator; } else { - if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } if (!EG(exception)) { - zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); + zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name->val); } zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } - EX_T(opline->result.var).fe.ptr = array_ptr; + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), array_ref); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor(array_ref); + if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } HANDLE_EXCEPTION(); } } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor(array_ref); + if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { - zend_hash_internal_pointer_reset(fe_ht); - if (ce) { - zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC); - while (zend_hash_has_more_elements(fe_ht) == SUCCESS) { - char *str_key; - uint str_key_len; - ulong int_key; - zend_uchar key_type; - - key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL); - if (key_type != HASH_KEY_NON_EXISTENT && - (key_type == HASH_KEY_IS_LONG || - zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) { - break; - } - zend_hash_move_forward(fe_ht); + HashPointer *ptr = (HashPointer*)EX_VAR((opline+2)->op1.var); + HashPosition pos = 0; + Bucket *p; + + while (1) { + if (pos >= fe_ht->nNumUsed) { + is_empty = 1; + if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + } + ZEND_VM_JMP(opline->op2.jmp_addr); + } + p = fe_ht->arData + pos; + if (Z_TYPE(p->val) == IS_UNDEF || + (Z_TYPE(p->val) == IS_INDIRECT && + Z_TYPE_P(Z_INDIRECT(p->val)) == IS_UNDEF)) { + pos++; + continue; + } + if (!ce || + !p->key || + zend_check_property_access(Z_OBJ_P(array_ptr), p->key TSRMLS_CC) == SUCCESS) { + break; } + pos++; } - is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS; - zend_hash_get_pointer(fe_ht, &EX_T(opline->result.var).fe.fe_pos); + fe_ht->nInternalPointer = pos; + ptr->pos = pos; + ptr->ht = fe_ht; + ptr->h = fe_ht->arData[pos].h; + ptr->key = fe_ht->arData[pos].key; + is_empty = 0; } else { zend_error(E_WARNING, "Invalid argument supplied for foreach()"); is_empty = 1; } - if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (IS_VAR == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } if (is_empty) { - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); } else { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13591,83 +16720,204 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE - zval *array = EX_T(opline->op1.var).fe.ptr; - zval **value; + zval *array, *array_ref; + zval *value; HashTable *fe_ht; - zend_object_iterator *iter = NULL; - - zval *key = NULL; - if (opline->extended_value & ZEND_FE_FETCH_WITH_KEY) { - key = &EX_T((opline+1)->result.var).tmp_var; - } - - SAVE_OPLINE(); - - switch (zend_iterator_unwrap(array, &iter TSRMLS_CC)) { - default: - case ZEND_ITER_INVALID: - zend_error(E_WARNING, "Invalid argument supplied for foreach()"); - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); - - case ZEND_ITER_PLAIN_OBJECT: { - zend_object *zobj = zend_objects_get_address(array TSRMLS_CC); - int key_type; - char *str_key; - zend_uint str_key_len; - zend_ulong int_key; - - fe_ht = Z_OBJPROP_P(array); - zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); - do { - if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { - /* reached end of iteration */ - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + HashPointer *ptr; + HashPosition pos; + Bucket *p; + + array = array_ref = EX_VAR(opline->op1.var); + if (Z_ISREF_P(array)) { + array = Z_REFVAL_P(array); + // TODO: referenced value might be changed to different array ??? + if (Z_IMMUTABLE_P(array)) { + zval_copy_ctor_func(array); + } + } + + SAVE_OPLINE(); + + if (EXPECTED(Z_TYPE_P(array) == IS_ARRAY)) { + fe_ht = Z_ARRVAL_P(array); + ptr = (HashPointer*)EX_VAR((opline+1)->op1.var); + pos = ptr->pos; + if (UNEXPECTED(pos == INVALID_IDX)) { + /* reached end of iteration */ + ZEND_VM_JMP(opline->op2.jmp_addr); + } else if (UNEXPECTED(ptr->ht != fe_ht)) { + ptr->ht = fe_ht; + pos = 0; + } else if (UNEXPECTED(fe_ht->nInternalPointer != ptr->pos)) { + if (fe_ht->u.flags & HASH_FLAG_PACKED) { + pos = ptr->h; + } else { + pos = fe_ht->arHash[ptr->h & fe_ht->nTableMask]; + while (1) { + if (pos == INVALID_IDX) { + pos = fe_ht->nInternalPointer; + break; + } else if (fe_ht->arData[pos].h == ptr->h && fe_ht->arData[pos].key == ptr->key) { + break; + } + pos = Z_NEXT(fe_ht->arData[pos].val); } - key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL); - - zend_hash_move_forward(fe_ht); - } while (key_type != HASH_KEY_IS_LONG && - zend_check_property_access(zobj, str_key, str_key_len - 1 TSRMLS_CC) != SUCCESS); - - if (key) { - if (key_type == HASH_KEY_IS_LONG) { - ZVAL_LONG(key, int_key); + } + } + while (1) { + if (UNEXPECTED(pos >= fe_ht->nNumUsed)) { + /* reached end of iteration */ + ZEND_VM_JMP(opline->op2.jmp_addr); + } + p = fe_ht->arData + pos; + value = &p->val; + if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) { + pos++; + continue; + } else if (UNEXPECTED(Z_TYPE_P(value) == IS_INDIRECT)) { + value = Z_INDIRECT_P(value); + if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) { + pos++; + continue; + } + } + if (opline->extended_value & ZEND_FE_FETCH_BYREF) { + ZVAL_MAKE_REF(value); + Z_ADDREF_P(value); + ZVAL_REF(EX_VAR(opline->result.var), Z_REF_P(value)); + } else { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + if (opline->extended_value & ZEND_FE_FETCH_WITH_KEY) { + if (!p->key) { + ZVAL_LONG(EX_VAR((opline+1)->result.var), p->h); } else { - const char *class_name, *prop_name; - int prop_name_len; - zend_unmangle_property_name_ex( - str_key, str_key_len - 1, &class_name, &prop_name, &prop_name_len - ); - ZVAL_STRINGL(key, prop_name, prop_name_len, 1); + ZVAL_STR_COPY(EX_VAR((opline+1)->result.var), p->key); } } - - zend_hash_get_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); break; } + do { + pos++; + if (pos >= fe_ht->nNumUsed) { + fe_ht->nInternalPointer = ptr->pos = INVALID_IDX; + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); + } + p = fe_ht->arData + pos; + } while (Z_TYPE(p->val) == IS_UNDEF || + (Z_TYPE(p->val) == IS_INDIRECT && + Z_TYPE_P(Z_INDIRECT(p->val)) == IS_UNDEF)); + fe_ht->nInternalPointer = ptr->pos = pos; + ptr->h = fe_ht->arData[pos].h; + ptr->key = fe_ht->arData[pos].key; + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); + } else if (EXPECTED(Z_TYPE_P(array) == IS_OBJECT)) { + zend_object_iterator *iter; + + if ((iter = zend_iterator_unwrap(array TSRMLS_CC)) == NULL) { + /* plain object */ + zend_object *zobj = Z_OBJ_P(array); - case ZEND_ITER_PLAIN_ARRAY: - fe_ht = Z_ARRVAL_P(array); - zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); - if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { + fe_ht = Z_OBJPROP_P(array); + ptr = (HashPointer*)EX_VAR((opline+1)->op1.var); + pos = ptr->pos; + if (pos == INVALID_IDX) { /* reached end of iteration */ - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); - } - if (key) { - zend_hash_get_current_key_zval(fe_ht, key); + ZEND_VM_JMP(opline->op2.jmp_addr); + } else if (UNEXPECTED(ptr->ht != fe_ht)) { + ptr->ht = fe_ht; + pos = 0; + } else if (UNEXPECTED(fe_ht->nInternalPointer != ptr->pos)) { + if (fe_ht->u.flags & HASH_FLAG_PACKED) { + pos = ptr->h; + } else { + pos = fe_ht->arHash[ptr->h & fe_ht->nTableMask]; + while (1) { + if (pos == INVALID_IDX) { + pos = fe_ht->nInternalPointer; + break; + } else if (fe_ht->arData[pos].h == ptr->h && fe_ht->arData[pos].key == ptr->key) { + break; + } + pos = Z_NEXT(fe_ht->arData[pos].val); + } + } } - zend_hash_move_forward(fe_ht); - zend_hash_get_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); - break; + while (1) { + if (UNEXPECTED(pos >= fe_ht->nNumUsed)) { + /* reached end of iteration */ + ZEND_VM_JMP(opline->op2.jmp_addr); + } + + p = fe_ht->arData + pos; + value = &p->val; + if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) { + pos++; + continue; + } else if (UNEXPECTED(Z_TYPE_P(value) == IS_INDIRECT)) { + value = Z_INDIRECT_P(value); + if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) { + pos++; + continue; + } + } - case ZEND_ITER_OBJECT: + if (UNEXPECTED(!p->key)) { + if (opline->extended_value & ZEND_FE_FETCH_WITH_KEY) { + ZVAL_LONG(EX_VAR((opline+1)->result.var), p->h); + } + break; + } else if (zend_check_property_access(zobj, p->key TSRMLS_CC) == SUCCESS) { + if (opline->extended_value & ZEND_FE_FETCH_WITH_KEY) { + if (p->key->val[0]) { + ZVAL_STR_COPY(EX_VAR((opline+1)->result.var), p->key); + } else { + const char *class_name, *prop_name; + size_t prop_name_len; + zend_unmangle_property_name_ex( + p->key, &class_name, &prop_name, &prop_name_len); + ZVAL_STRINGL(EX_VAR((opline+1)->result.var), prop_name, prop_name_len); + } + } + break; + } + pos++; + } + if (opline->extended_value & ZEND_FE_FETCH_BYREF) { + ZVAL_MAKE_REF(value); + Z_ADDREF_P(value); + ZVAL_REF(EX_VAR(opline->result.var), Z_REF_P(value)); + } else { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + do { + pos++; + if (pos >= fe_ht->nNumUsed) { + fe_ht->nInternalPointer = ptr->pos = INVALID_IDX; + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); + } + p = fe_ht->arData + pos; + } while (Z_TYPE(p->val) == IS_UNDEF || + (Z_TYPE(p->val) == IS_INDIRECT && + Z_TYPE_P(Z_INDIRECT(p->val)) == IS_UNDEF) || + (EXPECTED(p->key != NULL) && + zend_check_property_access(zobj, p->key TSRMLS_CC) == FAILURE)); + fe_ht->nInternalPointer = ptr->pos = pos; + ptr->h = fe_ht->arData[pos].h; + ptr->key = fe_ht->arData[pos].key; + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); + } else { /* !iter happens from exception */ if (iter && ++iter->index > 0) { /* This could cause an endless loop if index becomes zero again. * In case that ever happens we need an additional flag. */ iter->funcs->move_forward(iter TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array); + zval_ptr_dtor(array_ref); HANDLE_EXCEPTION(); } } @@ -13675,47 +16925,45 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG if (!iter || (iter->index > 0 && iter->funcs->valid(iter TSRMLS_CC) == FAILURE)) { /* reached end of iteration */ if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array); + zval_ptr_dtor(array_ref); HANDLE_EXCEPTION(); } - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); } - iter->funcs->get_current_data(iter, &value TSRMLS_CC); + value = iter->funcs->get_current_data(iter TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array); + zval_ptr_dtor(array_ref); HANDLE_EXCEPTION(); } if (!value) { /* failure in get_current_data */ - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); + } + if (opline->extended_value & ZEND_FE_FETCH_BYREF) { + ZVAL_MAKE_REF(value); + Z_ADDREF_P(value); + ZVAL_REF(EX_VAR(opline->result.var), Z_REF_P(value)); + } else { + ZVAL_COPY(EX_VAR(opline->result.var), value); } - if (key) { + if (opline->extended_value & ZEND_FE_FETCH_WITH_KEY) { if (iter->funcs->get_current_key) { - iter->funcs->get_current_key(iter, key TSRMLS_CC); + iter->funcs->get_current_key(iter, EX_VAR((opline+1)->result.var) TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array); + zval_ptr_dtor(array_ref); HANDLE_EXCEPTION(); } } else { - ZVAL_LONG(key, iter->index); + ZVAL_LONG(EX_VAR((opline+1)->result.var), iter->index); } } - break; - } - - if (opline->extended_value & ZEND_FE_FETCH_BYREF) { - SEPARATE_ZVAL_IF_NOT_REF(value); - Z_SET_ISREF_PP(value); - EX_T(opline->result.var).var.ptr_ptr = value; - Z_ADDREF_PP(value); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); + } } else { - PZVAL_LOCK(*value); - AI_SET_PTR(&EX_T(opline->result.var), *value); + zend_error(E_WARNING, "Invalid argument supplied for foreach()"); + ZEND_VM_JMP(opline->op2.jmp_addr); } - - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -13731,9 +16979,9 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); } else { - zend_print_variable(ptr); + zend_print_variable(ptr TSRMLS_CC); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } #endif zend_bailout(); @@ -13745,58 +16993,66 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS USE_OPLINE zend_free_op free_op1; zval *value; + int is_ref = 0; SAVE_OPLINE(); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (i_zend_is_true(value)) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!0) { - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + if (i_zend_is_true(value TSRMLS_CC)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_VAR == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + zval_ptr_dtor_nogc(free_op1.var); } - zval_ptr_dtor(&free_op1.var); -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif ZEND_VM_JMP(opline->op2.jmp_addr); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_JMP_SET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_COALESCE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval *value, *ret; + zval *value; + int is_ref = 0; SAVE_OPLINE(); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (i_zend_is_true(value)) { - if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!0) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + + if (Z_TYPE_P(value) > IS_NULL) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); } + } else if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_VAR == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + zval_ptr_dtor_nogc(free_op1.var); } - zval_ptr_dtor(&free_op1.var); -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif ZEND_VM_JMP(opline->op2.jmp_addr); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13810,60 +17066,126 @@ static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR SAVE_OPLINE(); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!0) { - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(value)) { + ZVAL_COPY(EX_VAR(opline->result.var), Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_VAR == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } } - zval_ptr_dtor(&free_op1.var); - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_QM_ASSIGN_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval *value, *ret; + zval *expr; + zend_bool result; SAVE_OPLINE(); - value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + expr = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + if (Z_TYPE_P(expr) == IS_OBJECT) { + result = instanceof_function(Z_OBJCE_P(expr), Z_CE_P(EX_VAR(opline->op2.var)) TSRMLS_CC); } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!0) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); - } + result = 0; } - - zval_ptr_dtor(&free_op1.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_STRLEN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value; zend_free_op free_op1; - zval *expr; - zend_bool result; SAVE_OPLINE(); - expr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { - result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); + value = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (EXPECTED(Z_TYPE_P(value) == IS_STRING)) { + ZVAL_LONG(EX_VAR(opline->result.var), Z_STRLEN_P(value)); } else { - result = 0; + if (Z_TYPE_P(value) < IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 0); + } else if (Z_TYPE_P(value) == IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 1); + } else if (Z_TYPE_P(value) <= IS_DOUBLE) { + zend_string *str = zval_get_string(value); + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zend_string_release(str); + } else if (Z_TYPE_P(value) == IS_OBJECT) { + zend_string *str; + zval tmp; + + ZVAL_COPY(&tmp, value); + if (parse_arg_object_to_str(&tmp, &str, IS_STRING TSRMLS_CC) == FAILURE) { + goto strlen_error; + } + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zval_dtor(&tmp); + } else { +strlen_error: + zend_error(E_WARNING, "strlen() expects parameter 1 to be string, %s given", zend_get_type_by_const(Z_TYPE_P(value))); + ZVAL_NULL(EX_VAR(opline->result.var)); + } } - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_TYPE_CHECK_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *value; + zend_free_op free_op1; + + SAVE_OPLINE(); + value = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + switch (opline->extended_value) { + case IS_NULL: + case IS_LONG: + case IS_DOUBLE: + case IS_STRING: + case IS_ARRAY: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == opline->extended_value); + break; + case _IS_BOOL: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == IS_TRUE || Z_TYPE_P(value) == IS_FALSE); + break; + case IS_OBJECT: + if (Z_TYPE_P(value) == opline->extended_value) { + zend_class_entry *ce = Z_OBJCE_P(value); + if (ce->name->len == sizeof("__PHP_Incomplete_Class") - 1 + && !strncmp(ce->name->val, "__PHP_Incomplete_Class", ce->name->len)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } else { + ZVAL_TRUE(EX_VAR(opline->result.var)); + } + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + case IS_RESOURCE: + if (Z_TYPE_P(value) == opline->extended_value) { + const char *type_name = zend_rsrc_list_get_rsrc_type(Z_RES_P(value) TSRMLS_CC); + ZVAL_BOOL(EX_VAR(opline->result.var), type_name != NULL); + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + EMPTY_SWITCH_DEFAULT_CASE() + } + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13874,10 +17196,10 @@ static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13889,10 +17211,10 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13904,10 +17226,10 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13919,10 +17241,10 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13934,10 +17256,10 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13949,10 +17271,10 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13964,10 +17286,10 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13979,10 +17301,10 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -13994,10 +17316,10 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H zend_free_op free_op1; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14007,14 +17329,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + fast_is_not_identical_function(result, + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14024,13 +17345,13 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14040,13 +17361,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14056,13 +17377,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14072,13 +17393,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_O { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14090,10 +17411,10 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op1; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14105,10 +17426,10 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14120,10 +17441,10 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14135,10 +17456,10 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDL zend_free_op free_op1; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14148,348 +17469,406 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*b { USE_OPLINE zend_free_op free_op1, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); zval *property = opline->op2.zv; - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = opline->op2.zv; + container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_VAR == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = opline->op2.zv; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = opline->op2.zv; - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_CONST TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = opline->op2.zv; + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = opline->op2.zv; - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14508,90 +17887,72 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_ { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = opline->op2.zv; - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - incdec_op(*zptr); - - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14611,126 +17972,111 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR_CONST(int type, USE_OPLINE zend_free_op free_op1; zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_VAR == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_VAR != IS_CONST) { + zend_string_release(name); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + retval = zend_std_get_static_property(ce, name, 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_VAR == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_VAR != IS_TMP_VAR) { - zval_ptr_dtor(&free_op1.var); - } - break; - case ZEND_FETCH_LOCAL: - zval_ptr_dtor(&free_op1.var); - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_VAR == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { + zval_ptr_dtor_nogc(free_op1.var); } } - - if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_VAR != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14755,7 +18101,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_VAR_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_VAR_CONST(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_VAR_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -14772,24 +18122,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR || IS_VAR == IS_CONST) { - zval *container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); - - zval_ptr_dtor(&free_op1.var); - } else { - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); - - if (IS_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - zval_ptr_dtor(&free_op1.var); - } - } - + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14798,7 +18137,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -14806,24 +18145,16 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HA if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); - - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14832,7 +18163,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -14840,12 +18171,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14854,13 +18185,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_IS TSRMLS_CC); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14868,30 +18199,33 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { if (IS_CONST == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -14901,44 +18235,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCOD { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; @@ -14947,85 +18262,50 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST( zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15035,28 +18315,21 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = opline->op2.zv; container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15070,35 +18343,24 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15106,79 +18368,88 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; zval *property; - zval **container; SAVE_OPLINE(); property = opline->op2.zv; container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_res; - zval **container; - zval *property; + zend_free_op free_op1; + zval *container, *property; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = opline->op2.zv; - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_LIST_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + + zval *value = zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + + ZVAL_COPY(EX_VAR(opline->result.var), value); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT) && + EXPECTED(Z_OBJ_HT_P(container)->read_dimension)) { + zval *result = EX_VAR(opline->result.var); + zval *retval = Z_OBJ_HT_P(container)->read_dimension(container, opline->op2.zv, BP_VAR_R, result TSRMLS_CC); - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + if (retval) { + if (result != retval) { + ZVAL_COPY(result, retval); + } + } else { + ZVAL_NULL(result); + } + } else { + ZVAL_NULL(EX_VAR(opline->result.var)); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15187,26 +18458,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property_name = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -15217,7 +18481,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -15225,68 +18489,47 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zval *property_name = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } } else { zend_free_op free_op_data1, free_op_data2; zval *value; zval *dim = opline->op2.zv; - zval **variable_ptr_ptr; + zval *variable_ptr; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CONST, BP_VAR_W TSRMLS_CC); + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_CONST TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_dim has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -15298,50 +18541,27 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER USE_OPLINE zend_free_op free_op1; zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); value = opline->op2.zv; - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + variable_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CONST TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_CONST == IS_TMP_VAR) { - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (0) { - zval_dtor(value); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_CONST == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_CONST == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_CONST TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - /* zend_assign_to_variable() always takes care of op2, never free it! */ CHECK_EXCEPTION(); @@ -15352,10 +18572,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCO { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -15369,60 +18590,87 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCO zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - call->object = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (UNEXPECTED(EG(exception) != NULL)) { - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + HANDLE_EXCEPTION(); + } - if (IS_CONST != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zval_ptr_dtor_nogc(free_op1.var); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CONST == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CONST != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CONST == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CONST == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op1.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -15433,82 +18681,65 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZE USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_VAR == IS_CONST && IS_CONST == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_VAR != IS_CONST && IS_CONST == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_CONST != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; - - if (IS_CONST == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = opline->op2.zv; + function_name = opline->op2.zv; + if (IS_CONST != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_CONST == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CONST == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_VAR == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_CONST == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_VAR == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_CONST != IS_CONST) { @@ -15518,34 +18749,52 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZE if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_VAR != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_CONST == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -15555,11 +18804,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_A { USE_OPLINE zend_free_op free_op1; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - opline->op2.zv TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -15574,9 +18824,9 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE zend_constant *c; zval *retval; - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - c = CACHED_PTR(opline->op2.literal->cache_slot); - } else if ((c = zend_quick_get_constant(opline->op2.literal + 1, opline->extended_value TSRMLS_CC)) == NULL) { + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + c = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if ((c = zend_quick_get_constant(opline->op2.zv + 1, opline->extended_value TSRMLS_CC)) == NULL) { if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) { char *actual = (char *)zend_memrchr(Z_STRVAL_P(opline->op2.zv), '\\', Z_STRLEN_P(opline->op2.zv)); if(!actual) { @@ -15586,115 +18836,112 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE } /* non-qualified constant - allow text substitution */ zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); - ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); + ZVAL_STRINGL(EX_VAR(opline->result.var), actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv))); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { - CACHE_PTR(opline->op2.literal->cache_slot, c); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), c); } - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); ZVAL_COPY_VALUE(retval, &c->value); - zval_copy_ctor(retval); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + if (Z_OPT_COPYABLE_P(retval) || Z_OPT_REFCOUNTED_P(retval)) { + if (Z_OPT_COPYABLE_P(retval)) { + zval_copy_ctor_func(retval); + } else { + Z_ADDREF_P(retval); + } + } } else { /* class constant */ zend_class_entry *ce; - zval **value; + zval *value; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - value = CACHED_PTR(opline->op2.literal->cache_slot); - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); - } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + value = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + ZVAL_DEREF(value); + ZVAL_DUP(EX_VAR(opline->result.var), value); + goto constant_fetch_end; + } else if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); + } else { + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, opline->extended_value TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } } else { - ce = EX_T(opline->op1.var).class_entry; - if ((value = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce)) != NULL) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + ce = Z_CE_P(EX_VAR(opline->op1.var)); + if ((value = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce)) != NULL) { + ZVAL_DEREF(value); + ZVAL_DUP(EX_VAR(opline->result.var), value); + goto constant_fetch_end; } } - if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { - if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || - (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { - zend_class_entry *old_scope = EG(scope); - + if (EXPECTED((value = zend_hash_find(&ce->constants_table, Z_STR_P(opline->op2.zv))) != NULL)) { + ZVAL_DEREF(value); + if (Z_CONSTANT_P(value)) { EG(scope) = ce; - zval_update_constant(value, (void *) 1 TSRMLS_CC); - EG(scope) = old_scope; + zval_update_constant(value, 1 TSRMLS_CC); + EG(scope) = EX(scope); } if (IS_VAR == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, value); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), value); } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, value); + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce, value); } - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - } else if (Z_STRLEN_P(opline->op2.zv) == sizeof("class")-1 && strcmp(Z_STRVAL_P(opline->op2.zv), "class") == 0) { + ZVAL_DUP(EX_VAR(opline->result.var), value); + } else if (Z_STRLEN_P(opline->op2.zv) == sizeof("class")-1 && memcmp(Z_STRVAL_P(opline->op2.zv), "class", sizeof("class") - 1) == 0) { /* "class" is assigned as a case-sensitive keyword from zend_do_resolve_class_name */ - ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, ce->name, ce->name_length, 1); + ZVAL_STR_COPY(EX_VAR(opline->result.var), ce->name); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } - - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); } +constant_fetch_end: + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); - zval_ptr_dtor(&free_op1.var); - } else if (IS_VAR == IS_CV) { + expr_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); + zval_ptr_dtor_nogc(free_op1.var); + } else if (IS_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -15702,42 +18949,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPC if (IS_CONST != IS_UNUSED) { zval *offset = opline->op2.zv; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -15745,9 +19001,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_VAR != IS_UNUSED @@ -15768,14 +19041,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAND if (IS_VAR == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -15783,54 +19062,45 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAND varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - Z_ADDREF_P(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_VAR != IS_CONST && varname == &tmp) { + if (IS_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_VAR != IS_CONST && varname == &tmp) { + if (IS_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15839,94 +19109,83 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_VAR != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = opline->op2.zv; - if (IS_VAR != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_CONST == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15935,39 +19194,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = opline->op2.zv; - if (IS_VAR != IS_VAR || container) { - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - - } + ZVAL_DEREF(container); + if (IS_VAR == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15975,33 +19221,29 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_VAR == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zend_free_op free_op1; zval tmp, *varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -16009,249 +19251,228 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_CONST_HANDLER(ZEND_OPC zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - zval_ptr_dtor(&free_op1.var); - } + zval_ptr_dtor_nogc(free_op1.var); - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = opline->op2.zv; - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; } } - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - - } else { - - } - - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; + result = ((opline->extended_value & ZEND_ISSET) == 0); } - zval_ptr_dtor(&free_op1.var); - + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = opline->op2.zv; + + if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -16259,52 +19480,38 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } } else { zval *value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; - zval_ptr_dtor(&free_op1.var); - } else { + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -16313,44 +19520,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ zval *key = opline->op2.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -16363,17 +19565,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + opline->op2.zv TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_VAR_CONST(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16384,11 +19606,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16399,11 +19621,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16414,11 +19636,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16429,11 +19651,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16444,11 +19666,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16459,11 +19681,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16474,11 +19696,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16489,11 +19711,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN zend_free_op free_op1, free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16502,15 +19724,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + fast_is_not_identical_function(result, + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16519,14 +19740,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16535,14 +19756,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16551,14 +19772,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16567,14 +19788,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPC { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16585,11 +19806,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16600,11 +19821,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16615,11 +19836,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16630,11 +19851,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1, free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16643,349 +19864,408 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (*bin { USE_OPLINE zend_free_op free_op1, free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); zval *property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_VAR == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_TMP_VAR TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - zval_dtor(free_op2.var); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + goto assign_op_dim_exit; } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); +assign_op_dim_exit: + zval_ptr_dtor_nogc(free_op2.var); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - zval_dtor(free_op2.var); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; + } + + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17004,90 +20284,73 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t { USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); ZVAL_NULL(retval); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - incdec_op(*zptr); - - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17106,24 +20369,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - - if (IS_VAR == IS_TMP_VAR || IS_VAR == IS_CONST) { - zval *container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - zval_ptr_dtor(&free_op1.var); - } else { - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - zval_ptr_dtor(&free_op1.var); - } - } - + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17132,7 +20384,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -17140,24 +20392,16 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAND if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17166,7 +20410,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -17174,12 +20418,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17188,13 +20432,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_IS TSRMLS_CC); - zval_dtor(free_op2.var); - zval_ptr_dtor(&free_op1.var); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17202,30 +20446,33 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1, free_op2; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - zval_dtor(free_op2.var); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { if (IS_TMP_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - zval_ptr_dtor(&free_op1.var); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -17235,44 +20482,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_UNSET TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; @@ -17281,85 +20509,51 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZE zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_dtor(free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17369,28 +20563,21 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17404,35 +20591,25 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_dtor(free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17440,79 +20617,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2, free_res; - zval **container; - zval *property; + zend_free_op free_op1, free_op2; + zval *container, *property; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17521,26 +20674,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property_name); - } else { - zval_dtor(free_op2.var); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -17551,7 +20697,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -17559,69 +20705,47 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zend_free_op free_op2; zval *property_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property_name); - } else { - zval_dtor(free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr; - - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - zval_dtor(free_op2.var); - - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + zval *variable_ptr; + + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_dim has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -17633,50 +20757,27 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_A USE_OPLINE zend_free_op free_op1, free_op2; zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + variable_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_TMP_VAR TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (1) { - zval_dtor(value); + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_TMP_VAR == IS_TMP_VAR) { + zval_ptr_dtor_nogc(free_op2.var); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_TMP_VAR == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_TMP_VAR == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_TMP_VAR TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - /* zend_assign_to_variable() always takes care of op2, never free it! */ CHECK_EXCEPTION(); @@ -17687,10 +20788,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1, free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -17704,61 +20806,88 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_TMP_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_TMP_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_dtor(free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_TMP_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_TMP_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_TMP_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_dtor(free_op2.var); - zval_ptr_dtor(&free_op1.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -17769,119 +20898,120 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_VAR == IS_CONST && IS_TMP_VAR == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_VAR != IS_CONST && IS_TMP_VAR == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_TMP_VAR != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; zend_free_op free_op2; - if (IS_TMP_VAR == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - + function_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + if (IS_TMP_VAR != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_TMP_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_TMP_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_VAR == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_TMP_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_VAR == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_TMP_VAR != IS_CONST) { - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } } else { if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_VAR != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_TMP_VAR == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -17891,13 +21021,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1, free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17906,35 +21037,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCOD { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); - zval_ptr_dtor(&free_op1.var); - } else if (IS_VAR == IS_CV) { + expr_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); + zval_ptr_dtor_nogc(free_op1.var); + } else if (IS_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -17942,42 +21071,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCOD if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -17985,9 +21123,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_VAR != IS_UNUSED @@ -18001,94 +21156,83 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_VAR != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_VAR != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - zval_dtor(free_op2.var); + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (1) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (1) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - zval_dtor(free_op2.var); + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - zval_dtor(free_op2.var); + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + zval_ptr_dtor_nogc(free_op2.var); + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_TMP_VAR == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18097,238 +21241,216 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_VAR != IS_VAR || container) { - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); - } + ZVAL_DEREF(container); + if (IS_VAR == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - zval_dtor(free_op2.var); + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - zval_dtor(free_op2.var); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } } if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; - } + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; - } - } - zval_dtor(free_op2.var); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (1) { - MAKE_REAL_ZVAL_PTR(offset); + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - zval_dtor(free_op2.var); - } else { - zval_dtor(free_op2.var); - } - - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; + result = ((opline->extended_value & ZEND_ISSET) == 0); } - zval_ptr_dtor(&free_op1.var); - + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -18336,52 +21458,38 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } } else { zval *value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; - zval_ptr_dtor(&free_op1.var); - } else { + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -18390,44 +21498,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zval *key = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -18440,17 +21543,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_VAR_TMP(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18461,11 +21584,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18476,11 +21599,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18491,11 +21614,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18506,11 +21629,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_free_op free_op1, free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18521,11 +21644,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18536,11 +21659,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1, free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18551,11 +21674,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18566,11 +21689,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN zend_free_op free_op1, free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18579,15 +21702,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + fast_is_not_identical_function(result, + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18596,14 +21718,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18612,14 +21734,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18628,14 +21750,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18644,14 +21766,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPC { USE_OPLINE zend_free_op free_op1, free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18662,11 +21784,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18677,11 +21799,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18692,11 +21814,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_A zend_free_op free_op1, free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18707,11 +21829,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER zend_free_op free_op1, free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); - zval_ptr_dtor(&free_op2.var); + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18720,349 +21842,408 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (*bin { USE_OPLINE zend_free_op free_op1, free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); zval *property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_VAR == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_VAR TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - zval_ptr_dtor(&free_op2.var); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - ZEND_VM_NEXT_OPCODE(); + goto assign_op_dim_exit; } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); +assign_op_dim_exit: + zval_ptr_dtor_nogc(free_op2.var); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - zval_ptr_dtor(&free_op2.var); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; + } + + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19081,90 +22262,73 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t { USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); ZVAL_NULL(retval); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - incdec_op(*zptr); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19184,126 +22348,111 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR_VAR(int type, ZE USE_OPLINE zend_free_op free_op1; zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_VAR == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_VAR != IS_CONST) { + zend_string_release(name); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + retval = zend_std_get_static_property(ce, name, 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_VAR == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_VAR != IS_TMP_VAR) { - zval_ptr_dtor(&free_op1.var); - } - break; - case ZEND_FETCH_LOCAL: - zval_ptr_dtor(&free_op1.var); - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_VAR == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { + zval_ptr_dtor_nogc(free_op1.var); } } - - if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_VAR != IS_CONST) { + zend_string_release(name); } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); - } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -19328,7 +22477,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_H { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_VAR_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_VAR_VAR(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_VAR_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -19345,24 +22498,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - - if (IS_VAR == IS_TMP_VAR || IS_VAR == IS_CONST) { - zval *container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - zval_ptr_dtor(&free_op1.var); - } else { - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - zval_ptr_dtor(&free_op1.var); - } - } - + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19371,7 +22513,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -19379,24 +22521,16 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAND if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19405,7 +22539,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -19413,12 +22547,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_RW TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19427,13 +22561,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_IS TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - zval_ptr_dtor(&free_op1.var); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19441,30 +22575,33 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1, free_op2; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - zval_ptr_dtor(&free_op2.var); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { if (IS_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - zval_ptr_dtor(&free_op1.var); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -19474,44 +22611,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_UNSET TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; @@ -19520,85 +22638,51 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZE zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_ptr_dtor(&free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19608,28 +22692,21 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19643,35 +22720,25 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_ptr_dtor(&free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19679,79 +22746,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2, free_res; - zval **container; - zval *property; + zend_free_op free_op1, free_op2; + zval *container, *property; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19760,26 +22803,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -19790,7 +22826,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -19798,69 +22834,47 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zend_free_op free_op2; zval *property_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { - zval_ptr_dtor(&free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr; - - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_VAR, BP_VAR_W TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + zval *dim = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + zval *variable_ptr; + + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_dim has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -19872,52 +22886,29 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_A USE_OPLINE zend_free_op free_op1, free_op2; zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); - value = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_VAR TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + value = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + variable_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (0) { - zval_dtor(value); + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_VAR == IS_TMP_VAR) { + zval_ptr_dtor_nogc(free_op2.var); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_VAR == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_VAR == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_VAR TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - /* zend_assign_to_variable() always takes care of op2, never free it! */ - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -19927,51 +22918,60 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval **variable_ptr_ptr; - zval **value_ptr_ptr; + zval *variable_ptr; + zval *value_ptr; SAVE_OPLINE(); - value_ptr_ptr = _get_zval_ptr_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + value_ptr = _get_zval_ptr_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); if (IS_VAR == IS_VAR && - value_ptr_ptr && - !Z_ISREF_PP(value_ptr_ptr) && opline->extended_value == ZEND_RETURNS_FUNCTION && - !EX_T(opline->op2.var).var.fcall_returned_reference) { - if (free_op2.var == NULL) { - PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */ + !(Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF) && + !Z_ISREF_P(value_ptr)) { + if (!(free_op2.var != NULL)) { + PZVAL_LOCK(value_ptr); /* undo the effect of get_zval_ptr_ptr() */ } zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { - if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + if (free_op2.var) {zval_ptr_dtor_nogc(free_op2.var);}; HANDLE_EXCEPTION(); } return ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - PZVAL_LOCK(*value_ptr_ptr); + if (!(free_op2.var != NULL)) { + PZVAL_LOCK(value_ptr); + } } - if (IS_VAR == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { + + variable_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && + UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT) && + UNEXPECTED(!Z_ISREF_P(variable_ptr))) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if ((IS_VAR == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || - (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { + if ((IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) || + (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } - zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); + if ((IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) || + (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == &EG(error_zval)))) { + variable_ptr = &EG(uninitialized_zval); + } else { + zend_assign_to_variable_reference(variable_ptr, value_ptr TSRMLS_CC); + } if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - Z_DELREF_PP(variable_ptr_ptr); + if (!(free_op2.var != NULL)) { + Z_DELREF_P(variable_ptr); + } } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*variable_ptr_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), variable_ptr); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + if (free_op2.var) {zval_ptr_dtor_nogc(free_op2.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -19981,10 +22981,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1, free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -19998,61 +22999,88 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; + + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); - if (IS_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); - } + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op2.var); - zval_ptr_dtor(&free_op1.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -20063,119 +23091,120 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_VAR == IS_CONST && IS_VAR == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_VAR != IS_CONST && IS_VAR == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_VAR != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; zend_free_op free_op2; - if (IS_VAR == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - + function_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + if (IS_VAR != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_VAR == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_VAR == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_VAR != IS_CONST) { - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } } else { if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_VAR != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_VAR == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -20185,13 +23214,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG { USE_OPLINE zend_free_op free_op1, free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -20200,35 +23230,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCOD { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); - zval_ptr_dtor(&free_op1.var); - } else if (IS_VAR == IS_CV) { + expr_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); + zval_ptr_dtor_nogc(free_op1.var); + } else if (IS_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -20236,42 +23264,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCOD if (IS_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -20279,9 +23316,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_VAR != IS_UNUSED @@ -20302,14 +23356,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLE if (IS_VAR == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -20317,54 +23377,45 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLE varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - Z_ADDREF_P(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_VAR != IS_CONST && varname == &tmp) { + if (IS_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_VAR != IS_CONST && varname == &tmp) { + if (IS_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -20373,94 +23424,83 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_VAR != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_VAR != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - zval_ptr_dtor(&free_op2.var); + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - zval_ptr_dtor(&free_op2.var); + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - zval_ptr_dtor(&free_op2.var); + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + zval_ptr_dtor_nogc(free_op2.var); + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_VAR == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -20469,39 +23509,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_VAR != IS_VAR || container) { - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); - } + ZVAL_DEREF(container); + if (IS_VAR == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - zval_ptr_dtor(&free_op2.var); + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - zval_ptr_dtor(&free_op2.var); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - + zval_ptr_dtor_nogc(free_op2.var); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -20509,33 +23536,29 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_VAR == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zend_free_op free_op1; zval tmp, *varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -20543,249 +23566,230 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_VAR_HANDLER(ZEND_OPCOD zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - zval_ptr_dtor(&free_op1.var); - } + zval_ptr_dtor_nogc(free_op1.var); - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } } if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; - } + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; - } + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - zval_ptr_dtor(&free_op2.var); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - zval_ptr_dtor(&free_op2.var); - } else { - zval_ptr_dtor(&free_op2.var); - } - - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; + result = ((opline->extended_value & ZEND_ISSET) == 0); } - zval_ptr_dtor(&free_op1.var); - + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -20793,52 +23797,38 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } } else { zval *value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; - zval_ptr_dtor(&free_op1.var); - } else { + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -20847,45 +23837,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zval *key = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); + zval_ptr_dtor_nogc(free_op2.var); + } else { + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); } - - generator->key = copy; - } else { - Z_ADDREF_P(key); - generator->key = key; } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - - zval_ptr_dtor(&free_op2.var); } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -20898,260 +23882,352 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_VAR_VAR(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); zval *property = NULL; - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = NULL; + container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_VAR == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = NULL; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = NULL; - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_UNUSED TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = NULL; + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR_UNUSED(int type, ZEND_OPCODE_HANDLER_ARGS) @@ -21159,126 +24235,111 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR_UNUSED(int type, USE_OPLINE zend_free_op free_op1; zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_VAR == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_VAR != IS_CONST) { + zend_string_release(name); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + retval = zend_std_get_static_property(ce, name, 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_VAR == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_VAR != IS_TMP_VAR) { - zval_ptr_dtor(&free_op1.var); - } - break; - case ZEND_FETCH_LOCAL: - zval_ptr_dtor(&free_op1.var); - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_VAR == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { + zval_ptr_dtor_nogc(free_op1.var); } } - - if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_VAR != IS_CONST) { + zend_string_release(name); } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); - } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -21303,7 +24364,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCOD { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_VAR_UNUSED(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_VAR_UNUSED(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_VAR_UNUSED(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -21320,7 +24385,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -21328,24 +24393,16 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_H if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); - - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21354,7 +24411,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -21362,12 +24419,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_ if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21375,30 +24432,33 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { if (IS_UNUSED == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_R TSRMLS_CC); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -21408,7 +24468,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -21416,68 +24476,47 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HA if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zval *property_name = NULL; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } } else { zend_free_op free_op_data1, free_op_data2; zval *value; zval *dim = NULL; - zval **variable_ptr_ptr; + zval *variable_ptr; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_UNUSED TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_dim has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -21489,82 +24528,65 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(Z USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_VAR == IS_CONST && IS_UNUSED == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_VAR != IS_CONST && IS_UNUSED == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_UNUSED != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; - if (IS_UNUSED == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = NULL; - + function_name = NULL; + if (IS_UNUSED != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_UNUSED == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_UNUSED == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_VAR == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_UNUSED == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_UNUSED == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_VAR == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_UNUSED != IS_CONST) { @@ -21574,34 +24596,52 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(Z if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_VAR != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_UNUSED == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -21611,35 +24651,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OP { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); - zval_ptr_dtor(&free_op1.var); - } else if (IS_VAR == IS_CV) { + expr_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); + zval_ptr_dtor_nogc(free_op1.var); + } else if (IS_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -21647,42 +24685,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OP if (IS_UNUSED != IS_UNUSED) { zval *offset = NULL; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_UNUSED == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_UNUSED != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -21690,9 +24737,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_VAR != IS_UNUSED @@ -21713,14 +24777,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HAN if (IS_VAR == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -21728,54 +24798,45 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HAN varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - Z_ADDREF_P(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_VAR != IS_CONST && varname == &tmp) { + if (IS_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_VAR != IS_CONST && varname == &tmp) { + if (IS_VAR != IS_CONST) { zval_dtor(&tmp); - } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { - zval_ptr_dtor(&varname); } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21783,33 +24844,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_VAR == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zend_free_op free_op1; zval tmp, *varname = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -21817,71 +24874,58 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_UNUSED_HANDLER(ZEND_OP zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_VAR == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - zval_ptr_dtor(&free_op1.var); - } + zval_ptr_dtor_nogc(free_op1.var); - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } static int ZEND_FASTCALL ZEND_SEPARATE_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *var_ptr, *new_zv; + zval *var_ptr; SAVE_OPLINE(); - var_ptr = EX_T(opline->op1.var).var.ptr; + var_ptr = EX_VAR(opline->op1.var); if (Z_TYPE_P(var_ptr) != IS_OBJECT && - !PZVAL_IS_REF(var_ptr) && - Z_REFCOUNT_P(var_ptr) > 1) { + !Z_ISREF_P(var_ptr) && + Z_REFCOUNTED_P(var_ptr) && + Z_REFCOUNT_P(var_ptr) > 1) { Z_DELREF_P(var_ptr); - ALLOC_ZVAL(new_zv); - INIT_PZVAL_COPY(new_zv, var_ptr); - var_ptr = new_zv; - zval_copy_ctor(var_ptr); - EX_T(opline->op1.var).var.ptr = var_ptr; + ZVAL_DUP(EX_VAR(opline->op1.var), var_ptr); } ZEND_VM_NEXT_OPCODE(); } @@ -21890,47 +24934,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -21938,52 +24976,38 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } } else { zval *value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; - zval_ptr_dtor(&free_op1.var); - } else { + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -21992,44 +25016,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER zval *key = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_UNUSED == IS_VAR || IS_UNUSED == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_UNUSED == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -22042,16 +25061,21 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22063,10 +25087,10 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22078,10 +25102,10 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22093,10 +25117,10 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22108,10 +25132,10 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22123,10 +25147,10 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22138,10 +25162,10 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op1; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22153,10 +25177,10 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22168,10 +25192,10 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND zend_free_op free_op1; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22181,14 +25205,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_ptr_dtor(&free_op1.var); + fast_is_not_identical_function(result, + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22198,13 +25221,13 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22214,13 +25237,13 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22230,13 +25253,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22246,13 +25269,13 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op1; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); - zval_ptr_dtor(&free_op1.var); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22264,10 +25287,10 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op1; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22279,10 +25302,10 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22294,10 +25317,10 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op1; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22309,10 +25332,10 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op1; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22322,348 +25345,406 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (*bina { USE_OPLINE zend_free_op free_op1, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); zval *property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_VAR == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_CV TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - CHECK_EXCEPTION(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_VAR_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22682,90 +25763,72 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t i { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_VAR != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); - - incdec_op(*zptr); - - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22784,24 +25847,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_VAR == IS_TMP_VAR || IS_VAR == IS_CONST) { - zval *container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); - - zval_ptr_dtor(&free_op1.var); - } else { - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); - - if (IS_VAR == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - zval_ptr_dtor(&free_op1.var); - } - } - + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22810,7 +25862,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -22818,24 +25870,16 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDL if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); - - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22844,7 +25888,7 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -22852,12 +25896,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22866,13 +25910,13 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_IS TSRMLS_CC); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22880,30 +25924,33 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { if (IS_CV == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -22913,44 +25960,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; @@ -22959,85 +25987,50 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEN zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23047,28 +26040,21 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23082,35 +26068,24 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } - zval_ptr_dtor(&free_op1.var); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23118,79 +26093,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_res; - zval **container; - zval *property; + zend_free_op free_op1; + zval *container, *property; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_VAR == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_VAR, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + if (IS_VAR == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23199,26 +26150,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + object = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); property_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_VAR == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -23229,7 +26173,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1; - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); @@ -23237,68 +26181,47 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zval *property_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_VAR, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } } else { zend_free_op free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zval **variable_ptr_ptr; + zval *dim = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + zval *variable_ptr; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CV, BP_VAR_W TSRMLS_CC); + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_CV TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; /* assign_dim has two opcodes! */ CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); @@ -23310,50 +26233,27 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE zend_free_op free_op1; zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + variable_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CV TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_CV == IS_TMP_VAR) { - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (0) { - zval_dtor(value); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_CV == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_CV == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_CV TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - /* zend_assign_to_variable() always takes care of op2, never free it! */ CHECK_EXCEPTION(); @@ -23363,20 +26263,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_AR static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2; - zval **variable_ptr_ptr; - zval **value_ptr_ptr; + zend_free_op free_op1; + zval *variable_ptr; + zval *value_ptr; SAVE_OPLINE(); - value_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op2.var TSRMLS_CC); + value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op2.var TSRMLS_CC); if (IS_CV == IS_VAR && - value_ptr_ptr && - !Z_ISREF_PP(value_ptr_ptr) && opline->extended_value == ZEND_RETURNS_FUNCTION && - !EX_T(opline->op2.var).var.fcall_returned_reference) { - if (free_op2.var == NULL) { - PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */ + !(Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF) && + !Z_ISREF_P(value_ptr)) { + if (!0) { + PZVAL_LOCK(value_ptr); /* undo the effect of get_zval_ptr_ptr() */ } zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { @@ -23385,29 +26284,39 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE } return ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - PZVAL_LOCK(*value_ptr_ptr); + if (!0) { + PZVAL_LOCK(value_ptr); + } } - if (IS_VAR == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { + + variable_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && + UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT) && + UNEXPECTED(!Z_ISREF_P(variable_ptr))) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if ((IS_CV == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || - (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { + if ((IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) || + (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } - zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); + if ((IS_VAR == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) || + (IS_CV == IS_VAR && UNEXPECTED(value_ptr == &EG(error_zval)))) { + variable_ptr = &EG(uninitialized_zval); + } else { + zend_assign_to_variable_reference(variable_ptr, value_ptr TSRMLS_CC); + } if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - Z_DELREF_PP(variable_ptr_ptr); + if (!0) { + Z_DELREF_P(variable_ptr); + } } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*variable_ptr_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), variable_ptr); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -23417,10 +26326,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_ { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op1; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -23434,60 +26344,87 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_ zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - call->object = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CV == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + zval_ptr_dtor_nogc(free_op1.var); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CV != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CV == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CV == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); + } + } + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op1.var); + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -23498,82 +26435,65 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_ USE_OPLINE zval *function_name; zend_class_entry *ce; - call_slot *call = EX(call_slots) + opline->result.num; + zend_object *object; + zend_function *fbc; SAVE_OPLINE(); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ - if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } - call->called_scope = ce; } else { - ce = EX_T(opline->op1.var).class_entry; - - if (opline->extended_value == ZEND_FETCH_CLASS_PARENT || opline->extended_value == ZEND_FETCH_CLASS_SELF) { - call->called_scope = EG(called_scope); - } else { - call->called_scope = ce; - } + ce = Z_CE_P(EX_VAR(opline->op1.var)); } if (IS_VAR == IS_CONST && IS_CV == IS_CONST && - CACHED_PTR(opline->op2.literal->cache_slot)) { - call->fbc = CACHED_PTR(opline->op2.literal->cache_slot); + CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + fbc = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else if (IS_VAR != IS_CONST && IS_CV == IS_CONST && - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce))) { + (fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce))) { /* do nothing */ } else if (IS_CV != IS_UNUSED) { - char *function_name_strval = NULL; - int function_name_strlen = 0; - if (IS_CV == IS_CONST) { - function_name_strval = Z_STRVAL_P(opline->op2.zv); - function_name_strlen = Z_STRLEN_P(opline->op2.zv); - } else { - function_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - + function_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + if (IS_CV != IS_CONST) { if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } zend_error_noreturn(E_ERROR, "Function name must be a string"); - } else { - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); } } - if (function_name_strval) { - if (ce->get_static_method) { - call->fbc = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + if (ce->get_static_method) { + fbc = ce->get_static_method(ce, Z_STR_P(function_name) TSRMLS_CC); + } else { + fbc = zend_std_get_static_method(ce, Z_STR_P(function_name), ((IS_CV == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + } + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CV == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { + if (IS_VAR == IS_CONST) { + CACHE_PTR(Z_CACHE_SLOT_P(function_name), fbc); } else { - call->fbc = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - } - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); - } - if (IS_CV == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) { - if (IS_VAR == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, call->fbc); - } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, call->fbc); - } + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), ce, fbc); } } if (IS_CV != IS_CONST) { @@ -23583,34 +26503,52 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_ if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } - if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); + if (Z_OBJ(EX(This)) && Z_OBJ(EX(This))->ce != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name->val); } - call->fbc = ce->constructor; + fbc = ce->constructor; } - if (call->fbc->common.fn_flags & ZEND_ACC_STATIC) { - call->object = NULL; - } else { - if (EG(This) && - Z_OBJ_HT_P(EG(This))->get_class_entry && - !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) { + object = NULL; + if (!(fbc->common.fn_flags & ZEND_ACC_STATIC)) { + if (Z_OBJ(EX(This))) { + object = Z_OBJ(EX(This)); + GC_REFCOUNT(object)++; + } + if (!object || + !instanceof_function(object->ce, ce TSRMLS_CC)) { /* We are calling method of the other (incompatible) class, but passing $this. This is done for compatibility with php-4. */ - if (call->fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { - zend_error(E_DEPRECATED, "Non-static method %s::%s() should not be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + zend_error( + object ? E_DEPRECATED : E_STRICT, + "Non-static method %s::%s() should not be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } else { /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically, assuming $this from incompatible context", call->fbc->common.scope->name, call->fbc->common.function_name); + zend_error_noreturn( + E_ERROR, + "Non-static method %s::%s() cannot be called statically%s", + fbc->common.scope->name->val, fbc->common.function_name->val, + object ? ", assuming $this from incompatible context" : ""); } } - if ((call->object = EG(This))) { - Z_ADDREF_P(call->object); - call->called_scope = Z_OBJCE_P(call->object); + } + + if (IS_VAR != IS_CONST) { + /* previous opcode is ZEND_FETCH_CLASS */ + if ((opline-1)->extended_value == ZEND_FETCH_CLASS_PARENT || (opline-1)->extended_value == ZEND_FETCH_CLASS_SELF) { + ce = EX(called_scope); } } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, ce, object, EX(call) TSRMLS_CC); + + if (IS_CV == IS_UNUSED) { + EX(call)->return_value = NULL; + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -23620,11 +26558,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zend_free_op free_op1; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -23634,35 +26573,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1; - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - - if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); - zval_ptr_dtor(&free_op1.var); - } else if (IS_VAR == IS_CV) { + expr_ptr = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_VAR == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); + zval_ptr_dtor_nogc(free_op1.var); + } else if (IS_VAR == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -23670,42 +26607,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE if (IS_CV != IS_UNUSED) { zval *offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -23713,9 +26659,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_VAR != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_VAR != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_VAR == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_VAR != IS_UNUSED @@ -23729,94 +26692,83 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_VAR != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_VAR != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_CV == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23825,238 +26777,214 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); container = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_VAR != IS_VAR || container) { - if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - - } + ZVAL_DEREF(container); + if (IS_VAR == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_var_fast(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_VAR != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; } } - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - - } else { - - } - - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; + result = ((opline->extended_value & ZEND_ISSET) == 0); } - zval_ptr_dtor(&free_op1.var); - + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_VAR == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + zval_ptr_dtor_nogc(free_op1.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_VAR != IS_UNUSED) { zend_free_op free_op1; - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); if (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -24064,52 +26992,38 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_VAR == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_VAR == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + if (free_op1.var) {zval_ptr_dtor_nogc(free_op1.var);}; } } else { zval *value = _get_zval_ptr_var(opline->op1.var, execute_data, &free_op1 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; - zval_ptr_dtor(&free_op1.var); - } else { + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); + zval_ptr_dtor_nogc(free_op1.var); + } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_VAR == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -24118,44 +27032,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG zval *key = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -24168,6 +27077,26 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_var_deref(opline->op1.var, execute_data, &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op1.var); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_VAR_CV(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -24178,10 +27107,10 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_object_clone_obj_t clone_call; SAVE_OPLINE(); - obj = _get_obj_zval_ptr_unused(TSRMLS_C); + obj = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); if (IS_UNUSED == IS_CONST || - UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { + (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT))) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } @@ -24193,7 +27122,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARG clone_call = Z_OBJ_HT_P(obj)->clone_obj; if (UNEXPECTED(clone_call == NULL)) { if (ce) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); + zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name->val); } else { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object"); } @@ -24203,30 +27132,22 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARG if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (UNEXPECTED(ce != EG(scope))) { - zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(ce != EX(scope))) { + zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EG(scope)))) { - zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EX(scope)))) { + zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } } if (EXPECTED(EG(exception) == NULL)) { - zval *retval; - - ALLOC_ZVAL(retval); - Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(retval) = IS_OBJECT; - Z_SET_REFCOUNT_P(retval, 1); - Z_SET_ISREF_P(retval); + ZVAL_OBJ(EX_VAR(opline->result.var), clone_call(obj TSRMLS_CC)); if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&retval); - } else { - AI_SET_PTR(&EX_T(opline->result.var), retval); + zval_ptr_dtor(EX_VAR(opline->result.var)); } } @@ -24247,7 +27168,7 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); } else { - zend_print_variable(ptr); + zend_print_variable(ptr TSRMLS_CC); } } @@ -24260,104 +27181,85 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int { USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *object; + zval *object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); zval *property = opline->op2.zv; - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } @@ -24367,178 +27269,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - - if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_UNUSED == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = opline->op2.zv; + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_UNUSED == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_UNUSED == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = opline->op2.zv; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = opline->op2.zv; - var_ptr = NULL; - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_CONST TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = opline->op2.zv; + var_ptr = NULL; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = opline->op2.zv; - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -24547,59 +27539,46 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incde /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -24619,25 +27598,25 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd { USE_OPLINE - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = opline->op2.zv; - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); @@ -24648,60 +27627,42 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - incdec_op(*zptr); - - } - } + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -24717,7 +27678,7 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCOD return zend_post_incdec_property_helper_SPEC_UNUSED_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -24726,81 +27687,48 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CON zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -24812,26 +27740,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCOD USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = opline->op2.zv; - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -24847,34 +27768,24 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCOD zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -24882,78 +27793,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCOD static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; zval *property; - zval **container; SAVE_OPLINE(); property = opline->op2.zv; - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_res; - zval **container; - zval *property; + zend_free_op free_op1; + zval *container, *property; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = opline->op2.zv; - if (IS_UNUSED == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -24962,25 +27850,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_ { USE_OPLINE - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property_name = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_UNUSED, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -24991,17 +27872,13 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); SAVE_OPLINE(); if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_char_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } add_char_to_string(str, str, opline->op2.zv); @@ -25014,17 +27891,13 @@ static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); SAVE_OPLINE(); if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } add_string_to_string(str, str, opline->op2.zv); @@ -25038,10 +27911,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_O { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -25055,58 +27929,84 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_O zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - call->object = _get_obj_zval_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CONST != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CONST == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CONST != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CONST == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CONST == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); + } + } + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ } - call->is_ctor_call = 0; - EX(call) = call; + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); @@ -25122,9 +28022,9 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPC zend_constant *c; zval *retval; - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - c = CACHED_PTR(opline->op2.literal->cache_slot); - } else if ((c = zend_quick_get_constant(opline->op2.literal + 1, opline->extended_value TSRMLS_CC)) == NULL) { + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + c = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + } else if ((c = zend_quick_get_constant(opline->op2.zv + 1, opline->extended_value TSRMLS_CC)) == NULL) { if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) { char *actual = (char *)zend_memrchr(Z_STRVAL_P(opline->op2.zv), '\\', Z_STRLEN_P(opline->op2.zv)); if(!actual) { @@ -25134,87 +28034,103 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPC } /* non-qualified constant - allow text substitution */ zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); - ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); + ZVAL_STRINGL(EX_VAR(opline->result.var), actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv))); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { - CACHE_PTR(opline->op2.literal->cache_slot, c); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), c); } - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); ZVAL_COPY_VALUE(retval, &c->value); - zval_copy_ctor(retval); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + if (Z_OPT_COPYABLE_P(retval) || Z_OPT_REFCOUNTED_P(retval)) { + if (Z_OPT_COPYABLE_P(retval)) { + zval_copy_ctor_func(retval); + } else { + Z_ADDREF_P(retval); + } + } } else { /* class constant */ zend_class_entry *ce; - zval **value; + zval *value; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - value = CACHED_PTR(opline->op2.literal->cache_slot); - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } else if (CACHED_PTR(opline->op1.literal->cache_slot)) { - ce = CACHED_PTR(opline->op1.literal->cache_slot); - } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + value = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); + ZVAL_DEREF(value); + ZVAL_DUP(EX_VAR(opline->result.var), value); + goto constant_fetch_end; + } else if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op1.zv)); + } else { + ce = zend_fetch_class_by_name(Z_STR_P(opline->op1.zv), opline->op1.zv + 1, opline->extended_value TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } - CACHE_PTR(opline->op1.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op1.zv), ce); } } else { - ce = EX_T(opline->op1.var).class_entry; - if ((value = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce)) != NULL) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + ce = Z_CE_P(EX_VAR(opline->op1.var)); + if ((value = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce)) != NULL) { + ZVAL_DEREF(value); + ZVAL_DUP(EX_VAR(opline->result.var), value); + goto constant_fetch_end; } } - if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { - if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || - (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { - zend_class_entry *old_scope = EG(scope); - + if (EXPECTED((value = zend_hash_find(&ce->constants_table, Z_STR_P(opline->op2.zv))) != NULL)) { + ZVAL_DEREF(value); + if (Z_CONSTANT_P(value)) { EG(scope) = ce; - zval_update_constant(value, (void *) 1 TSRMLS_CC); - EG(scope) = old_scope; + zval_update_constant(value, 1 TSRMLS_CC); + EG(scope) = EX(scope); } if (IS_UNUSED == IS_CONST) { - CACHE_PTR(opline->op2.literal->cache_slot, value); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), value); } else { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, ce, value); + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce, value); } - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); - } else if (Z_STRLEN_P(opline->op2.zv) == sizeof("class")-1 && strcmp(Z_STRVAL_P(opline->op2.zv), "class") == 0) { + ZVAL_DUP(EX_VAR(opline->result.var), value); + } else if (Z_STRLEN_P(opline->op2.zv) == sizeof("class")-1 && memcmp(Z_STRVAL_P(opline->op2.zv), "class", sizeof("class") - 1) == 0) { /* "class" is assigned as a case-sensitive keyword from zend_do_resolve_class_name */ - ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, ce->name, ce->name_length, 1); + ZVAL_STR_COPY(EX_VAR(opline->result.var), ce->name); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } - - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); } +constant_fetch_end: + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_UNUSED != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_UNUSED != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_UNUSED == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_UNUSED != IS_UNUSED @@ -25228,89 +28144,79 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_UNUSED != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = opline->op2.zv; - if (IS_UNUSED != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_CONST == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { } @@ -25323,235 +28229,214 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_H { USE_OPLINE - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = opline->op2.zv; - if (IS_UNUSED != IS_VAR || container) { - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - - } + ZVAL_DEREF(container); + if (IS_UNUSED == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = opline->op2.zv; - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; } } - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + offset = opline->op2.zv; + + if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_UNUSED != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = NULL; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_UNUSED != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_UNUSED == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -25559,51 +28444,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDL /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_UNUSED == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_UNUSED == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_UNUSED == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -25612,44 +28483,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDL zval *key = opline->op2.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -25662,108 +28528,95 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDL ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2, free_op_data1; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *object; + zval *object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); zval *property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); } @@ -25773,179 +28626,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (* ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - - if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_UNUSED == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_UNUSED == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_UNUSED == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - var_ptr = NULL; - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_TMP_VAR TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - zval_dtor(free_op2.var); + goto assign_op_dim_exit; + } - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: + zval_ptr_dtor_nogc(free_op2.var); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + var_ptr = NULL; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - zval_dtor(free_op2.var); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -25954,59 +28896,47 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_ /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -26026,27 +28956,27 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); ZVAL_NULL(retval); CHECK_EXCEPTION(); @@ -26055,60 +28985,43 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); - - incdec_op(*zptr); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - } - } + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -26124,7 +29037,7 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_ return zend_post_incdec_property_helper_SPEC_UNUSED_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -26133,81 +29046,49 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_dtor(free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -26219,26 +29100,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_ USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -26254,34 +29128,25 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_ zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_dtor(free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -26289,78 +29154,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2, free_res; - zval **container; - zval *property; + zend_free_op free_op1, free_op2; + zval *container, *property; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_UNUSED == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -26369,25 +29211,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property_name); - } else { - zval_dtor(free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_UNUSED, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -26399,7 +29234,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op2; - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); zval *var; zval var_copy; int use_copy = 0; @@ -26409,18 +29244,17 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDL if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } if (Z_TYPE_P(var) != IS_STRING) { - zend_make_printable_zval(var, &var_copy, &use_copy); + ZVAL_DEREF(var); + if (Z_TYPE_P(var) != IS_STRING) { + use_copy = zend_make_printable_zval(var, &var_copy TSRMLS_CC); - if (use_copy) { - var = &var_copy; + if (use_copy) { + var = &var_copy; + } } } add_string_to_string(str, str, var); @@ -26434,7 +29268,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDL * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're * string offsets or overloaded objects */ - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -26444,10 +29278,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPC { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -26461,60 +29296,86 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPC zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - call->object = _get_obj_zval_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_TMP_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_TMP_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_dtor(free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_TMP_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_TMP_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_TMP_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); + } + } + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ } - call->is_ctor_call = 0; - EX(call) = call; - zval_dtor(free_op2.var); + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -26522,9 +29383,26 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPC static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_UNUSED != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_UNUSED != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_UNUSED == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_UNUSED != IS_UNUSED @@ -26538,91 +29416,81 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_UNUSED != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_UNUSED != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - zval_dtor(free_op2.var); + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (1) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (1) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - zval_dtor(free_op2.var); + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - zval_dtor(free_op2.var); + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + zval_ptr_dtor_nogc(free_op2.var); + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_TMP_VAR == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } CHECK_EXCEPTION(); @@ -26633,235 +29501,216 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_UNUSED != IS_VAR || container) { - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); - } + ZVAL_DEREF(container); + if (IS_UNUSED == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - zval_dtor(free_op2.var); + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - zval_dtor(free_op2.var); } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } } if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; - } + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; - } + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - zval_dtor(free_op2.var); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - zval_dtor(free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - zval_dtor(free_op2.var); + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_UNUSED != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = NULL; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_UNUSED != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_UNUSED == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -26869,51 +29718,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_UNUSED == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_UNUSED == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_UNUSED == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -26922,44 +29757,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER zval *key = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -26972,108 +29802,95 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2, free_op_data1; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *object; + zval *object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); zval *property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); } @@ -27083,179 +29900,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (* ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - - if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_UNUSED == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_UNUSED == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_UNUSED == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - var_ptr = NULL; - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_VAR TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - zval_ptr_dtor(&free_op2.var); + goto assign_op_dim_exit; + } - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: + zval_ptr_dtor_nogc(free_op2.var); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + var_ptr = NULL; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - zval_ptr_dtor(&free_op2.var); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -27264,59 +30170,47 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_ /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -27336,27 +30230,27 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); ZVAL_NULL(retval); CHECK_EXCEPTION(); @@ -27365,60 +30259,43 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - incdec_op(*zptr); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -27434,7 +30311,7 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_ return zend_post_incdec_property_helper_SPEC_UNUSED_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -27443,81 +30320,49 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_ptr_dtor(&free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -27529,26 +30374,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_ USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -27564,34 +30402,25 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_ zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_ptr_dtor(&free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -27599,78 +30428,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2, free_res; - zval **container; - zval *property; + zend_free_op free_op1, free_op2; + zval *container, *property; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_UNUSED == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -27679,25 +30485,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { - zval_ptr_dtor(&free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_UNUSED, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -27709,7 +30508,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op2; - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); zval *var; zval var_copy; int use_copy = 0; @@ -27719,18 +30518,17 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDL if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } if (Z_TYPE_P(var) != IS_STRING) { - zend_make_printable_zval(var, &var_copy, &use_copy); + ZVAL_DEREF(var); + if (Z_TYPE_P(var) != IS_STRING) { + use_copy = zend_make_printable_zval(var, &var_copy TSRMLS_CC); - if (use_copy) { - var = &var_copy; + if (use_copy) { + var = &var_copy; + } } } add_string_to_string(str, str, var); @@ -27744,7 +30542,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDL * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're * string offsets or overloaded objects */ - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -27754,10 +30552,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPC { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -27771,60 +30570,86 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPC zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - call->object = _get_obj_zval_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op2.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -27832,9 +30657,26 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPC static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_UNUSED != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_UNUSED != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_UNUSED == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_UNUSED != IS_UNUSED @@ -27848,91 +30690,81 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_UNUSED != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_UNUSED != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - zval_ptr_dtor(&free_op2.var); + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - zval_ptr_dtor(&free_op2.var); + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - zval_ptr_dtor(&free_op2.var); + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + zval_ptr_dtor_nogc(free_op2.var); + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_VAR == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } CHECK_EXCEPTION(); @@ -27943,235 +30775,216 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_UNUSED != IS_VAR || container) { - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); - } + ZVAL_DEREF(container); + if (IS_UNUSED == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - zval_ptr_dtor(&free_op2.var); + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - zval_ptr_dtor(&free_op2.var); } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } } if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; - } + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; - } - } - zval_ptr_dtor(&free_op2.var); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - zval_ptr_dtor(&free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - zval_ptr_dtor(&free_op2.var); + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_UNUSED != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = NULL; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_UNUSED != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_UNUSED == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -28179,51 +30992,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_UNUSED == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_UNUSED == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_UNUSED == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -28232,45 +31031,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER zval *key = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); + zval_ptr_dtor_nogc(free_op2.var); + } else { + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); } - - generator->key = copy; - } else { - Z_ADDREF_P(key); - generator->key = key; } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - - zval_ptr_dtor(&free_op2.var); } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -28283,108 +31076,94 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *object; + zval *object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); zval *property = NULL; - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } @@ -28394,155 +31173,263 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - - if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_UNUSED == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = NULL; + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_UNUSED == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_UNUSED == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = NULL; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = NULL; - var_ptr = NULL; - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_UNUSED TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = NULL; + var_ptr = NULL; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_UNUSED != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_UNUSED != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_UNUSED == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_UNUSED != IS_UNUSED @@ -28556,47 +31443,41 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_UNUSED != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = NULL; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_UNUSED != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_UNUSED == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -28604,51 +31485,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HAND /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_UNUSED == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_UNUSED == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_UNUSED == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -28657,44 +31524,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HAND zval *key = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_UNUSED == IS_VAR || IS_UNUSED == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_UNUSED == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -28707,108 +31569,94 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HAND ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *object; + zval *object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); zval *property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } @@ -28818,178 +31666,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*b ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - - if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_UNUSED == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_UNUSED == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_UNUSED == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - var_ptr = NULL; - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_CV TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + var_ptr = NULL; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_UNUSED == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_UNUSED_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -28998,59 +31936,46 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -29070,25 +31995,25 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ { USE_OPLINE - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_UNUSED != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); @@ -29099,60 +32024,42 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); - - incdec_op(*zptr); - - } - } + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -29168,7 +32075,7 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_H return zend_post_incdec_property_helper_SPEC_UNUSED_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -29177,81 +32084,48 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV( zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -29263,26 +32137,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_H USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -29298,34 +32165,24 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_H zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -29333,78 +32190,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_res; - zval **container; - zval *property; + zend_free_op free_op1; + zval *container, *property; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_UNUSED == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_UNUSED, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); - } - if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_UNUSED == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -29413,25 +32247,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); property_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_UNUSED, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -29443,7 +32270,7 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - zval *str = &EX_T(opline->result.var).tmp_var; + zval *str = EX_VAR(opline->result.var); zval *var; zval var_copy; int use_copy = 0; @@ -29453,18 +32280,17 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLE if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ - Z_STRVAL_P(str) = NULL; - Z_STRLEN_P(str) = 0; - Z_TYPE_P(str) = IS_STRING; - - INIT_PZVAL(str); + ZVAL_EMPTY_STRING(str); } if (Z_TYPE_P(var) != IS_STRING) { - zend_make_printable_zval(var, &var_copy, &use_copy); + ZVAL_DEREF(var); + if (Z_TYPE_P(var) != IS_STRING) { + use_copy = zend_make_printable_zval(var, &var_copy TSRMLS_CC); - if (use_copy) { - var = &var_copy; + if (use_copy) { + var = &var_copy; + } } } add_string_to_string(str, str, var); @@ -29487,10 +32313,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCO { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -29504,58 +32331,84 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCO zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); - call->object = _get_obj_zval_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CV == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CV != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CV == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CV == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); @@ -29564,9 +32417,26 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCO static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_UNUSED != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_UNUSED != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_UNUSED == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_UNUSED != IS_UNUSED @@ -29580,89 +32450,79 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_UNUSED != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_UNUSED != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_CV == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { } @@ -29675,235 +32535,214 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_UNUSED != IS_VAR || container) { - if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - - } + ZVAL_DEREF(container); + if (IS_UNUSED == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_UNUSED != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; } } - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(execute_data TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_UNUSED == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_UNUSED != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = NULL; - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_UNUSED != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = NULL; + zval *value_ptr = NULL; if (IS_UNUSED == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -29911,51 +32750,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_UNUSED == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_UNUSED == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_UNUSED == IS_CV || IS_UNUSED == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_UNUSED == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -29964,44 +32789,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ zval *key = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -30014,14 +32834,19 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_UNUSED_CV(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE SAVE_OPLINE(); - bitwise_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC) TSRMLS_CC); + bitwise_not_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -30033,8 +32858,8 @@ static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); - boolean_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC) TSRMLS_CC); + boolean_not_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -30044,42 +32869,38 @@ static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **var_ptr; + zval *var_ptr; SAVE_OPLINE(); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { + + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + fast_increment_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); } + ZEND_VM_NEXT_OPCODE(); + } + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_increment_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); - } else { - fast_increment_function(*var_ptr); - } + increment_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } CHECK_EXCEPTION(); @@ -30090,42 +32911,38 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **var_ptr; + zval *var_ptr; SAVE_OPLINE(); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { + + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + fast_decrement_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); } + ZEND_VM_NEXT_OPCODE(); + } + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_decrement_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); - } else { - fast_decrement_function(*var_ptr); - } + decrement_function(var_ptr); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } CHECK_EXCEPTION(); @@ -30136,40 +32953,37 @@ static int ZEND_FASTCALL ZEND_POST_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE - zval **var_ptr, *retval; + zval *var_ptr; SAVE_OPLINE(); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { - ZVAL_NULL(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + fast_increment_function(var_ptr); ZEND_VM_NEXT_OPCODE(); } - retval = &EX_T(opline->result.var).tmp_var; - ZVAL_COPY_VALUE(retval, *var_ptr); - zendi_zval_copy_ctor(*retval); - - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_increment_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); + if (UNEXPECTED(Z_ISREF_P(var_ptr))) { + var_ptr = Z_REFVAL_P(var_ptr); + ZVAL_DUP(EX_VAR(opline->result.var), var_ptr); } else { - fast_increment_function(*var_ptr); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + zval_opt_copy_ctor(var_ptr); } + increment_function(var_ptr); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -30178,40 +32992,37 @@ static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE - zval **var_ptr, *retval; + zval *var_ptr; SAVE_OPLINE(); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { - ZVAL_NULL(&EX_T(opline->result.var).tmp_var); - CHECK_EXCEPTION(); + if (EXPECTED(Z_TYPE_P(var_ptr) == IS_LONG)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + fast_decrement_function(var_ptr); ZEND_VM_NEXT_OPCODE(); } - retval = &EX_T(opline->result.var).tmp_var; - ZVAL_COPY_VALUE(retval, *var_ptr); - zendi_zval_copy_ctor(*retval); - - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(val); - fast_decrement_function(val); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); - zval_ptr_dtor(&val); + if (UNEXPECTED(Z_ISREF_P(var_ptr))) { + var_ptr = Z_REFVAL_P(var_ptr); + ZVAL_DUP(EX_VAR(opline->result.var), var_ptr); } else { - fast_decrement_function(*var_ptr); + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), var_ptr); + zval_opt_copy_ctor(var_ptr); } + decrement_function(var_ptr); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -30223,12 +33034,9 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zval *z; SAVE_OPLINE(); - z = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + z = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) { - INIT_PZVAL(z); - } - zend_print_variable(z); + zend_print_variable(z TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -30238,7 +33046,7 @@ static int ZEND_FASTCALL ZEND_PRINT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); + ZVAL_LONG(EX_VAR(opline->result.var), 1); return ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } @@ -30247,29 +33055,30 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *val; - int ret; SAVE_OPLINE(); - val = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); + val = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CV == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (!ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + opline++; + } else { + opline = opline->op2.jmp_addr; } - ZEND_VM_NEXT_OPCODE(); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -30277,29 +33086,30 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *val; - int ret; SAVE_OPLINE(); - val = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + val = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - ret = Z_LVAL_P(val); - } else { - ret = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CV == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - if (ret) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + opline = opline->op2.jmp_addr; + } else { + opline++; } - ZEND_VM_NEXT_OPCODE(); + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -30307,33 +33117,30 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *val; - int retval; SAVE_OPLINE(); - val = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); + val = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CV == IS_TMP_VAR) { + if (EXPECTED(Z_TYPE_P(val) == IS_TRUE)) { + ZEND_VM_SET_RELATIVE_OPCODE(opline, opline->extended_value); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - if (EXPECTED(retval != 0)) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on true to %d\n", opline->extended_value); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + + if (i_zend_is_true(val TSRMLS_CC)) { + opline = (zend_op*)(((char*)opline) + opline->extended_value); } else { -#if DEBUG_ZEND>=2 - printf("Conditional jmp on false to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.opline_num]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ + opline = opline->op2.jmp_addr; + } + + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -30341,30 +33148,34 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *val; - int retval; SAVE_OPLINE(); - val = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + val = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CV == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (!retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline++; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; } - ZEND_VM_NEXT_OPCODE(); + + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -30372,30 +33183,33 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS USE_OPLINE zval *val; - int retval; SAVE_OPLINE(); - val = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + val = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { - retval = Z_LVAL_P(val); - } else { - retval = i_zend_is_true(val); - - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + if (IS_CV == IS_TMP_VAR) { + if (Z_TYPE_P(val) == IS_TRUE) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); + ZEND_VM_CONTINUE(); + } else if (EXPECTED(Z_TYPE_P(val) <= IS_TRUE)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + ZEND_VM_SET_OPCODE(opline + 1); + ZEND_VM_CONTINUE(); } } - Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (retval) { -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif - ZEND_VM_SET_OPCODE(opline->op2.jmp_addr); - ZEND_VM_CONTINUE(); + if (i_zend_is_true(val TSRMLS_CC)) { + ZVAL_TRUE(EX_VAR(opline->result.var)); + opline = opline->op2.jmp_addr; + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + opline++; } - ZEND_VM_NEXT_OPCODE(); + + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } + ZEND_VM_JMP(opline); } static int ZEND_FASTCALL ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -30407,34 +33221,23 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); retval_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (!EG(return_value_ptr_ptr)) { + if (!EX(return_value)) { } else { - if (IS_CV == IS_CONST || - IS_CV == IS_TMP_VAR || - PZVAL_IS_REF(retval_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - if (IS_CV != IS_TMP_VAR) { - zval_copy_ctor(ret); + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(EX(return_value)))) { + zval_copy_ctor_func(EX(return_value)); + } } - *EG(return_value_ptr_ptr) = ret; - - } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && - retval_ptr == &EG(uninitialized_zval)) { - zval *ret; + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(retval_ptr)) { + ZVAL_COPY(EX(return_value), Z_REFVAL_P(retval_ptr)); - if (IS_CV == IS_VAR) { - Z_DELREF_P(retval_ptr); - } - ALLOC_INIT_ZVAL(ret); - *EG(return_value_ptr_ptr) = ret; } else { - *EG(return_value_ptr_ptr) = retval_ptr; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); if (IS_CV == IS_CV) { - Z_ADDREF_P(retval_ptr); + if (Z_OPT_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } } } @@ -30445,66 +33248,56 @@ static int ZEND_FASTCALL ZEND_RETURN_BY_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zval *retval_ptr; - zval **retval_ptr_ptr; SAVE_OPLINE(); do { - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR || + (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_VALUE)) { /* Not supposed to happen, but we'll allow it */ zend_error(E_NOTICE, "Only variable references should be returned by reference"); retval_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (!EG(return_value_ptr_ptr)) { + if (!EX(return_value)) { if (IS_CV == IS_TMP_VAR) { } - } else if (!0) { /* Not a temp var */ - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; } else { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, retval_ptr); - *EG(return_value_ptr_ptr) = ret; + ZVAL_COPY_VALUE(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (IS_CV != IS_TMP_VAR) { + zval_opt_copy_ctor_no_imm(EX(return_value)); + } } break; } - retval_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + retval_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(retval_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } - if (IS_CV == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) { + if (IS_CV == IS_VAR && !Z_ISREF_P(retval_ptr)) { if (opline->extended_value == ZEND_RETURNS_FUNCTION && - EX_T(opline->op1.var).var.fcall_returned_reference) { - } else if (EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + (Z_VAR_FLAGS_P(retval_ptr) & IS_VAR_RET_REF)) { + } else { zend_error(E_NOTICE, "Only variable references should be returned by reference"); - if (EG(return_value_ptr_ptr)) { - zval *ret; - - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, *retval_ptr_ptr); - zval_copy_ctor(ret); - *EG(return_value_ptr_ptr) = ret; + if (EX(return_value)) { + ZVAL_NEW_REF(EX(return_value), retval_ptr); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; + if (Z_REFCOUNTED_P(retval_ptr)) Z_ADDREF_P(retval_ptr); } break; } } - if (EG(return_value_ptr_ptr)) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr); - Z_ADDREF_PP(retval_ptr_ptr); - - *EG(return_value_ptr_ptr) = *retval_ptr_ptr; + if (EX(return_value)) { + ZVAL_MAKE_REF(retval_ptr); + Z_ADDREF_P(retval_ptr); + ZVAL_REF(EX(return_value), Z_REF_P(retval_ptr)); + Z_VAR_FLAGS_P(EX(return_value)) = IS_VAR_RET_REF; } } while (0); @@ -30515,11 +33308,10 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zval *value; - zval *exception; SAVE_OPLINE(); - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { if (UNEXPECTED(EG(exception) != NULL)) { @@ -30529,49 +33321,34 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } zend_exception_save(TSRMLS_C); - /* Not sure if a complete copy is what we want here */ - ALLOC_ZVAL(exception); - INIT_PZVAL_COPY(exception, value); - if (!0) { - zval_copy_ctor(exception); + if (IS_CV != IS_TMP_VAR) { + if (Z_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - zend_throw_exception_object(exception TSRMLS_CC); + zend_throw_exception_object(value TSRMLS_CC); zend_exception_restore(TSRMLS_C); HANDLE_EXCEPTION(); } -static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *varptr; - - varptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zval *varptr, *arg; - if (varptr == &EG(uninitialized_zval)) { - if (IS_CV == IS_VAR) { - Z_DELREF_P(varptr); - } - ALLOC_INIT_ZVAL(varptr); - } else if (PZVAL_IS_REF(varptr)) { - if (IS_CV == IS_CV || - (IS_CV == IS_VAR && Z_REFCOUNT_P(varptr) > 2)) { - zval *original_var = varptr; - ALLOC_ZVAL(varptr); - INIT_PZVAL_COPY(varptr, original_var); - zval_copy_ctor(varptr); + varptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(varptr)) { + ZVAL_COPY(arg, Z_REFVAL_P(varptr)); - } else { - Z_UNSET_ISREF_P(varptr); + } else { + ZVAL_COPY_VALUE(arg, varptr); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(arg)) Z_ADDREF_P(arg); } - } else if (IS_CV == IS_CV) { - Z_ADDREF_P(varptr); } - zend_vm_stack_push(varptr TSRMLS_CC); - - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -30579,42 +33356,41 @@ static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE - zval *varptr; + zval *varptr, *arg; SAVE_OPLINE(); if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */ if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) { - return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } + } else { + if (!ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + return ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } - } else if (!ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { - return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } varptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) || - EX_T(opline->op1.var).var.fcall_returned_reference) && - varptr != &EG(uninitialized_zval) && - (PZVAL_IS_REF(varptr) || Z_REFCOUNT_P(varptr) == 1)) { - Z_SET_ISREF_P(varptr); + (Z_VAR_FLAGS_P(varptr) & IS_VAR_RET_REF)) && + (Z_ISREF_P(varptr) || Z_TYPE_P(varptr) == IS_OBJECT)) { + + ZVAL_MAKE_REF(varptr); if (IS_CV == IS_CV) { Z_ADDREF_P(varptr); } - zend_vm_stack_push(varptr TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY_VALUE(arg, varptr); } else { - zval *valptr; - if ((opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) ? !(opline->extended_value & ZEND_ARG_SEND_SILENT) : - !ARG_MAY_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { + !ARG_MAY_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { zend_error(E_STRICT, "Only variables should be passed by reference"); } - ALLOC_ZVAL(valptr); - INIT_PZVAL_COPY(valptr, varptr); - if (!0) { - zval_copy_ctor(valptr); - } + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + ZVAL_COPY(arg, varptr); - zend_vm_stack_push(valptr TSRMLS_CC); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -30624,59 +33400,148 @@ static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE - zval **varptr_ptr; - zval *varptr; + zval *varptr, *arg; SAVE_OPLINE(); - varptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + varptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && UNEXPECTED(varptr_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(varptr == NULL)) { zend_error_noreturn(E_ERROR, "Only variables can be passed by reference"); } - if (IS_CV == IS_VAR && UNEXPECTED(*varptr_ptr == &EG(error_zval))) { - ALLOC_INIT_ZVAL(varptr); - zend_vm_stack_push(varptr TSRMLS_CC); - CHECK_EXCEPTION(); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + if (IS_CV == IS_VAR && UNEXPECTED(varptr == &EG(error_zval))) { + ZVAL_NEW_REF(arg, &EG(uninitialized_zval)); ZEND_VM_NEXT_OPCODE(); } - if (opline->extended_value == ZEND_DO_FCALL_BY_NAME && - EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && - !ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { - return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (Z_ISREF_P(varptr)) { + Z_ADDREF_P(varptr); + ZVAL_COPY_VALUE(arg, varptr); + } else if (IS_CV == IS_VAR && + UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT)) { + ZVAL_COPY_VALUE(arg, varptr); + ZVAL_MAKE_REF(arg); + } else { + ZVAL_MAKE_REF(varptr); + Z_ADDREF_P(varptr); + ZVAL_REF(arg, Z_REF_P(varptr)); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr); - varptr = *varptr_ptr; - Z_ADDREF_P(varptr); - zend_vm_stack_push(varptr TSRMLS_CC); - - CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_SEND_VAR_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *varptr, *arg; - if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME) - && ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, opline->op2.opline_num)) { + + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { return ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } - SAVE_OPLINE(); - return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + varptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + arg = ZEND_CALL_ARG(EX(call), opline->op2.num); + EX(call)->num_args = opline->op2.num; + if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(varptr)) { + ZVAL_COPY(arg, Z_REFVAL_P(varptr)); + + } else { + ZVAL_COPY_VALUE(arg, varptr); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(arg)) Z_ADDREF_P(arg); + } + } + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_SEND_USER_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zval *arg, *param, tmp; + + + arg = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + param = ZEND_CALL_ARG(EX(call), opline->op2.num); + + if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + // TODO: Scalar values don't have reference counters anymore. + // They are assumed to be 1, and they may be easily passed by + // reference now. However, previously scalars with refcount==1 + // might be passed and with refcount>1 might not. We can support + // only single behavior ??? +#if 0 + if (Z_REFCOUNTED_P(arg) && + // This solution breaks the following test (omit warning message) ??? + // Zend/tests/bug61273.phpt + // ext/reflection/tests/bug42976.phpt + // ext/standard/tests/general_functions/call_user_func_array_variation_001.phpt +#else + if (!Z_REFCOUNTED_P(arg) || + // This solution breaks the following test (emit warning message) ??? + // ext/pdo_sqlite/tests/pdo_005.phpt +#endif + (!Z_ISREF_P(arg) /*&& Z_REFCOUNT_P(arg) > 1???*/)) { + + if (!ARG_MAY_BE_SENT_BY_REF(EX(call)->func, opline->op2.num)) { + + zend_error(E_WARNING, "Parameter %d to %s%s%s() expected to be a reference, value given", + opline->op2.num, + EX(call)->func->common.scope ? EX(call)->func->common.scope->name->val : "", + EX(call)->func->common.scope ? "::" : "", + EX(call)->func->common.function_name->val); + + if (EX(call)->func->common.fn_flags & ZEND_ACC_CLOSURE) { + OBJ_RELEASE((zend_object*)EX(call)->func->common.prototype); + } + if (Z_OBJ(EX(call)->This)) { + OBJ_RELEASE(Z_OBJ(EX(call)->This)); + } + EX(call)->func = (zend_function*)&zend_pass_function; + EX(call)->called_scope = NULL; + Z_OBJ(EX(call)->This) = NULL; + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + + if (Z_REFCOUNTED_P(arg)) { + Z_DELREF_P(arg); + } + ZVAL_DUP(&tmp, arg); + ZVAL_NEW_REF(arg, &tmp); + Z_ADDREF_P(arg); + } else if (!Z_ISREF_P(arg)) { + ZVAL_NEW_REF(arg, arg); + Z_ADDREF_P(arg); + } else if (Z_REFCOUNTED_P(arg)) { + Z_ADDREF_P(arg); + } + ZVAL_COPY_VALUE(param, arg); + } else if (Z_ISREF_P(arg) && + /* don't separate references for __call */ + (EX(call)->func->common.fn_flags & ZEND_ACC_CALL_VIA_HANDLER) == 0) { + ZVAL_DUP(param, Z_REFVAL_P(arg)); + } else { + ZVAL_COPY(param, arg); + } + + EX(call)->num_args = opline->op2.num; + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *retval = EX_VAR(opline->result.var); SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC))); + ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC) TSRMLS_CC)); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -30692,10 +33557,10 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_object_clone_obj_t clone_call; SAVE_OPLINE(); - obj = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + obj = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_CONST || - UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { + (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT))) { if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } @@ -30707,7 +33572,7 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) clone_call = Z_OBJ_HT_P(obj)->clone_obj; if (UNEXPECTED(clone_call == NULL)) { if (ce) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); + zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name->val); } else { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object"); } @@ -30717,30 +33582,22 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (UNEXPECTED(ce != EG(scope))) { - zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(ce != EX(scope))) { + zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EG(scope)))) { - zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + if (UNEXPECTED(!zend_check_protected(zend_get_function_root_class(clone), EX(scope)))) { + zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name->val, EX(scope) ? EX(scope)->name->val : ""); } } } if (EXPECTED(EG(exception) == NULL)) { - zval *retval; - - ALLOC_ZVAL(retval); - Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(retval) = IS_OBJECT; - Z_SET_REFCOUNT_P(retval, 1); - Z_SET_ISREF_P(retval); + ZVAL_OBJ(EX_VAR(opline->result.var), clone_call(obj TSRMLS_CC)); if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&retval); - } else { - AI_SET_PTR(&EX_T(opline->result.var), retval); + zval_ptr_dtor(EX_VAR(opline->result.var)); } } @@ -30753,54 +33610,95 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *expr; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - expr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + expr = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (opline->extended_value != IS_STRING) { - ZVAL_COPY_VALUE(result, expr); - if (!0) { - zendi_zval_copy_ctor(*result); - } - } switch (opline->extended_value) { case IS_NULL: - convert_to_null(result); + /* This code is taken from convert_to_null. However, it does not seems very useful, + * because a conversion to null always results in the same value. This could only + * be relevant if a cast_object handler for IS_NULL has some kind of side-effect. */ +#if 0 + if (IS_CV == IS_VAR || IS_CV == IS_CV) { + ZVAL_DEREF(expr); + } + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->cast_object) { + if (Z_OBJ_HT_P(expr)->cast_object(expr, result, IS_NULL TSRMLS_CC) == SUCCESS) { + break; + } + } +#endif + + ZVAL_NULL(result); break; - case IS_BOOL: - convert_to_boolean(result); + case _IS_BOOL: + ZVAL_BOOL(result, zend_is_true(expr TSRMLS_CC)); break; case IS_LONG: - convert_to_long(result); + ZVAL_LONG(result, zval_get_long(expr)); break; case IS_DOUBLE: - convert_to_double(result); + ZVAL_DOUBLE(result, zval_get_double(expr)); + break; + case IS_STRING: + ZVAL_STR(result, zval_get_string(expr)); break; - case IS_STRING: { - zval var_copy; - int use_copy; + default: + /* If value is already of correct type, return it directly */ + if (Z_TYPE_P(expr) == opline->extended_value) { + ZVAL_COPY_VALUE(result, expr); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(result))) { + zval_copy_ctor_func(result); + } + } else if (IS_CV != IS_TMP_VAR) { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } - zend_make_printable_zval(expr, &var_copy, &use_copy); - if (use_copy) { - ZVAL_COPY_VALUE(result, &var_copy); - if (0) { + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } + if (opline->extended_value == IS_ARRAY) { + if (Z_TYPE_P(expr) != IS_OBJECT) { + ZVAL_NEW_ARR(result); + zend_hash_init(Z_ARRVAL_P(result), 8, NULL, ZVAL_PTR_DTOR, 0); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_index_add_new(Z_ARRVAL_P(result), 0, expr); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + Z_ADDREF_P(result); + convert_to_array(result); } } else { - ZVAL_COPY_VALUE(result, expr); - if (!0) { - zendi_zval_copy_ctor(*result); + if (Z_TYPE_P(expr) != IS_ARRAY) { + object_init(result); + if (Z_TYPE_P(expr) != IS_NULL) { + expr = zend_hash_str_add_new(Z_OBJPROP_P(result), "scalar", sizeof("scalar")-1, expr); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(expr))) { + zval_copy_ctor_func(expr); + } + } else { + if (Z_OPT_REFCOUNTED_P(expr)) Z_ADDREF_P(expr); + } + } + } else { + ZVAL_COPY_VALUE(result, expr); + zval_opt_copy_ctor(result); + convert_to_object(result); } } - break; - } - case IS_ARRAY: - convert_to_array(result); - break; - case IS_OBJECT: - convert_to_object(result); - break; } CHECK_EXCEPTION(); @@ -30813,18 +33711,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL zend_op_array *new_op_array=NULL; zval *inc_filename; - zval *tmp_inc_filename = NULL; + zval tmp_inc_filename; zend_bool failure_retval=0; SAVE_OPLINE(); inc_filename = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (inc_filename->type!=IS_STRING) { - MAKE_STD_ZVAL(tmp_inc_filename); - ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename); - zval_copy_ctor(tmp_inc_filename); - convert_to_string(tmp_inc_filename); - inc_filename = tmp_inc_filename; + ZVAL_UNDEF(&tmp_inc_filename); + if (Z_TYPE_P(inc_filename) != IS_STRING) { + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); + inc_filename = &tmp_inc_filename; } if (opline->extended_value != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { @@ -30840,9 +33736,9 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL zend_file_handle file_handle; char *resolved_path; - resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC); + resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), (int)Z_STRLEN_P(inc_filename) TSRMLS_CC); if (resolved_path) { - failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1); + failure_retval = zend_hash_str_exists(&EG(included_files), resolved_path, (int)strlen(resolved_path)); } else { resolved_path = Z_STRVAL_P(inc_filename); } @@ -30855,7 +33751,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL file_handle.opened_path = estrdup(resolved_path); } - if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) { + if (zend_hash_str_add_empty_element(&EG(included_files), file_handle.opened_path, (int)strlen(file_handle.opened_path))) { new_op_array = zend_compile_file(&file_handle, (opline->extended_value==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC); zend_destroy_file_handle(&file_handle TSRMLS_CC); } else { @@ -30888,55 +33784,47 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL EMPTY_SWITCH_DEFAULT_CASE() } } - if (tmp_inc_filename) { + if (Z_TYPE(tmp_inc_filename) != IS_UNDEF) { zval_ptr_dtor(&tmp_inc_filename); } if (UNEXPECTED(EG(exception) != NULL)) { HANDLE_EXCEPTION(); } else if (EXPECTED(new_op_array != NULL)) { - EX(original_return_value) = EG(return_value_ptr_ptr); - EG(active_op_array) = new_op_array; + zval *return_value = NULL; + zend_execute_data *call; + if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr = NULL; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; - } else { - EG(return_value_ptr_ptr) = NULL; + return_value = EX_VAR(opline->result.var); } - EX(function_state).function = (zend_function *) new_op_array; - EX(object) = NULL; + call = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_CODE, + (zend_function*)new_op_array, 0, EX(called_scope), Z_OBJ(EX(This)), NULL TSRMLS_CC); - if (!EG(active_symbol_table)) { - zend_rebuild_symbol_table(TSRMLS_C); + if (EX(symbol_table)) { + call->symbol_table = EX(symbol_table); + } else { + call->symbol_table = zend_rebuild_symbol_table(TSRMLS_C); } + call->prev_execute_data = execute_data; + i_init_code_execute_data(call, new_op_array, return_value TSRMLS_CC); if (EXPECTED(zend_execute_ex == execute_ex)) { ZEND_VM_ENTER(); } else { - zend_execute(new_op_array TSRMLS_CC); + call->frame_info = VM_FRAME_TOP_CODE; + zend_execute_ex(call TSRMLS_CC); } - EX(function_state).function = (zend_function *) EX(op_array); - - EG(opline_ptr) = &EX(opline); - EG(active_op_array) = EX(op_array); - EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); - efree(new_op_array); + efree_size(new_op_array, sizeof(zend_op_array)); if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } else if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_BOOL(retval, failure_retval); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_BOOL(EX_VAR(opline->result.var), failure_retval); } ZEND_VM_NEXT_OPCODE(); } @@ -30945,7 +33833,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE - zval *array_ptr, **array_ptr_ptr; + zval *array_ptr, *array_ref, iterator, tmp; HashTable *fe_ht; zend_object_iterator *iter = NULL; zend_class_entry *ce = NULL; @@ -30954,104 +33842,119 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); if ((IS_CV == IS_CV || IS_CV == IS_VAR) && - (opline->extended_value & ZEND_FE_RESET_VARIABLE)) { - array_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - MAKE_STD_ZVAL(array_ptr); - ZVAL_NULL(array_ptr); - } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { - if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { - zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); - } - - ce = Z_OBJCE_PP(array_ptr_ptr); - if (!ce || ce->get_iterator == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - Z_ADDREF_PP(array_ptr_ptr); + (opline->extended_value & ZEND_FE_FETCH_BYREF)) { + array_ptr = array_ref = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + ZVAL_DEREF(array_ptr); + if (Z_TYPE_P(array_ptr) == IS_ARRAY) { + SEPARATE_ARRAY(array_ptr); + if (!Z_ISREF_P(array_ref)) { + ZVAL_NEW_REF(array_ref, array_ref); + array_ptr = Z_REFVAL_P(array_ref); + } + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); + } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { + ce = Z_OBJCE_P(array_ptr); + if (ce->get_iterator == NULL) { + Z_ADDREF_P(array_ptr); } - array_ptr = *array_ptr_ptr; + array_ref = array_ptr; } else { - if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) { - SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); - if (opline->extended_value & ZEND_FE_FETCH_BYREF) { - Z_SET_ISREF_PP(array_ptr_ptr); - } - } - array_ptr = *array_ptr_ptr; - Z_ADDREF_P(array_ptr); + if (Z_REFCOUNTED_P(array_ref)) Z_ADDREF_P(array_ref); } } else { - array_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (0) { /* IS_TMP_VAR */ - zval *tmp; - - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - array_ptr = tmp; + array_ptr = array_ref = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + ZVAL_DEREF(array_ptr); + if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&tmp, array_ptr); + if (Z_OPT_IMMUTABLE_P(&tmp)) { + zval_copy_ctor_func(&tmp); + } + array_ref = array_ptr = &tmp; if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); if (ce && ce->get_iterator) { - Z_DELREF_P(array_ptr); + Z_DELREF_P(array_ref); } } } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { ce = Z_OBJCE_P(array_ptr); - if (!ce || !ce->get_iterator) { + if (!ce->get_iterator) { if (IS_CV == IS_CV) { - Z_ADDREF_P(array_ptr); + Z_ADDREF_P(array_ref); } } - } else if (IS_CV == IS_CONST || - (IS_CV == IS_CV && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 1) || - (IS_CV == IS_VAR && - !Z_ISREF_P(array_ptr) && - Z_REFCOUNT_P(array_ptr) > 2)) { - zval *tmp; - - if (IS_CV == IS_VAR) { - Z_DELREF_P(array_ptr); + } else if (Z_IMMUTABLE_P(array_ref)) { + if (IS_CV == IS_CV) { + zval_copy_ctor_func(array_ref); + Z_ADDREF_P(array_ref); + } else { + ZVAL_COPY_VALUE(&tmp, array_ref); + zval_copy_ctor_func(&tmp); + array_ptr = array_ref = &tmp; + } + } else if (Z_REFCOUNTED_P(array_ref)) { + if (IS_CV == IS_CONST || + (IS_CV == IS_CV && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 1) || + (IS_CV == IS_VAR && + !Z_ISREF_P(array_ref) && + Z_REFCOUNT_P(array_ref) > 2)) { + if (IS_CV == IS_VAR) { + Z_DELREF_P(array_ref); + } + ZVAL_DUP(&tmp, array_ref); + array_ptr = array_ref = &tmp; + } else if (IS_CV == IS_CV || IS_CV == IS_VAR) { + if (Z_ISREF_P(array_ref) && Z_REFCOUNT_P(array_ref) == 1) { + ZVAL_UNREF(array_ref); + array_ptr = array_ref; + } + if (Z_IMMUTABLE_P(array_ptr)) { + zval_copy_ctor_func(array_ptr); + } else if (Z_ISREF_P(array_ref) && + Z_COPYABLE_P(array_ptr) && + Z_REFCOUNT_P(array_ptr) > 1) { + Z_DELREF_P(array_ptr); + zval_copy_ctor_func(array_ptr); + } + if (IS_CV == IS_CV) { + Z_ADDREF_P(array_ref); + } } - ALLOC_ZVAL(tmp); - INIT_PZVAL_COPY(tmp, array_ptr); - zval_copy_ctor(tmp); - array_ptr = tmp; - } else if (IS_CV == IS_CV) { - Z_ADDREF_P(array_ptr); } } if (ce && ce->get_iterator) { - iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); + iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_FETCH_BYREF TSRMLS_CC); - if (IS_CV == IS_VAR && !(opline->extended_value & ZEND_FE_RESET_VARIABLE)) { + if (IS_CV == IS_VAR && !(opline->extended_value & ZEND_FE_FETCH_BYREF)) { } if (iter && EXPECTED(EG(exception) == NULL)) { - array_ptr = zend_iterator_wrap(iter TSRMLS_CC); + ZVAL_OBJ(&iterator, &iter->std); + array_ptr = array_ref = &iterator; } else { - if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } if (!EG(exception)) { - zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); + zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name->val); } zend_throw_exception_internal(NULL TSRMLS_CC); HANDLE_EXCEPTION(); } } - EX_T(opline->result.var).fe.ptr = array_ptr; + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), array_ref); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + zval_ptr_dtor(array_ref); + if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } HANDLE_EXCEPTION(); @@ -31059,44 +33962,56 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&array_ptr); - if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + zval_ptr_dtor(array_ref); + if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { - zend_hash_internal_pointer_reset(fe_ht); - if (ce) { - zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC); - while (zend_hash_has_more_elements(fe_ht) == SUCCESS) { - char *str_key; - uint str_key_len; - ulong int_key; - zend_uchar key_type; - - key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL); - if (key_type != HASH_KEY_NON_EXISTENT && - (key_type == HASH_KEY_IS_LONG || - zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) { - break; + HashPointer *ptr = (HashPointer*)EX_VAR((opline+2)->op1.var); + HashPosition pos = 0; + Bucket *p; + + while (1) { + if (pos >= fe_ht->nNumUsed) { + is_empty = 1; + if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { + } - zend_hash_move_forward(fe_ht); + ZEND_VM_JMP(opline->op2.jmp_addr); + } + p = fe_ht->arData + pos; + if (Z_TYPE(p->val) == IS_UNDEF || + (Z_TYPE(p->val) == IS_INDIRECT && + Z_TYPE_P(Z_INDIRECT(p->val)) == IS_UNDEF)) { + pos++; + continue; + } + if (!ce || + !p->key || + zend_check_property_access(Z_OBJ_P(array_ptr), p->key TSRMLS_CC) == SUCCESS) { + break; } + pos++; } - is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS; - zend_hash_get_pointer(fe_ht, &EX_T(opline->result.var).fe.fe_pos); + fe_ht->nInternalPointer = pos; + ptr->pos = pos; + ptr->ht = fe_ht; + ptr->h = fe_ht->arData[pos].h; + ptr->key = fe_ht->arData[pos].key; + is_empty = 0; } else { zend_error(E_WARNING, "Invalid argument supplied for foreach()"); is_empty = 1; } - if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_RESET_VARIABLE) { + if (IS_CV == IS_VAR && opline->extended_value & ZEND_FE_FETCH_BYREF) { } if (is_empty) { - ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); + ZEND_VM_JMP(opline->op2.jmp_addr); } else { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -31116,7 +34031,7 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); } else { - zend_print_variable(ptr); + zend_print_variable(ptr TSRMLS_CC); } } @@ -31130,19 +34045,27 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) USE_OPLINE zval *value; + int is_ref = 0; SAVE_OPLINE(); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (i_zend_is_true(value)) { - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!0) { - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); - } + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + if (i_zend_is_true(value TSRMLS_CC)) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_CV == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif + } ZEND_VM_JMP(opline->op2.jmp_addr); } @@ -31150,33 +34073,33 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_JMP_SET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_COALESCE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval *value, *ret; + zval *value; + int is_ref = 0; SAVE_OPLINE(); - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + value = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - if (i_zend_is_true(value)) { - if (IS_CV == IS_VAR || IS_CV == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!0) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(value)) { + is_ref = 1; + value = Z_REFVAL_P(value); + } + + if (Z_TYPE_P(value) > IS_NULL) { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); } - } + } else if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } else if (IS_CV == IS_VAR && is_ref) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); -#if DEBUG_ZEND>=2 - printf("Conditional jmp to %d\n", opline->op2.opline_num); -#endif + } ZEND_VM_JMP(opline->op2.jmp_addr); } @@ -31193,35 +34116,76 @@ static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); - if (!0) { - zval_copy_ctor(&EX_T(opline->result.var).tmp_var); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(value)) { + ZVAL_COPY(EX_VAR(opline->result.var), Z_REFVAL_P(value)); + + } else { + ZVAL_COPY_VALUE(EX_VAR(opline->result.var), value); + if (IS_CV == IS_CONST) { + if (UNEXPECTED(Z_OPT_COPYABLE_P(value))) { + zval_copy_ctor_func(EX_VAR(opline->result.var)); + } + } else if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); + } } + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *expr; + zend_bool result; + + SAVE_OPLINE(); + expr = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + + if (Z_TYPE_P(expr) == IS_OBJECT) { + result = instanceof_function(Z_OBJCE_P(expr), Z_CE_P(EX_VAR(opline->op2.var)) TSRMLS_CC); + } else { + result = 0; + } + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_STRLEN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value; - zval *value, *ret; SAVE_OPLINE(); - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR || IS_CV == IS_CV) { - Z_ADDREF_P(value); - EX_T(opline->result.var).var.ptr = value; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (EXPECTED(Z_TYPE_P(value) == IS_STRING)) { + ZVAL_LONG(EX_VAR(opline->result.var), Z_STRLEN_P(value)); } else { - ALLOC_ZVAL(ret); - INIT_PZVAL_COPY(ret, value); - EX_T(opline->result.var).var.ptr = ret; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!0) { - zval_copy_ctor(EX_T(opline->result.var).var.ptr); + if (Z_TYPE_P(value) < IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 0); + } else if (Z_TYPE_P(value) == IS_TRUE) { + ZVAL_LONG(EX_VAR(opline->result.var), 1); + } else if (Z_TYPE_P(value) <= IS_DOUBLE) { + zend_string *str = zval_get_string(value); + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zend_string_release(str); + } else if (Z_TYPE_P(value) == IS_OBJECT) { + zend_string *str; + zval tmp; + + ZVAL_COPY(&tmp, value); + if (parse_arg_object_to_str(&tmp, &str, IS_STRING TSRMLS_CC) == FAILURE) { + goto strlen_error; + } + ZVAL_LONG(EX_VAR(opline->result.var), str->len); + zval_dtor(&tmp); + } else { +strlen_error: + zend_error(E_WARNING, "strlen() expects parameter 1 to be string, %s given", zend_get_type_by_const(Z_TYPE_P(value))); + ZVAL_NULL(EX_VAR(opline->result.var)); } } @@ -31229,22 +34193,48 @@ static int ZEND_FASTCALL ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_TYPE_CHECK_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *value; - zval *expr; - zend_bool result; SAVE_OPLINE(); - expr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - - if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { - result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); - } else { - result = 0; + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + switch (opline->extended_value) { + case IS_NULL: + case IS_LONG: + case IS_DOUBLE: + case IS_STRING: + case IS_ARRAY: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == opline->extended_value); + break; + case _IS_BOOL: + ZVAL_BOOL(EX_VAR(opline->result.var), Z_TYPE_P(value) == IS_TRUE || Z_TYPE_P(value) == IS_FALSE); + break; + case IS_OBJECT: + if (Z_TYPE_P(value) == opline->extended_value) { + zend_class_entry *ce = Z_OBJCE_P(value); + if (ce->name->len == sizeof("__PHP_Incomplete_Class") - 1 + && !strncmp(ce->name->val, "__PHP_Incomplete_Class", ce->name->len)) { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } else { + ZVAL_TRUE(EX_VAR(opline->result.var)); + } + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + case IS_RESOURCE: + if (Z_TYPE_P(value) == opline->extended_value) { + const char *type_name = zend_rsrc_list_get_rsrc_type(Z_RES_P(value) TSRMLS_CC); + ZVAL_BOOL(EX_VAR(opline->result.var), type_name != NULL); + } else { + ZVAL_FALSE(EX_VAR(opline->result.var)); + } + break; + EMPTY_SWITCH_DEFAULT_CASE() } - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -31256,7 +34246,7 @@ static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31271,7 +34261,7 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31286,7 +34276,7 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31301,7 +34291,7 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31316,8 +34306,8 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31331,8 +34321,8 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31346,8 +34336,8 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31361,8 +34351,8 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31376,8 +34366,8 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31389,13 +34379,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCOD { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + fast_is_not_identical_function(result, + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); CHECK_EXCEPTION(); @@ -31406,12 +34395,12 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -31422,12 +34411,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -31438,12 +34427,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -31454,12 +34443,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OP { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - opline->op2.zv TSRMLS_CC)); + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); @@ -31472,8 +34461,8 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31487,8 +34476,8 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31502,8 +34491,8 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31517,8 +34506,8 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLE SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); @@ -31530,104 +34519,85 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*bi { USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); zval *property = opline->op2.zv; - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } @@ -31637,178 +34607,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*bi ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_CV == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = opline->op2.zv; + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_CV == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_CV == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = opline->op2.zv; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = opline->op2.zv; - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_CONST TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = opline->op2.zv; + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = opline->op2.zv; - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -31817,59 +34877,46 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -31889,25 +34936,25 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t { USE_OPLINE - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = opline->op2.zv; - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); @@ -31918,60 +34965,42 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - incdec_op(*zptr); - - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -31990,128 +35019,113 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV_CONST(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1; + zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_CV == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CV != IS_CONST) { + zend_string_release(name); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + retval = zend_std_get_static_property(ce, name, 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_CV == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_CV != IS_TMP_VAR) { - + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; - case ZEND_FETCH_LOCAL: + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_CV == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - break; } } - - if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_CV != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -32136,7 +35150,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_ { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_CV_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_CV_CONST(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_CV_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -32153,23 +35171,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_CV == IS_TMP_VAR || IS_CV == IS_CONST) { - zval *container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); - - - } else { - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); - - if (IS_CV == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - - } - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -32179,29 +35186,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); - - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); } - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -32212,18 +35212,18 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -32234,11 +35234,11 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA { USE_OPLINE - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_IS TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); CHECK_EXCEPTION(); @@ -32248,19 +35248,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } @@ -32268,8 +35271,8 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPC if (IS_CONST == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); } @@ -32281,44 +35284,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, opline->op2.zv, IS_CONST TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -32327,81 +35311,48 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(Z zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_CV_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -32413,26 +35364,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = opline->op2.zv; - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -32448,34 +35392,24 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = opline->op2.zv; - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -32483,78 +35417,88 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; zval *property; - zval **container; SAVE_OPLINE(); property = opline->op2.zv; - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_res; - zval **container; - zval *property; + zend_free_op free_op1; + zval *container, *property; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); property = opline->op2.zv; - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_LIST_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + + if (EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + + zval *value = zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + + ZVAL_COPY(EX_VAR(opline->result.var), value); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT) && + EXPECTED(Z_OBJ_HT_P(container)->read_dimension)) { + zval *result = EX_VAR(opline->result.var); + zval *retval = Z_OBJ_HT_P(container)->read_dimension(container, opline->op2.zv, BP_VAR_R, result TSRMLS_CC); + + if (retval) { + if (result != retval) { + ZVAL_COPY(result, retval); + } + } else { + ZVAL_NULL(result); + } + } else { + ZVAL_NULL(EX_VAR(opline->result.var)); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -32563,25 +35507,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); property_name = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -32593,74 +35530,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zval *property_name = opline->op2.zv; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } } else { zend_free_op free_op_data1, free_op_data2; zval *value; zval *dim = opline->op2.zv; - zval **variable_ptr_ptr; + zval *variable_ptr; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CONST, BP_VAR_W TSRMLS_CC); + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_CONST TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } /* assign_dim has two opcodes! */ @@ -32674,46 +35590,25 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ USE_OPLINE zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); value = opline->op2.zv; - variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CONST TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_CONST == IS_TMP_VAR) { - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (0) { - zval_dtor(value); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_CONST == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_CONST == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_CONST TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + } /* zend_assign_to_variable() always takes care of op2, never free it! */ @@ -32726,10 +35621,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER(ZEND_OPCOD { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -32743,58 +35639,84 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER(ZEND_OPCOD zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - call->object = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CONST != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CONST == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CONST != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CONST == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CONST == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); @@ -32805,11 +35727,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR { USE_OPLINE + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - opline->op2.zv TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + opline->op2.zv TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -32819,35 +35742,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCO { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CV == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CV == IS_CV) { + } else if (IS_CV == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -32855,42 +35776,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCO if (IS_CONST != IS_UNUSED) { zval *offset = opline->op2.zv; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -32898,9 +35828,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CV != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CV != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CV == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CV != IS_UNUSED @@ -32921,14 +35868,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL if (IS_CV == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -32936,28 +35889,23 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL varname = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - Z_ADDREF_P(varname); } if (IS_CONST != IS_UNUSED) { zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST && varname == &tmp) { + if (IS_CV != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - zval_ptr_dtor(&varname); } HANDLE_EXCEPTION(); @@ -32965,23 +35913,19 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_CV != IS_CONST && varname == &tmp) { + if (IS_CV != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - zval_ptr_dtor(&varname); } CHECK_EXCEPTION(); @@ -32992,89 +35936,79 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_CV != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = opline->op2.zv; - if (IS_CV != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_CONST == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { } @@ -33087,38 +36021,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = opline->op2.zv; - if (IS_CV != IS_VAR || container) { - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - - } + ZVAL_DEREF(container); + if (IS_CV == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33126,33 +36048,29 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_CV == IS_CV && IS_CONST == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zval tmp, *varname = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -33160,247 +36078,227 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_CONST_HANDLER(ZEND_OPCO zend_class_entry *ce; if (IS_CONST == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_CV != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = opline->op2.zv; - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CONST != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_CONST == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; } } - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CV == IS_CV || IS_CV == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + offset = opline->op2.zv; + + if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CONST == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CV != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CV != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -33408,51 +36306,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_A /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CV == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CV == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CV == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -33461,44 +36345,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_A zval *key = opline->op2.zv; /* Consts, temporary variables and references need copying */ - if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CONST == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CONST == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CONST == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -33511,17 +36390,94 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_A ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + opline->op2.zv TSRMLS_CC); + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_CV_CONST(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + +static int ZEND_FASTCALL ZEND_BIND_GLOBAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *varname; + zval *value; + zval *variable_ptr; + Bucket *p; + uint32_t idx; + + SAVE_OPLINE(); + varname = opline->op2.zv; + idx = (uint32_t)(uintptr_t)CACHED_PTR(Z_CACHE_SLOT_P(varname)); + /* index 0 can't be cached (NULL is a mark of uninitialized cache slot) */ + p = EG(symbol_table).ht.arData + idx; + if (EXPECTED(idx > 0) && + EXPECTED(idx < EG(symbol_table).ht.nNumUsed) && + EXPECTED(Z_TYPE(p->val) != IS_UNDEF) && + (EXPECTED(p->key == Z_STR_P(varname)) || + (EXPECTED(p->h == Z_STR_P(varname)->h) && + EXPECTED(p->key != NULL) && + EXPECTED(p->key->len == Z_STRLEN_P(varname)) && + EXPECTED(memcmp(p->key->val, Z_STRVAL_P(varname), Z_STRLEN_P(varname)) == 0)))) { + value = &EG(symbol_table).ht.arData[idx].val; + /* GLOBAL variable may be an INDIRECT pointer to CV */ + if (UNEXPECTED(Z_TYPE_P(value) == IS_INDIRECT)) { + value = Z_INDIRECT_P(value); + if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) { + ZVAL_NULL(value); + } + } + } else { + value = zend_hash_find(&EG(symbol_table).ht, Z_STR_P(varname)); + if (UNEXPECTED(value == NULL)) { + value = zend_hash_add_new(&EG(symbol_table).ht, Z_STR_P(varname), &EG(uninitialized_zval)); + idx = ((char*)value - (char*)EG(symbol_table).ht.arData) / sizeof(Bucket); + CACHE_PTR(Z_CACHE_SLOT_P(varname), (void*)(uintptr_t)idx); + } else { + idx = ((char*)value - (char*)EG(symbol_table).ht.arData) / sizeof(Bucket); + CACHE_PTR(Z_CACHE_SLOT_P(varname), (void*)(uintptr_t)idx); + /* GLOBAL variable may be an INDIRECT pointer to CV */ + if (UNEXPECTED(Z_TYPE_P(value) == IS_INDIRECT)) { + value = Z_INDIRECT_P(value); + if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) { + ZVAL_NULL(value); + } + } + } + } + + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + zend_assign_to_variable_reference(variable_ptr, value TSRMLS_CC); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33532,11 +36488,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33547,11 +36503,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33562,11 +36518,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33577,11 +36533,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33592,11 +36548,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33607,11 +36563,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33622,11 +36578,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33637,11 +36593,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND zend_free_op free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33650,15 +36606,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + fast_is_not_identical_function(result, + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33667,14 +36622,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33683,14 +36638,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33699,14 +36654,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33715,14 +36670,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33733,11 +36688,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33748,11 +36703,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33763,11 +36718,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33778,11 +36733,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -33791,104 +36746,86 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*bina { USE_OPLINE zend_free_op free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); zval *property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); } @@ -33898,179 +36835,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*bina ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_CV == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_CV == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_CV == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_TMP_VAR TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - zval_dtor(free_op2.var); + goto assign_op_dim_exit; + } - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: + zval_ptr_dtor_nogc(free_op2.var); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - zval_dtor(free_op2.var); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -34079,59 +37105,47 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t in /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -34151,27 +37165,27 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); ZVAL_NULL(retval); CHECK_EXCEPTION(); @@ -34180,60 +37194,43 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i /* here we are sure we are dealing with an object */ - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); - - incdec_op(*zptr); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - } - } + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -34253,23 +37250,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - - if (IS_CV == IS_TMP_VAR || IS_CV == IS_CONST) { - zval *container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - - } else { - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - - } - } + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -34279,29 +37265,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); } - - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -34312,18 +37291,18 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -34334,12 +37313,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_IS TSRMLS_CC); - zval_dtor(free_op2.var); + container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -34348,29 +37327,32 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1, free_op2; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { if (IS_TMP_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); - zval_dtor(free_op2.var); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); } CHECK_EXCEPTION(); @@ -34381,44 +37363,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_UNSET TSRMLS_CC); - zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -34427,81 +37390,49 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEN zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_dtor(free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -34513,26 +37444,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -34548,34 +37472,25 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_dtor(free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -34583,78 +37498,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2, free_res; - zval **container; - zval *property; + zend_free_op free_op1, free_op2; + zval *container, *property; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (1) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property); - } else { - zval_dtor(free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -34663,25 +37555,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); property_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property_name); - } else { - zval_dtor(free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -34693,75 +37578,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zend_free_op free_op2; zval *property_name = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (1) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (1) { - zval_ptr_dtor(&property_name); - } else { - zval_dtor(free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; zval *dim = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr; - - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - zval_dtor(free_op2.var); - - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + zval *variable_ptr; + + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_TMP_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } /* assign_dim has two opcodes! */ @@ -34775,46 +37638,25 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE zend_free_op free_op2; zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); value = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_TMP_VAR TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (1) { - zval_dtor(value); + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_TMP_VAR == IS_TMP_VAR) { + zval_ptr_dtor_nogc(free_op2.var); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_TMP_VAR == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_TMP_VAR == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_TMP_VAR TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + } /* zend_assign_to_variable() always takes care of op2, never free it! */ @@ -34827,10 +37669,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_ { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -34844,60 +37687,86 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_ zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - call->object = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_TMP_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_TMP_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_dtor(free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_TMP_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_TMP_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_TMP_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_dtor(free_op2.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -34907,13 +37776,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zend_free_op free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -34922,35 +37792,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CV == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CV == IS_CV) { + } else if (IS_CV == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -34958,42 +37826,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -35001,9 +37878,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CV != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CV != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CV == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CV != IS_UNUSED @@ -35017,91 +37911,81 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_CV != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_CV != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - zval_dtor(free_op2.var); + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (1) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (1) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - zval_dtor(free_op2.var); + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - zval_dtor(free_op2.var); + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + zval_ptr_dtor_nogc(free_op2.var); + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_TMP_VAR == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { - zval_dtor(free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } CHECK_EXCEPTION(); @@ -35112,235 +37996,216 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_CV != IS_VAR || container) { - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (1) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); - } + ZVAL_DEREF(container); + if (IS_CV == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - zval_dtor(free_op2.var); + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - zval_dtor(free_op2.var); } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_TMP_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_TMP_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } } if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; - } + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; - } - } - zval_dtor(free_op2.var); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (1) { - MAKE_REAL_ZVAL_PTR(offset); + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (1) { - zval_ptr_dtor(&offset); - } else { - zval_dtor(free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CV == IS_CV || IS_CV == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - zval_dtor(free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - zval_dtor(free_op2.var); + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_TMP_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CV != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CV != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -35348,51 +38213,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CV == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CV == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CV == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -35401,44 +38252,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zval *key = _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!1) { - zval_copy_ctor(copy); - } + if (IS_TMP_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_TMP_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_TMP_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -35451,17 +38297,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_CV_TMP(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35472,11 +38338,11 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35487,11 +38353,11 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35502,11 +38368,11 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35517,11 +38383,11 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35532,11 +38398,11 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35547,11 +38413,11 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_free_op free_op2; SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35562,11 +38428,11 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35577,11 +38443,11 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND zend_free_op free_op2; SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35590,15 +38456,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_ { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); + fast_is_not_identical_function(result, + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35607,14 +38472,14 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35623,14 +38488,14 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35639,14 +38504,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35655,14 +38520,14 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCO { USE_OPLINE zend_free_op free_op2; - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35673,11 +38538,11 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_free_op free_op2; SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35688,11 +38553,11 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35703,11 +38568,11 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR zend_free_op free_op2; SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35718,11 +38583,11 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ zend_free_op free_op2; SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -35731,104 +38596,86 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*bina { USE_OPLINE zend_free_op free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); zval *property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); FREE_OP(free_op_data1); } @@ -35838,179 +38685,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*bina ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_CV == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_CV == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_CV == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_VAR TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - zval_ptr_dtor(&free_op2.var); + goto assign_op_dim_exit; + } - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); + + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: + zval_ptr_dtor_nogc(free_op2.var); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - zval_ptr_dtor(&free_op2.var); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + zval_ptr_dtor_nogc(free_op2.var); + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -36019,59 +38955,47 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t in /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36091,27 +39015,27 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); ZVAL_NULL(retval); CHECK_EXCEPTION(); @@ -36120,60 +39044,43 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - incdec_op(*zptr); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36192,128 +39099,113 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV_VAR(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1; + zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_CV == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CV != IS_CONST) { + zend_string_release(name); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + retval = zend_std_get_static_property(ce, name, 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_CV == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_CV != IS_TMP_VAR) { - + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; - case ZEND_FETCH_LOCAL: + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_CV == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - break; } } - - if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_CV != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36338,7 +39230,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HA { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_CV_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_CV_VAR(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_CV_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -36355,23 +39251,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - - if (IS_CV == IS_TMP_VAR || IS_CV == IS_CONST) { - zval *container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - - } else { - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_CV == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - - } - } + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36381,29 +39266,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); } - - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -36414,18 +39292,18 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_RW TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -36436,12 +39314,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_IS TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36450,29 +39328,32 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1, free_op2; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { if (IS_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); } CHECK_EXCEPTION(); @@ -36483,44 +39364,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1, free_op2; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_UNSET TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC), IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -36529,81 +39391,49 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEN zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_ptr_dtor(&free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -36615,26 +39445,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND USE_OPLINE zend_free_op free_op1, free_op2; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -36650,34 +39473,25 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - zval_ptr_dtor(&free_op2.var); + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -36685,78 +39499,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_op2, free_res; - zval **container; - zval *property; + zend_free_op free_op1, free_op2; + zval *container, *property; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - zval_ptr_dtor(&free_op2.var); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -36765,25 +39556,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op2; - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); property_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { - zval_ptr_dtor(&free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -36795,75 +39579,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zend_free_op free_op2; zval *property_name = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { - zval_ptr_dtor(&free_op2.var); - } + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr; - - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_VAR, BP_VAR_W TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); - - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + zval *dim = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + zval *variable_ptr; + + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_VAR TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } /* assign_dim has two opcodes! */ @@ -36877,50 +39639,29 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR USE_OPLINE zend_free_op free_op2; zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); - value = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_VAR TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + value = _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (0) { - zval_dtor(value); + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_VAR == IS_TMP_VAR) { + zval_ptr_dtor_nogc(free_op2.var); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_VAR == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_VAR == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_VAR TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + } /* zend_assign_to_variable() always takes care of op2, never free it! */ - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36930,50 +39671,59 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op2; - zval **variable_ptr_ptr; - zval **value_ptr_ptr; + zval *variable_ptr; + zval *value_ptr; SAVE_OPLINE(); - value_ptr_ptr = _get_zval_ptr_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + value_ptr = _get_zval_ptr_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); if (IS_VAR == IS_VAR && - value_ptr_ptr && - !Z_ISREF_PP(value_ptr_ptr) && opline->extended_value == ZEND_RETURNS_FUNCTION && - !EX_T(opline->op2.var).var.fcall_returned_reference) { - if (free_op2.var == NULL) { - PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */ + !(Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF) && + !Z_ISREF_P(value_ptr)) { + if (!(free_op2.var != NULL)) { + PZVAL_LOCK(value_ptr); /* undo the effect of get_zval_ptr_ptr() */ } zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { - if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + if (free_op2.var) {zval_ptr_dtor_nogc(free_op2.var);}; HANDLE_EXCEPTION(); } return ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - PZVAL_LOCK(*value_ptr_ptr); + if (!(free_op2.var != NULL)) { + PZVAL_LOCK(value_ptr); + } } - if (IS_CV == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { + + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && + UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT) && + UNEXPECTED(!Z_ISREF_P(variable_ptr))) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - - variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if ((IS_VAR == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || - (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { + if ((IS_VAR == IS_VAR && UNEXPECTED(value_ptr == NULL)) || + (IS_CV == IS_VAR && UNEXPECTED(variable_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } - zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); + if ((IS_CV == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) || + (IS_VAR == IS_VAR && UNEXPECTED(value_ptr == &EG(error_zval)))) { + variable_ptr = &EG(uninitialized_zval); + } else { + zend_assign_to_variable_reference(variable_ptr, value_ptr TSRMLS_CC); + } if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - Z_DELREF_PP(variable_ptr_ptr); + if (!(free_op2.var != NULL)) { + Z_DELREF_P(variable_ptr); + } } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*variable_ptr_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), variable_ptr); } - if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + if (free_op2.var) {zval_ptr_dtor_nogc(free_op2.var);}; CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -36983,10 +39733,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_ { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; zend_free_op free_op2; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -37000,60 +39751,86 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_ zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - call->object = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor_nogc(free_op2.var); + HANDLE_EXCEPTION(); + } - if (IS_VAR != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); + zval_ptr_dtor_nogc(free_op2.var); - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_VAR == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - zval_ptr_dtor(&free_op2.var); - HANDLE_EXCEPTION(); + + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_VAR != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_VAR == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_VAR == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; - zval_ptr_dtor(&free_op2.var); + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -37063,13 +39840,14 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS { USE_OPLINE zend_free_op free_op2; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -37078,35 +39856,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CV == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CV == IS_CV) { + } else if (IS_CV == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -37114,42 +39890,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE if (IS_VAR != IS_UNUSED) { zend_free_op free_op2; zval *offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -37157,9 +39942,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CV != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CV != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CV == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CV != IS_UNUSED @@ -37180,14 +39982,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER if (IS_CV == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -37195,28 +40003,23 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER varname = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - Z_ADDREF_P(varname); } if (IS_VAR != IS_UNUSED) { zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST && varname == &tmp) { + if (IS_CV != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - zval_ptr_dtor(&varname); } HANDLE_EXCEPTION(); @@ -37224,23 +40027,19 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_CV != IS_CONST && varname == &tmp) { + if (IS_CV != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - zval_ptr_dtor(&varname); } CHECK_EXCEPTION(); @@ -37251,91 +40050,81 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_CV != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_CV != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - zval_ptr_dtor(&free_op2.var); + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - zval_ptr_dtor(&free_op2.var); + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - zval_ptr_dtor(&free_op2.var); + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + zval_ptr_dtor_nogc(free_op2.var); + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_VAR == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + zval_ptr_dtor_nogc(free_op2.var); + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { - zval_ptr_dtor(&free_op2.var); + zval_ptr_dtor_nogc(free_op2.var); } CHECK_EXCEPTION(); @@ -37346,37 +40135,25 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE zend_free_op free_op2; - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (IS_CV != IS_VAR || container) { - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); - } + ZVAL_DEREF(container); + if (IS_CV == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - zval_ptr_dtor(&free_op2.var); + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - zval_ptr_dtor(&free_op2.var); } + zval_ptr_dtor_nogc(free_op2.var); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -37385,33 +40162,29 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_CV == IS_CV && IS_VAR == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zval tmp, *varname = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -37419,247 +40192,229 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE zend_class_entry *ce; if (IS_VAR == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_CV != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op2; - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_STRING: - if (IS_VAR == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_VAR != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; + } +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; + } } if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; - } + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; - } + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - zval_ptr_dtor(&free_op2.var); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - zval_ptr_dtor(&free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CV == IS_CV || IS_CV == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - zval_ptr_dtor(&free_op2.var); + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - zval_ptr_dtor(&free_op2.var); + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op2; + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); + + if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_VAR == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + zval_ptr_dtor_nogc(free_op2.var); + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CV != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CV != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -37667,51 +40422,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CV == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CV == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CV == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -37720,45 +40461,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zval *key = _get_zval_ptr_var(opline->op2.var, execute_data, &free_op2 TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_VAR == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_VAR == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); + zval_ptr_dtor_nogc(free_op2.var); + } else { + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_VAR == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); } - - generator->key = copy; - } else { - Z_ADDREF_P(key); - generator->key = key; } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - - zval_ptr_dtor(&free_op2.var); } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -37771,108 +40506,109 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op2; + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_var_deref(opline->op2.var, execute_data, &free_op2 TSRMLS_CC) TSRMLS_CC); + + zval_ptr_dtor_nogc(free_op2.var); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_CV_VAR(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); zval *property = NULL; - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } + + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } @@ -37882,275 +40618,351 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*b ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_CV == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = NULL; + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_CV == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_CV == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = NULL; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = NULL; - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_UNUSED TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = NULL; + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV_UNUSED(int type, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1; + zval *varname; - zval **retval; - zval tmp_varname; + zval *retval; + zend_string *name; HashTable *target_symbol_table; - ulong hash_value; SAVE_OPLINE(); varname = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { - ZVAL_COPY_VALUE(&tmp_varname, varname); - zval_copy_ctor(&tmp_varname); - Z_SET_REFCOUNT(tmp_varname, 1); - Z_UNSET_ISREF(tmp_varname); - convert_to_string(&tmp_varname); - varname = &tmp_varname; + if (IS_CV == IS_CONST) { + name = Z_STR_P(varname); + } else if (EXPECTED(Z_TYPE_P(varname) == IS_STRING)) { + name = Z_STR_P(varname); + zend_string_addref(name); + } else { + name = zval_get_string(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { - if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); + if (IS_CV != IS_CONST) { + zend_string_release(name); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - retval = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0, ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + retval = zend_std_get_static_property(ce, name, 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); -/* - if (!target_symbol_table) { - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } -*/ - if (IS_CV == IS_CONST) { - hash_value = Z_HASH_P(varname); - } else { - hash_value = str_hash(Z_STRVAL_P(varname), Z_STRLEN_P(varname)); - } - - if (zend_hash_quick_find(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, (void **) &retval) == FAILURE) { + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + retval = zend_hash_find(target_symbol_table, name); + if (retval == NULL) { switch (type) { case BP_VAR_R: case BP_VAR_UNSET: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + retval = &EG(uninitialized_zval); break; case BP_VAR_RW: - zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); + zend_error(E_NOTICE,"Undefined variable: %s", name->val); /* break missing intentionally */ case BP_VAR_W: - Z_ADDREF_P(&EG(uninitialized_zval)); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); + retval = zend_hash_add_new(target_symbol_table, name, &EG(uninitialized_zval)); break; EMPTY_SWITCH_DEFAULT_CASE() } - } - switch (opline->extended_value & ZEND_FETCH_TYPE_MASK) { - case ZEND_FETCH_GLOBAL: - if (IS_CV != IS_TMP_VAR) { - + /* GLOBAL or $$name variable may be an INDIRECT pointer to CV */ + } else if (Z_TYPE_P(retval) == IS_INDIRECT) { + retval = Z_INDIRECT_P(retval); + if (Z_TYPE_P(retval) == IS_UNDEF) { + switch (type) { + case BP_VAR_R: + case BP_VAR_UNSET: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", name->val); + /* break missing intentionally */ + case BP_VAR_W: + ZVAL_NULL(retval); + break; + EMPTY_SWITCH_DEFAULT_CASE() } - break; - case ZEND_FETCH_LOCAL: + } + } + if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) == ZEND_FETCH_STATIC) { + if (Z_CONSTANT_P(retval)) { + zval_update_constant(retval, 1 TSRMLS_CC); + } + } else if ((opline->extended_value & ZEND_FETCH_TYPE_MASK) != ZEND_FETCH_GLOBAL_LOCK) { - break; - case ZEND_FETCH_STATIC: - zval_update_constant(retval, (void*) 1 TSRMLS_CC); - break; - case ZEND_FETCH_GLOBAL_LOCK: - if (IS_CV == IS_VAR && !free_op1.var) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - break; } } - - if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(&tmp_varname); - } - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval); + if (IS_CV != IS_CONST) { + zend_string_release(name); } - PZVAL_LOCK(*retval); - switch (type) { - case BP_VAR_R: - case BP_VAR_IS: - AI_SET_PTR(&EX_T(opline->result.var), *retval); - break; - case BP_VAR_UNSET: { - zend_free_op free_res; - PZVAL_UNLOCK(*retval, &free_res); - if (retval != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval); - } - PZVAL_LOCK(*retval); - FREE_OP_VAR_PTR(free_res); + ZEND_ASSERT(retval != NULL); + if (type == BP_VAR_R || type == BP_VAR_IS) { + if (/*type == BP_VAR_R &&*/ Z_ISREF_P(retval) && Z_REFCOUNT_P(retval) == 1) { + ZVAL_UNREF(retval); } - /* break missing intentionally */ - default: - EX_T(opline->result.var).var.ptr_ptr = retval; - break; + ZVAL_COPY(EX_VAR(opline->result.var), retval); + } else { + if (/*type == BP_VAR_W &&*/ (opline->extended_value & ZEND_FETCH_MAKE_REF)) { + ZVAL_MAKE_REF(retval); + } + ZVAL_INDIRECT(EX_VAR(opline->result.var), retval); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -38175,7 +40987,11 @@ static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE { USE_OPLINE - return zend_fetch_var_address_helper_SPEC_CV_UNUSED(ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + return zend_fetch_var_address_helper_SPEC_CV_UNUSED(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + return zend_fetch_var_address_helper_SPEC_CV_UNUSED(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -38192,29 +41008,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); - - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); } - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -38225,18 +41034,18 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_H { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -38246,19 +41055,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } @@ -38266,8 +41078,8 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER(ZEND_OP if (IS_UNUSED == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_R TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, NULL, IS_UNUSED TSRMLS_CC); } @@ -38279,74 +41091,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAN { USE_OPLINE - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zval *property_name = NULL; - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } } else { zend_free_op free_op_data1, free_op_data2; zval *value; zval *dim = NULL; - zval **variable_ptr_ptr; + zval *variable_ptr; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_UNUSED TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } /* assign_dim has two opcodes! */ @@ -38359,35 +41150,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPC { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CV == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CV == IS_CV) { + } else if (IS_CV == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -38395,42 +41184,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPC if (IS_UNUSED != IS_UNUSED) { zval *offset = NULL; - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_UNUSED == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_UNUSED != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -38438,9 +41236,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CV != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CV != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CV == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CV != IS_UNUSED @@ -38461,14 +41276,20 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAND if (IS_CV == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); + zval *var = EX_VAR(opline->op1.var); + + if (Z_REFCOUNTED_P(var)) { + zend_refcounted *garbage = Z_COUNTED_P(var); - zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); - EX_CV(opline->op1.var) = NULL; - } else if (EX_CV(opline->op1.var)) { - zval_ptr_dtor(EX_CV(opline->op1.var)); - EX_CV(opline->op1.var) = NULL; + if (!--GC_REFCOUNT(garbage)) { + ZVAL_UNDEF(var); + _zval_dtor_func_for_ptr(garbage ZEND_FILE_LINE_CC); + } else { + GC_ZVAL_CHECK_POSSIBLE_ROOT(var); + ZVAL_UNDEF(var); + } + } else { + ZVAL_UNDEF(var); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -38476,28 +41297,23 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAND varname = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + ZVAL_UNDEF(&tmp); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - Z_ADDREF_P(varname); } if (IS_UNUSED != IS_UNUSED) { zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST && varname == &tmp) { + if (IS_CV != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - zval_ptr_dtor(&varname); } HANDLE_EXCEPTION(); @@ -38505,23 +41321,19 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAND if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op2.zv)); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } - zend_std_unset_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); + zend_std_unset_static_property(ce, Z_STR_P(varname), ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); - - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); + target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + zend_hash_del_ind(target_symbol_table, Z_STR_P(varname)); } - if (IS_CV != IS_CONST && varname == &tmp) { + if (IS_CV != IS_CONST) { zval_dtor(&tmp); - } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { - zval_ptr_dtor(&varname); } CHECK_EXCEPTION(); @@ -38531,33 +41343,29 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **value; - zend_bool isset = 1; + zval *value; SAVE_OPLINE(); if (IS_CV == IS_CV && IS_UNUSED == IS_UNUSED && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX_CV(opline->op1.var)) { - value = EX_CV(opline->op1.var); - } else if (EG(active_symbol_table)) { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - - if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) { - isset = 0; - } - } else { - isset = 0; + value = EX_VAR(opline->op1.var); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !i_zend_is_true(value TSRMLS_CC)); + CHECK_EXCEPTION(); } + ZEND_VM_NEXT_OPCODE(); } else { - HashTable *target_symbol_table; zval tmp, *varname = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - ZVAL_COPY_VALUE(&tmp, varname); - zval_copy_ctor(&tmp); - convert_to_string(&tmp); + ZVAL_STR(&tmp, zval_get_string(varname)); varname = &tmp; } @@ -38565,99 +41373,82 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_UNUSED_HANDLER(ZEND_OPC zend_class_entry *ce; if (IS_UNUSED == IS_CONST) { - if (CACHED_PTR(opline->op2.literal->cache_slot)) { - ce = CACHED_PTR(opline->op2.literal->cache_slot); + if (CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv))) { + ce = CACHED_PTR(Z_CACHE_SLOT_P(opline->op2.zv)); } else { - ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC); + ce = zend_fetch_class_by_name(Z_STR_P(opline->op2.zv), opline->op2.zv + 1, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - CACHE_PTR(opline->op2.literal->cache_slot, ce); + CACHE_PTR(Z_CACHE_SLOT_P(opline->op2.zv), ce); } } else { - ce = EX_T(opline->op2.var).class_entry; - } - value = zend_std_get_static_property(ce, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1, ((IS_CV == IS_CONST) ? opline->op1.literal : NULL) TSRMLS_CC); - if (!value) { - isset = 0; + ce = Z_CE_P(EX_VAR(opline->op2.var)); } + value = zend_std_get_static_property(ce, Z_STR_P(varname), 1, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(varname)) : NULL) TSRMLS_CC); } else { - target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { - isset = 0; - } + HashTable *target_symbol_table = zend_get_target_symbol_table(execute_data, opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); + value = zend_hash_find_ind(target_symbol_table, Z_STR_P(varname)); } if (IS_CV != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) != IS_NULL) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); - } else { - ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); + if (opline->extended_value & ZEND_ISSET) { + ZVAL_BOOL(EX_VAR(opline->result.var), + value && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL)); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + ZVAL_BOOL(EX_VAR(opline->result.var), + !value || !i_zend_is_true(value TSRMLS_CC)); } - } - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } } static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CV != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CV != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -38665,51 +41456,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CV == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CV == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CV == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -38718,44 +41495,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ zval *key = NULL; /* Consts, temporary variables and references need copying */ - if (IS_UNUSED == IS_CONST || IS_UNUSED == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_UNUSED == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_UNUSED == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_UNUSED == IS_VAR || IS_UNUSED == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_UNUSED == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -38768,13 +41540,18 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_CV_UNUSED(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE SAVE_OPLINE(); - fast_add_function(&EX_T(opline->result.var).tmp_var, + fast_add_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -38789,7 +41566,7 @@ static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); - fast_sub_function(&EX_T(opline->result.var).tmp_var, + fast_sub_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -38804,7 +41581,7 @@ static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); - fast_mul_function(&EX_T(opline->result.var).tmp_var, + fast_mul_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -38819,7 +41596,7 @@ static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); - fast_div_function(&EX_T(opline->result.var).tmp_var, + fast_div_function(EX_VAR(opline->result.var), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); @@ -38834,9 +41611,9 @@ static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); - fast_mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + fast_mod_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38849,9 +41626,9 @@ static int ZEND_FASTCALL ZEND_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); - shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + shift_left_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38864,9 +41641,9 @@ static int ZEND_FASTCALL ZEND_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) SAVE_OPLINE(); - shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + shift_right_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38879,9 +41656,9 @@ static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + concat_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38894,9 +41671,9 @@ static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL SAVE_OPLINE(); - is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + fast_is_identical_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38907,13 +41684,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_H { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_identical_function(result, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); - Z_LVAL_P(result) = !Z_LVAL_P(result); + fast_is_not_identical_function(result, + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38924,12 +41700,12 @@ static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_A { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_equal_function(result, + fast_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38940,12 +41716,12 @@ static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_not_equal_function(result, + fast_not_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38956,12 +41732,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_function(result, + fast_is_smaller_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38972,12 +41748,12 @@ static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCOD { USE_OPLINE - zval *result = &EX_T(opline->result.var).tmp_var; + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - ZVAL_BOOL(result, fast_is_smaller_or_equal_function(result, + fast_is_smaller_or_equal_function(result, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC)); + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -38990,9 +41766,9 @@ static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS SAVE_OPLINE(); - bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + bitwise_or_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -39005,9 +41781,9 @@ static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + bitwise_and_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -39020,9 +41796,9 @@ static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG SAVE_OPLINE(); - bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + bitwise_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -39035,9 +41811,9 @@ static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_A SAVE_OPLINE(); - boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + boolean_xor_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); @@ -39048,104 +41824,85 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binar { USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - zval *object; + zval *object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); zval *property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - int have_get_ptr = 0; + zval *value; + zval *zptr; - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - make_real_object(object_ptr TSRMLS_CC); - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - /* here property is a string */ if (opline->extended_value == ZEND_ASSIGN_OBJ - && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + && EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - have_get_ptr = 1; - binary_op(*zptr, *zptr, value TSRMLS_CC); - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*zptr); - EX_T(opline->result.var).var.ptr = *zptr; - EX_T(opline->result.var).var.ptr_ptr = NULL; - } - } - } + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - if (!have_get_ptr) { + binary_op(zptr, zptr, value TSRMLS_CC); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), zptr); + } + } else { zval *z = NULL; + zval rv; if (opline->extended_value == ZEND_ASSIGN_OBJ) { if (Z_OBJ_HT_P(object)->read_property) { - z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); } } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { if (Z_OBJ_HT_P(object)->read_dimension) { - z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC); + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv TSRMLS_CC); } } if (z) { if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); +//??? if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); binary_op(z, z, value TSRMLS_CC); if (opline->extended_value == ZEND_ASSIGN_OBJ) { - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ { Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(z); - EX_T(opline->result.var).var.ptr = z; - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_COPY(EX_VAR(opline->result.var), z); } - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); - EX_T(opline->result.var).var.ptr_ptr = NULL; + ZVAL_NULL(EX_VAR(opline->result.var)); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } FREE_OP(free_op_data1); } @@ -39155,178 +41912,268 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binar ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_binary_assign_op_dim_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op_data2, free_op_data1; - zval **var_ptr; - zval *value; + zval *var_ptr; + zval *value, *container; SAVE_OPLINE(); - switch (opline->extended_value) { - case ZEND_ASSIGN_OBJ: - return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - break; - case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { - if (IS_CV == IS_VAR && !0) { - Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ - } - return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } else { - zval *dim = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + } else if (IS_CV == IS_UNUSED || UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (IS_CV == IS_VAR && !0) { + Z_ADDREF_P(container); /* undo the effect of get_obj_zval_ptr_ptr() */ + } + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zval *dim = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - } - } - break; - default: - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - /* do nothing */ - break; + zend_fetch_dimension_address_RW(EX_VAR((opline+1)->op2.var), container, dim, IS_CV TSRMLS_CC); + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); } if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (UNEXPECTED(*var_ptr == &EG(error_zval))) { - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + if (UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); } + goto assign_op_dim_exit; + } + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - if (opline->extended_value == ZEND_ASSIGN_DIM) { - ZEND_VM_INC_OPCODE(); - } - ZEND_VM_NEXT_OPCODE(); + binary_op(var_ptr, var_ptr, value TSRMLS_CC); + + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } - SEPARATE_ZVAL_IF_NOT_REF(var_ptr); +assign_op_dim_exit: - if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) - && Z_OBJ_HANDLER_PP(var_ptr, get) - && Z_OBJ_HANDLER_PP(var_ptr, set)) { - /* proxy object */ - zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); - Z_ADDREF_P(objval); - binary_op(objval, objval, value TSRMLS_CC); - Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); - zval_ptr_dtor(&objval); - } else { - binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + FREE_OP(free_op_data1); + FREE_OP_VAR_PTR(free_op_data2); + + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *var_ptr; + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + var_ptr = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*var_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == &EG(error_zval))) { + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_NULL(EX_VAR(opline->result.var)); + } + goto assign_op_exit; } - if (opline->extended_value == ZEND_ASSIGN_DIM) { - FREE_OP(free_op_data1); - FREE_OP_VAR_PTR(free_op_data2); + ZVAL_DEREF(var_ptr); + SEPARATE_ZVAL_NOREF(var_ptr); - CHECK_EXCEPTION(); - ZEND_VM_INC_OPCODE(); - } else { + binary_op(var_ptr, var_ptr, value TSRMLS_CC); - CHECK_EXCEPTION(); + if (UNEXPECTED(RETURN_VALUE_USED(opline))) { + ZVAL_COPY(EX_VAR(opline->result.var), var_ptr); } + +assign_op_exit: + + + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + if (EXPECTED(opline->extended_value == 0)) { + return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else if (EXPECTED(opline->extended_value == ZEND_ASSIGN_DIM)) { + return zend_binary_assign_op_dim_helper_SPEC_CV_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else /* if (EXPECTED(opline->extended_value == ZEND_ASSIGN_OBJ)) */ { + return zend_binary_assign_op_obj_helper_SPEC_CV_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **object_ptr; zval *object; zval *property; - zval **retval; - int have_get_ptr = 0; + zval *retval; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - retval = &EX_T(opline->result.var).var.ptr; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } CHECK_EXCEPTION(); @@ -39335,59 +42182,46 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t inc /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - SEPARATE_ZVAL_IF_NOT_REF(zptr); + ZVAL_DEREF(zptr); + SEPARATE_ZVAL_NOREF(zptr); - have_get_ptr = 1; - incdec_op(*zptr); - if (RETURN_VALUE_USED(opline)) { - *retval = *zptr; - PZVAL_LOCK(*retval); - } + incdec_op(zptr); + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(retval, zptr); } - } + } else { + zval rv; - if (!have_get_ptr) { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - Z_ADDREF_P(z); - SEPARATE_ZVAL_IF_NOT_REF(&z); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + SEPARATE_ZVAL_IF_NOT_REF(z); incdec_op(z); - *retval = z; - Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - SELECTIVE_PZVAL_LOCK(*retval, opline); - zval_ptr_dtor(&z); + ZVAL_COPY_VALUE(retval, z); + Z_OBJ_HT_P(object)->write_property(object, property, z, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(retval, opline); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - *retval = &EG(uninitialized_zval); + ZVAL_NULL(retval); } } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -39407,25 +42241,25 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in { USE_OPLINE - zval **object_ptr; zval *object; zval *property; zval *retval; - int have_get_ptr = 0; + zval *zptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - retval = &EX_T(opline->result.var).tmp_var; + retval = EX_VAR(opline->result.var); - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ - object = *object_ptr; + if (IS_CV != IS_UNUSED) { + object = make_real_object(object TSRMLS_CC); /* this should modify object only if it's empty */ + } - if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); @@ -39436,60 +42270,42 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in /* here we are sure we are dealing with an object */ - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - - if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { - zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (zptr != NULL) { /* NULL means no success in getting PTR */ - have_get_ptr = 1; - SEPARATE_ZVAL_IF_NOT_REF(zptr); - - ZVAL_COPY_VALUE(retval, *zptr); - zendi_zval_copy_ctor(*retval); + if (EXPECTED(Z_OBJ_HT_P(object)->get_property_ptr_ptr) + && EXPECTED((zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property, BP_VAR_RW, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC)) != NULL)) { - incdec_op(*zptr); + ZVAL_DEREF(zptr); + ZVAL_COPY(retval, zptr); - } - } - - if (!have_get_ptr) { + SEPARATE_ZVAL_NOREF(zptr); + incdec_op(zptr); + } else { if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { - zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - zval *z_copy; + zval rv; + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), &rv TSRMLS_CC); + zval z_copy; if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { - zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + zval rv; + zval *value = Z_OBJ_HT_P(z)->get(z, &rv TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { - GC_REMOVE_ZVAL_FROM_BUFFER(z); zval_dtor(z); - FREE_ZVAL(z); } - z = value; + ZVAL_COPY_VALUE(z, value); } - ZVAL_COPY_VALUE(retval, z); - zendi_zval_copy_ctor(*retval); - ALLOC_ZVAL(z_copy); - INIT_PZVAL_COPY(z_copy, z); - zendi_zval_copy_ctor(*z_copy); - incdec_op(z_copy); - Z_ADDREF_P(z); - Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + ZVAL_DUP(retval, z); + ZVAL_DUP(&z_copy, z); + incdec_op(&z_copy); + if (Z_REFCOUNTED_P(z)) Z_ADDREF_P(z); + Z_OBJ_HT_P(object)->write_property(object, property, &z_copy, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL) TSRMLS_CC); zval_ptr_dtor(&z_copy); - zval_ptr_dtor(&z); + zval_ptr_dtor(z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); ZVAL_NULL(retval); } } - if (0) { - zval_ptr_dtor(&property); - } else { - - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -39509,23 +42325,12 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE - zval **container; + zval *container; SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_CV == IS_TMP_VAR || IS_CV == IS_CONST) { - zval *container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), &container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); - - - } else { - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); - - if (IS_CV == IS_VAR && !(opline->extended_value & ZEND_FETCH_ADD_LOCK)) { - - } - } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -39535,29 +42340,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLE { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); - - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (EXPECTED(opline->extended_value == 0)) { + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + } else { + zend_fetch_dimension_address_W_ref(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); } - /* We are going to assign the result by reference */ - if (UNEXPECTED(opline->extended_value != 0)) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - if (retval_ptr) { - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - } + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -39568,18 +42366,18 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address_RW(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -39590,11 +42388,11 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL { USE_OPLINE - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_IS TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_IS(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); CHECK_EXCEPTION(); @@ -39604,19 +42402,22 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; zend_free_op free_op1; - zval **container; SAVE_OPLINE(); - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + zend_fetch_dimension_address_W(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } @@ -39624,8 +42425,8 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE if (IS_CV == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + zend_fetch_dimension_address_read_R(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); } @@ -39637,44 +42438,25 @@ static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HA { USE_OPLINE zend_free_op free_op1; - zval **container; + zval *container; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address_UNSET(EX_VAR(opline->result.var), container, _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC), IS_CV TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_NEXT_OPCODE(); - } else { - zend_free_op free_res; - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - - PZVAL_UNLOCK(*retval_ptr, &free_res); - if (retval_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); - } - PZVAL_LOCK(*retval_ptr); - FREE_OP_VAR_PTR(free_res); - CHECK_EXCEPTION(); - ZEND_VM_NEXT_OPCODE(); - } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE @@ -39683,81 +42465,48 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { zend_error(E_NOTICE, "Trying to get property of non-object"); - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); - } - - /* We are going to assign the result by reference */ - if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, (opline->extended_value & ZEND_FETCH_MAKE_REF) != 0 TSRMLS_CC); - Z_DELREF_PP(retval_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); - Z_ADDREF_PP(retval_ptr); - EX_T(opline->result.var).var.ptr = *EX_T(opline->result.var).var.ptr_ptr; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -39769,26 +42518,19 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL USE_OPLINE zend_free_op free_op1; zval *property; - zval **container; + zval *container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - container = _get_zval_ptr_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_RW(execute_data, opline->op1.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_RW, 0 TSRMLS_CC); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); @@ -39804,34 +42546,24 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + if ((IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT)) || UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - + ZVAL_NULL(EX_VAR(opline->result.var)); } else { zval *retval; - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - - PZVAL_LOCK(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - - if (0) { - zval_ptr_dtor(&offset); - } else { + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL), EX_VAR(opline->result.var) TSRMLS_CC); + if (retval != EX_VAR(opline->result.var)) { + ZVAL_COPY(EX_VAR(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -39839,78 +42571,55 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *container; - if (ARG_SHOULD_BE_SENT_BY_REF(EX(call)->fbc, (opline->extended_value & ZEND_FETCH_ARG_MASK))) { + if (zend_is_by_ref_func_arg_fetch(opline, EX(call) TSRMLS_CC)) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; zval *property; - zval **container; SAVE_OPLINE(); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - container = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } + if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { + zend_error_noreturn(E_ERROR, "Cannot use temporary expression in write context"); + } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_W, 0 TSRMLS_CC); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op1, free_res; - zval **container; - zval *property; + zend_free_op free_op1; + zval *container, *property; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); property = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_CV == IS_CV) { - if (container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { + zend_fetch_property_address(EX_VAR(opline->result.var), container, IS_CV, property, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property)) : NULL), BP_VAR_UNSET, 0 TSRMLS_CC); - } - if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { - EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); + if (IS_CV == IS_VAR && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(EX_VAR(opline->result.var)); } - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); - } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); - FREE_OP_VAR_PTR(free_res); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -39919,25 +42628,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE - zval **object_ptr; + zval *object; zval *property_name; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); property_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { + if (IS_CV == IS_VAR && UNEXPECTED(object == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } /* assign_obj has two opcodes! */ CHECK_EXCEPTION(); @@ -39949,74 +42651,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER { USE_OPLINE - zval **object_ptr; + zval *object_ptr; SAVE_OPLINE(); - object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + object_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { + if (UNEXPECTED(Z_ISREF_P(object_ptr)) && Z_TYPE_P(Z_REFVAL_P(object_ptr)) == IS_OBJECT) { + object_ptr = Z_REFVAL_P(object_ptr); + } + if (Z_TYPE_P(object_ptr) == IS_OBJECT) { zval *property_name = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (0) { - MAKE_REAL_ZVAL_PTR(property_name); - } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property_name); - } else { + zend_assign_to_object(RETURN_VALUE_USED(opline)?EX_VAR(opline->result.var):NULL, object_ptr, IS_CV, property_name, (opline+1)->op1_type, &(opline+1)->op1, execute_data, ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(property_name)) : NULL) TSRMLS_CC); - } } else { zend_free_op free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - zval **variable_ptr_ptr; + zval *dim = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + zval *variable_ptr; - zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CV, BP_VAR_W TSRMLS_CC); + variable_ptr = zend_fetch_dimension_address_W_str(EX_VAR((opline+1)->op2.var), object_ptr, dim, IS_CV TSRMLS_CC); - value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); - if (UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { + value = get_zval_ptr_deref((opline+1)->op1_type, &(opline+1)->op1, execute_data, &free_op_data1, BP_VAR_R); + if (UNEXPECTED(variable_ptr != NULL)) { + zend_assign_to_string_offset(variable_ptr, Z_LVAL_P(EX_VAR((opline+1)->op2.var)), value, (RETURN_VALUE_USED(opline) ? EX_VAR(opline->result.var) : NULL) TSRMLS_CC); + FREE_OP(free_op_data1); + } else { + variable_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, execute_data, &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr == &EG(error_zval))) { + FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - zval *retval; - - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (IS_TMP_FREE(free_op_data1)) { - zval_dtor(value); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else { - if ((opline+1)->op1_type == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if ((opline+1)->op1_type == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } - if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + value = zend_assign_to_variable(variable_ptr, value, (opline+1)->op1_type TSRMLS_CC); + if ((opline+1)->op1_type == IS_VAR) { + FREE_OP(free_op_data1); + } + if (RETURN_VALUE_USED(opline)) { + ZVAL_COPY(EX_VAR(opline->result.var), value); + } + FREE_OP_VAR_PTR(free_op_data2); } } - FREE_OP_VAR_PTR(free_op_data2); - FREE_OP_IF_VAR(free_op_data1); } /* assign_dim has two opcodes! */ @@ -40030,46 +42711,25 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG USE_OPLINE zval *value; - zval **variable_ptr_ptr; + zval *variable_ptr; SAVE_OPLINE(); - value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + value = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { - if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CV TSRMLS_CC)) { - if (RETURN_VALUE_USED(opline)) { - zval *retval; + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) { + if (IS_CV == IS_TMP_VAR) { - ALLOC_ZVAL(retval); - ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); - INIT_PZVAL(retval); - AI_SET_PTR(&EX_T(opline->result.var), retval); - } - } else if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); - } - } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { - if (0) { - zval_dtor(value); } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(&EG(uninitialized_zval)); - AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + ZVAL_NULL(EX_VAR(opline->result.var)); } } else { - if (IS_CV == IS_TMP_VAR) { - value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else if (IS_CV == IS_CONST) { - value = zend_assign_const_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } else { - value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); - } + value = zend_assign_to_variable(variable_ptr, value, IS_CV TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(value); - AI_SET_PTR(&EX_T(opline->result.var), value); + ZVAL_COPY(EX_VAR(opline->result.var), value); } + } /* zend_assign_to_variable() always takes care of op2, never free it! */ @@ -40081,20 +42741,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zend_free_op free_op2; - zval **variable_ptr_ptr; - zval **value_ptr_ptr; + + zval *variable_ptr; + zval *value_ptr; SAVE_OPLINE(); - value_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op2.var TSRMLS_CC); + value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op2.var TSRMLS_CC); if (IS_CV == IS_VAR && - value_ptr_ptr && - !Z_ISREF_PP(value_ptr_ptr) && opline->extended_value == ZEND_RETURNS_FUNCTION && - !EX_T(opline->op2.var).var.fcall_returned_reference) { - if (free_op2.var == NULL) { - PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */ + !(Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF) && + !Z_ISREF_P(value_ptr)) { + if (!0) { + PZVAL_LOCK(value_ptr); /* undo the effect of get_zval_ptr_ptr() */ } zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { @@ -40103,26 +42762,36 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER } return ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - PZVAL_LOCK(*value_ptr_ptr); + if (!0) { + PZVAL_LOCK(value_ptr); + } } - if (IS_CV == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { + + variable_ptr = _get_zval_ptr_cv_undef_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && + UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT) && + UNEXPECTED(!Z_ISREF_P(variable_ptr))) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - - variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - if ((IS_CV == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || - (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { + if ((IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) || + (IS_CV == IS_VAR && UNEXPECTED(variable_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } - zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); + if ((IS_CV == IS_VAR && UNEXPECTED(variable_ptr == &EG(error_zval))) || + (IS_CV == IS_VAR && UNEXPECTED(value_ptr == &EG(error_zval)))) { + variable_ptr = &EG(uninitialized_zval); + } else { + zend_assign_to_variable_reference(variable_ptr, value_ptr TSRMLS_CC); + } if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { - Z_DELREF_PP(variable_ptr_ptr); + if (!0) { + Z_DELREF_P(variable_ptr); + } } if (RETURN_VALUE_USED(opline)) { - PZVAL_LOCK(*variable_ptr_ptr); - AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); + ZVAL_COPY(EX_VAR(opline->result.var), variable_ptr); } @@ -40134,10 +42803,11 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_H { USE_OPLINE zval *function_name; - char *function_name_strval; - int function_name_strlen; - call_slot *call = EX(call_slots) + opline->result.num; + zval *object; + zend_function *fbc; + zend_class_entry *called_scope; + zend_object *obj; SAVE_OPLINE(); @@ -40151,58 +42821,84 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_H zend_error_noreturn(E_ERROR, "Method name must be a string"); } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); + object = _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - call->object = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV != IS_UNUSED && UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { + uint32_t nesting = 1; - if (EXPECTED(call->object != NULL) && - EXPECTED(Z_TYPE_P(call->object) == IS_OBJECT)) { - call->called_scope = Z_OBJCE_P(call->object); + if (UNEXPECTED(EG(exception) != NULL)) { - if (IS_CV != IS_CONST || - (call->fbc = CACHED_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope)) == NULL) { - zval *object = call->object; + HANDLE_EXCEPTION(); + } - if (UNEXPECTED(Z_OBJ_HT_P(call->object)->get_method == NULL)) { - zend_error_noreturn(E_ERROR, "Object does not support method calls"); - } + zend_error(E_RECOVERABLE_ERROR, "Call to a member function %s() on %s", Z_STRVAL_P(function_name), zend_get_type_by_const(Z_TYPE_P(object))); - /* First, locate the function. */ - call->fbc = Z_OBJ_HT_P(call->object)->get_method(&call->object, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (UNEXPECTED(call->fbc == NULL)) { - zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(call->object), function_name_strval); - } - if (IS_CV == IS_CONST && - EXPECTED(call->fbc->type <= ZEND_USER_FUNCTION) && - EXPECTED((call->fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && - EXPECTED(call->object == object)) { - CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, call->called_scope, call->fbc); + + if (EG(exception) != NULL) { + HANDLE_EXCEPTION(); + } + + /* No exception raised: Skip over arguments until fcall opcode with correct + * nesting level. Return NULL (except when return value unused) */ + do { + opline++; + if (opline->opcode == ZEND_INIT_FCALL || + opline->opcode == ZEND_INIT_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_NS_FCALL_BY_NAME || + opline->opcode == ZEND_INIT_METHOD_CALL || + opline->opcode == ZEND_INIT_STATIC_METHOD_CALL || + opline->opcode == ZEND_INIT_USER_CALL || + opline->opcode == ZEND_NEW + ) { + nesting++; + } else if (opline->opcode == ZEND_DO_FCALL) { + nesting--; } + } while (nesting); + + if (RETURN_VALUE_USED(opline)) { + ZVAL_NULL(EX_VAR(opline->result.var)); } - } else { - if (UNEXPECTED(EG(exception) != NULL)) { - HANDLE_EXCEPTION(); + /* We've skipped EXT_FCALL_BEGIND, so also skip the ending opcode */ + if ((opline + 1)->opcode == ZEND_EXT_FCALL_END) { + opline++; } - zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + ZEND_VM_JMP(++opline); } - if ((call->fbc->common.fn_flags & ZEND_ACC_STATIC) != 0) { - call->object = NULL; - } else { - if (!PZVAL_IS_REF(call->object)) { - Z_ADDREF_P(call->object); /* For $this pointer */ - } else { - zval *this_ptr; - ALLOC_ZVAL(this_ptr); - INIT_PZVAL_COPY(this_ptr, call->object); - zval_copy_ctor(this_ptr); - call->object = this_ptr; + obj = Z_OBJ_P(object); + called_scope = obj->ce; + + if (IS_CV != IS_CONST || + EXPECTED((fbc = CACHED_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope)) == NULL)) { + zend_object *orig_obj = obj; + + if (UNEXPECTED(obj->handlers->get_method == NULL)) { + zend_error_noreturn(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + fbc = obj->handlers->get_method(&obj, Z_STR_P(function_name), ((IS_CV == IS_CONST) ? (opline->op2.zv + 1) : NULL) TSRMLS_CC); + if (UNEXPECTED(fbc == NULL)) { + zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", obj->ce->name->val, Z_STRVAL_P(function_name)); + } + if (IS_CV == IS_CONST && + EXPECTED(fbc->type <= ZEND_USER_FUNCTION) && + EXPECTED((fbc->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) && + EXPECTED(obj == orig_obj)) { + CACHE_POLYMORPHIC_PTR(Z_CACHE_SLOT_P(function_name), called_scope, fbc); } } - call->is_ctor_call = 0; - EX(call) = call; + + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_STATIC) != 0)) { + obj = NULL; + } else { + GC_REFCOUNT(obj)++; /* For $this pointer */ + } + + EX(call) = zend_vm_stack_push_call_frame(VM_FRAME_NESTED_FUNCTION, + fbc, opline->extended_value, called_scope, obj, EX(call) TSRMLS_CC); CHECK_EXCEPTION(); @@ -40213,11 +42909,12 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE + zval *result = EX_VAR(opline->result.var); SAVE_OPLINE(); - is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), - _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + fast_equal_function(result, + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -40227,35 +42924,33 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_ { USE_OPLINE - zval *expr_ptr; + zval *expr_ptr, new_expr; SAVE_OPLINE(); - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); - - if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr_ptr == NULL)) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && + (opline->extended_value & ZEND_ARRAY_ELEMENT_REF)) { + expr_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(expr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets"); } - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; + ZVAL_MAKE_REF(expr_ptr); Z_ADDREF_P(expr_ptr); - } else { - expr_ptr=_get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - if (0) { /* temporary variable */ - zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { - zval *new_expr; - - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - zendi_zval_copy_ctor(*expr_ptr); + } else { + expr_ptr = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } else if (IS_CV == IS_CONST) { + if (!Z_IMMUTABLE_P(expr_ptr)) { + ZVAL_DUP(&new_expr, expr_ptr); + expr_ptr = &new_expr; + } + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(expr_ptr)) { + expr_ptr = Z_REFVAL_P(expr_ptr); + if (Z_REFCOUNTED_P(expr_ptr)) Z_ADDREF_P(expr_ptr); - } else if (IS_CV == IS_CV) { + } else if (IS_CV == IS_CV && Z_REFCOUNTED_P(expr_ptr)) { Z_ADDREF_P(expr_ptr); } } @@ -40263,42 +42958,51 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_ if (IS_CV != IS_UNUSED) { zval *offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - ulong hval; + zend_string *str; + zend_ulong hval; +add_again: switch (Z_TYPE_P(offset)) { case IS_DOUBLE: hval = zend_dval_to_lval(Z_DVAL_P(offset)); goto num_index; case IS_LONG: - case IS_BOOL: hval = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), hval, expr_ptr); break; case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index; + } } - zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); +str_index: + zend_hash_update(Z_ARRVAL_P(EX_VAR(opline->result.var)), str, expr_ptr); break; case IS_NULL: - zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + str = STR_EMPTY_ALLOC(); + goto str_index; + case IS_FALSE: + hval = 0; + goto num_index; + case IS_TRUE: + hval = 1; + goto num_index; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto add_again; break; default: zend_error(E_WARNING, "Illegal offset type"); - zval_ptr_dtor(&expr_ptr); + zval_ptr_dtor(expr_ptr); /* do nothing */ break; } } else { - zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); - } - if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { - + zend_hash_next_index_insert(Z_ARRVAL_P(EX_VAR(opline->result.var)), expr_ptr); } CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); @@ -40306,9 +43010,26 @@ num_index: static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + zval *array; + uint32_t size; USE_OPLINE - array_init(&EX_T(opline->result.var).tmp_var); + array = EX_VAR(opline->result.var); + if (IS_CV != IS_UNUSED) { + size = opline->extended_value >> ZEND_ARRAY_SIZE_SHIFT; + } else { + size = 0; + } + ZVAL_NEW_ARR(array); + zend_hash_init(Z_ARRVAL_P(array), size, NULL, ZVAL_PTR_DTOR, 0); + + if (IS_CV != IS_UNUSED) { + /* Explicitly initialize array as not-packed if flag is set */ + if (opline->extended_value & ZEND_ARRAY_NOT_PACKED) { + zend_hash_real_init(Z_ARRVAL_P(array), 0); + } + } + if (IS_CV == IS_UNUSED) { ZEND_VM_NEXT_OPCODE(); #if 0 || IS_CV != IS_UNUSED @@ -40322,89 +43043,79 @@ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE - zval **container; + zval *container; zval *offset; - ulong hval; + zend_ulong hval; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } + if (IS_CV != IS_UNUSED) { + ZVAL_DEREF(container); + SEPARATE_ZVAL_NOREF(container); } offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_CV != IS_VAR || container) { - switch (Z_TYPE_PP(container)) { - case IS_ARRAY: { - HashTable *ht = Z_ARRVAL_PP(container); - - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - zend_hash_index_del(ht, hval); - break; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); - zend_hash_index_del(ht, hval); - break; - case IS_STRING: - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - Z_ADDREF_P(offset); - } - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_dim); - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (ht == &EG(symbol_table)) { - zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); - } else { - zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); - } - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); +offset_again: + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + zend_hash_index_del(ht, hval); + break; + case IS_LONG: + hval = Z_LVAL_P(offset); num_index_dim: - zend_hash_index_del(ht, hval); - if (IS_CV == IS_CV || IS_CV == IS_VAR) { - zval_ptr_dtor(&offset); - } - break; - case IS_NULL: - zend_hash_del(ht, "", sizeof("")); - break; - default: - zend_error(E_WARNING, "Illegal offset type in unset"); - break; - } - + zend_hash_index_del(ht, hval); break; - } - case IS_OBJECT: - if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); - } - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + case IS_STRING: + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(Z_STR_P(offset), hval)) { + goto num_index_dim; + } } - Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); - if (0) { - zval_ptr_dtor(&offset); + if (ht == &EG(symbol_table).ht) { + zend_delete_global_variable(Z_STR_P(offset) TSRMLS_CC); } else { - + zend_hash_del(ht, Z_STR_P(offset)); } break; - case IS_STRING: - zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); - ZEND_VM_CONTINUE(); /* bailed out before */ + case IS_NULL: + zend_hash_del(ht, STR_EMPTY_ALLOC()); + break; + case IS_FALSE: + hval = 0; + goto num_index_dim; + case IS_TRUE: + hval = 1; + goto num_index_dim; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_dim; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto offset_again; + break; default: - + zend_error(E_WARNING, "Illegal offset type in unset"); break; } + + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(container)->unset_dimension == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use object as array"); + } +//??? if (IS_CV == IS_CONST) { +//??? zval_copy_ctor(offset); +//??? } + Z_OBJ_HT_P(container)->unset_dimension(container, offset TSRMLS_CC); + + } else if (UNEXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + ZEND_VM_CONTINUE(); /* bailed out before */ } else { } @@ -40417,235 +43128,214 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ { USE_OPLINE - zval **container; + zval *container; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + container = _get_zval_ptr_cv_BP_VAR_UNSET(execute_data, opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); + } offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (IS_CV != IS_VAR || container) { - if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(container); - } - if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); - } - if (Z_OBJ_HT_P(*container)->unset_property) { - Z_OBJ_HT_P(*container)->unset_property(*container, offset, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to unset property of non-object"); - } - if (0) { - zval_ptr_dtor(&offset); - } else { - - } + ZVAL_DEREF(container); + if (IS_CV == IS_UNUSED || Z_TYPE_P(container) == IS_OBJECT) { + if (Z_OBJ_HT_P(container)->unset_property) { + Z_OBJ_HT_P(container)->unset_property(container, offset, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); } else { - + zend_error(E_NOTICE, "Trying to unset property of non-object"); } - } else { - } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - zval **container; - zval **value = NULL; - int result = 0; - ulong hval; + zval *container; + int result; + zend_ulong hval; zval *offset; SAVE_OPLINE(); - container = _get_zval_ptr_ptr_cv_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); - + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); - if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { - HashTable *ht; - int isset = 0; - - ht = Z_ARRVAL_PP(container); + if (IS_CV != IS_UNUSED && EXPECTED(Z_TYPE_P(container) == IS_ARRAY)) { + HashTable *ht = Z_ARRVAL_P(container); + zval *value; + zend_string *str; - switch (Z_TYPE_P(offset)) { - case IS_DOUBLE: - hval = zend_dval_to_lval(Z_DVAL_P(offset)); - goto num_index_prop; - case IS_RESOURCE: - case IS_BOOL: - case IS_LONG: - hval = Z_LVAL_P(offset); -num_index_prop: - if (zend_hash_index_find(ht, hval, (void **) &value) == SUCCESS) { - isset = 1; +isset_again: + if (EXPECTED(Z_TYPE_P(offset) == IS_STRING)) { + str = Z_STR_P(offset); + if (IS_CV != IS_CONST) { + if (ZEND_HANDLE_NUMERIC(str, hval)) { + goto num_index_prop; } - break; - case IS_STRING: - if (IS_CV == IS_CONST) { - hval = Z_HASH_P(offset); - } else { - if (!prop_dim) { - ZEND_HANDLE_NUMERIC_EX(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, goto num_index_prop); - } - hval = str_hash(Z_STRVAL_P(offset), Z_STRLEN_P(offset)); - } - if (zend_hash_quick_find(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, (void **) &value) == SUCCESS) { - isset = 1; - } - break; - case IS_NULL: - if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { - isset = 1; - } - break; - default: - zend_error(E_WARNING, "Illegal offset type in isset or empty"); - break; - } - - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - result = 0; - } else { - result = isset; } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (!isset || !i_zend_is_true(*value)) { - result = 0; - } else { - result = 1; +str_index_prop: + value = zend_hash_find_ind(ht, str); + } else if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + hval = Z_LVAL_P(offset); +num_index_prop: + value = zend_hash_index_find(ht, hval); + } else { + switch (Z_TYPE_P(offset)) { + case IS_DOUBLE: + hval = zend_dval_to_lval(Z_DVAL_P(offset)); + goto num_index_prop; + case IS_NULL: + str = STR_EMPTY_ALLOC(); + goto str_index_prop; + case IS_FALSE: + hval = 0; + goto num_index_prop; + case IS_TRUE: + hval = 1; + goto num_index_prop; + case IS_RESOURCE: + hval = Z_RES_HANDLE_P(offset); + goto num_index_prop; + case IS_REFERENCE: + offset = Z_REFVAL_P(offset); + goto isset_again; + default: + zend_error(E_WARNING, "Illegal offset type in isset or empty"); + value = NULL; + break; } } - } else if (Z_TYPE_PP(container) == IS_OBJECT) { - if (0) { - MAKE_REAL_ZVAL_PTR(offset); + if (opline->extended_value & ZEND_ISSET) { + /* > IS_NULL means not IS_UNDEF and not IS_NULL */ + result = value != NULL && Z_TYPE_P(value) > IS_NULL && + (!Z_ISREF_P(value) || Z_TYPE_P(Z_REFVAL_P(value)) != IS_NULL); + } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + result = (value == NULL || !i_zend_is_true(value TSRMLS_CC)); } - if (prop_dim) { - if (Z_OBJ_HT_P(*container)->has_property) { - result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check property of non-object"); - result = 0; - } + } else if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_dimension)) { + result = Z_OBJ_HT_P(container)->has_dimension(container, offset, (opline->extended_value & ZEND_ISSET) == 0 TSRMLS_CC); } else { - if (Z_OBJ_HT_P(*container)->has_dimension) { - result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value & ZEND_ISEMPTY) != 0 TSRMLS_CC); - } else { - zend_error(E_NOTICE, "Trying to check element of non-array"); - result = 0; - } + zend_error(E_NOTICE, "Trying to check element of non-array"); + result = 0; } - if (0) { - zval_ptr_dtor(&offset); - } else { - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; } - } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */ + } else if (EXPECTED(Z_TYPE_P(container) == IS_STRING)) { /* string offsets */ zval tmp; - if (Z_TYPE_P(offset) != IS_LONG) { - if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + result = 0; + if (UNEXPECTED(Z_TYPE_P(offset) != IS_LONG)) { + if (IS_CV == IS_CV || IS_CV == IS_VAR) { + ZVAL_DEREF(offset); + } + if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */ || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); + ZVAL_DUP(&tmp, offset); convert_to_long(&tmp); offset = &tmp; - } else { - /* can not be converted to proper offset, return "not set" */ - result = 0; } } - if (Z_TYPE_P(offset) == IS_LONG) { - if (opline->extended_value & ZEND_ISSET) { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) { - result = 1; - } - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { - if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + if (EXPECTED(Z_TYPE_P(offset) == IS_LONG)) { + if (offset->value.lval >= 0 && (size_t)offset->value.lval < Z_STRLEN_P(container)) { + if ((opline->extended_value & ZEND_ISSET) || + Z_STRVAL_P(container)[offset->value.lval] != '0') { result = 1; } } } - + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } } else { - + result = ((opline->extended_value & ZEND_ISSET) == 0); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; - } + ZVAL_BOOL(EX_VAR(opline->result.var), result); CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + int result; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_deref_BP_VAR_IS(execute_data, opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); + + if (IS_CV == IS_UNUSED || EXPECTED(Z_TYPE_P(container) == IS_OBJECT)) { + if (EXPECTED(Z_OBJ_HT_P(container)->has_property)) { + result = Z_OBJ_HT_P(container)->has_property(container, offset, (opline->extended_value & ZEND_ISSET) == 0, ((IS_CV == IS_CONST) ? (EX(run_time_cache) + Z_CACHE_SLOT_P(offset)) : NULL) TSRMLS_CC); + } else { + zend_error(E_NOTICE, "Trying to check property of non-object"); + result = 0; + } + if ((opline->extended_value & ZEND_ISSET) == 0) { + result = !result; + } + } else { + result = ((opline->extended_value & ZEND_ISSET) == 0); + } + + ZVAL_BOOL(EX_VAR(opline->result.var), result); + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { USE_OPLINE - /* The generator object is stored in return_value_ptr_ptr */ - zend_generator *generator = (zend_generator *) EG(return_value_ptr_ptr); + /* The generator object is stored in EX(return_value) */ + zend_generator *generator = (zend_generator *) EX(return_value); if (generator->flags & ZEND_GENERATOR_FORCED_CLOSE) { zend_error_noreturn(E_ERROR, "Cannot yield from finally in a force-closed generator"); } /* Destroy the previously yielded value */ - if (generator->value) { - zval_ptr_dtor(&generator->value); - } + zval_ptr_dtor(&generator->value); /* Destroy the previously yielded key */ - if (generator->key) { - zval_ptr_dtor(&generator->key); - } + zval_ptr_dtor(&generator->key); /* Set the new yielded value */ if (IS_CV != IS_UNUSED) { - if (EX(op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) { + if (EX(func)->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { /* Constants and temporary variables aren't yieldable by reference, * but we still allow them with a notice. */ if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { - zval *value, *copy; + zval *value; zend_error(E_NOTICE, "Only variable references should be yielded by reference"); value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); + ZVAL_COPY_VALUE(&generator->value, value); + if (Z_OPT_REFCOUNTED(generator->value)) Z_SET_REFCOUNT(generator->value, 1); /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); + if (IS_CV != IS_TMP_VAR) { + zval_opt_copy_ctor(&generator->value); } - - generator->value = copy; } else { - zval **value_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); + zval *value_ptr = _get_zval_ptr_cv_BP_VAR_W(execute_data, opline->op1.var TSRMLS_CC); if (IS_CV == IS_VAR && UNEXPECTED(value_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot yield string offsets by reference"); @@ -40653,51 +43343,37 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS /* If a function call result is yielded and the function did * not return by reference we throw a notice. */ - if (IS_CV == IS_VAR && !Z_ISREF_PP(value_ptr) + if (IS_CV == IS_VAR && !Z_ISREF_P(value_ptr) && !(opline->extended_value == ZEND_RETURNS_FUNCTION - && EX_T(opline->op1.var).var.fcall_returned_reference) - && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + && (Z_VAR_FLAGS_P(value_ptr) & IS_VAR_RET_REF))) { zend_error(E_NOTICE, "Only variable references should be yielded by reference"); - - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; } else { - SEPARATE_ZVAL_TO_MAKE_IS_REF(value_ptr); - Z_ADDREF_PP(value_ptr); - generator->value = *value_ptr; + ZVAL_MAKE_REF(value_ptr); } + ZVAL_COPY(&generator->value, value_ptr); } } else { zval *value = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || PZVAL_IS_REF(value) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, value); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } - - generator->value = copy; + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->value, value); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->value, value); + } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) && Z_ISREF_P(value)) { + ZVAL_DUP(&generator->value, Z_REFVAL_P(value)); } else { + ZVAL_COPY_VALUE(&generator->value, value); if (IS_CV == IS_CV) { - Z_ADDREF_P(value); + if (Z_OPT_REFCOUNTED_P(value)) Z_ADDREF_P(value); } - generator->value = value; } } } else { /* If no value was specified yield null */ - Z_ADDREF(EG(uninitialized_zval)); - generator->value = &EG(uninitialized_zval); + ZVAL_NULL(&generator->value); } /* Set the new yielded key */ @@ -40706,44 +43382,39 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS zval *key = _get_zval_ptr_cv_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC); /* Consts, temporary variables and references need copying */ - if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR - || (PZVAL_IS_REF(key) && Z_REFCOUNT_P(key) > 0) - ) { - zval *copy; - - ALLOC_ZVAL(copy); - INIT_PZVAL_COPY(copy, key); - - /* Temporary variables don't need ctor copying */ - if (!0) { - zval_copy_ctor(copy); - } + if (IS_CV == IS_CONST) { + ZVAL_DUP(&generator->key, key); + } else if (IS_CV == IS_TMP_VAR) { + ZVAL_COPY_VALUE(&generator->key, key); + } else if ((IS_CV == IS_VAR || IS_CV == IS_CV) && Z_ISREF_P(key)) { + ZVAL_DUP(&generator->key, Z_REFVAL_P(key)); - generator->key = copy; } else { - Z_ADDREF_P(key); - generator->key = key; + ZVAL_COPY_VALUE(&generator->key, key); + if (IS_CV == IS_CV) { + if (Z_OPT_REFCOUNTED_P(key)) Z_ADDREF_P(key); + } } - if (Z_TYPE_P(generator->key) == IS_LONG - && Z_LVAL_P(generator->key) > generator->largest_used_integer_key + if (Z_TYPE(generator->key) == IS_LONG + && Z_LVAL(generator->key) > generator->largest_used_integer_key ) { - generator->largest_used_integer_key = Z_LVAL_P(generator->key); + generator->largest_used_integer_key = Z_LVAL(generator->key); } - } else { /* If no key was specified we use auto-increment keys */ generator->largest_used_integer_key++; - - ALLOC_INIT_ZVAL(generator->key); - ZVAL_LONG(generator->key, generator->largest_used_integer_key); + ZVAL_LONG(&generator->key, generator->largest_used_integer_key); } - /* If a value is sent it should go into the result var */ - generator->send_target = &EX_T(opline->result.var); - - /* Initialize the sent value to NULL */ - EX_T(opline->result.var).tmp_var = EG(uninitialized_zval); + if (RETURN_VALUE_USED(opline)) { + /* If the return value of yield is used set the send + * target and initialize it to NULL */ + generator->send_target = EX_VAR(opline->result.var); + ZVAL_NULL(generator->send_target); + } else { + generator->send_target = NULL; + } /* We increment to the next op, so we are at the correct position when the * generator is resumed. */ @@ -40756,6 +43427,26 @@ static int ZEND_FASTCALL ZEND_YIELD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS ZEND_VM_RETURN(); } +static int ZEND_FASTCALL ZEND_POW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + + SAVE_OPLINE(); + pow_function(EX_VAR(opline->result.var), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_deref_BP_VAR_R(execute_data, opline->op2.var TSRMLS_CC) TSRMLS_CC); + + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_ASSIGN_POW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper_SPEC_CV_CV(pow_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + static int ZEND_FASTCALL ZEND_NULL_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { zend_error_noreturn(E_ERROR, "Invalid opcode %d/%d/%d.", OPLINE->opcode, OPLINE->op1_type, OPLINE->op2_type); @@ -42001,11 +44692,11 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_SWITCH_FREE_SPEC_VAR_HANDLER, - ZEND_SWITCH_FREE_SPEC_VAR_HANDLER, - ZEND_SWITCH_FREE_SPEC_VAR_HANDLER, - ZEND_SWITCH_FREE_SPEC_VAR_HANDLER, - ZEND_SWITCH_FREE_SPEC_VAR_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -42091,31 +44782,31 @@ void zend_init_opcodes_handlers(void) ZEND_BOOL_SPEC_CV_HANDLER, ZEND_BOOL_SPEC_CV_HANDLER, ZEND_BOOL_SPEC_CV_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, - ZEND_INIT_STRING_SPEC_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -42266,56 +44957,56 @@ void zend_init_opcodes_handlers(void) ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER, - ZEND_DO_FCALL_SPEC_CONST_HANDLER, - ZEND_DO_FCALL_SPEC_CONST_HANDLER, - ZEND_DO_FCALL_SPEC_CONST_HANDLER, - ZEND_DO_FCALL_SPEC_CONST_HANDLER, - ZEND_DO_FCALL_SPEC_CONST_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_DO_FCALL_SPEC_HANDLER, + ZEND_INIT_FCALL_SPEC_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_INIT_FCALL_SPEC_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_INIT_FCALL_SPEC_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_INIT_FCALL_SPEC_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_INIT_FCALL_SPEC_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, - ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER, ZEND_RETURN_SPEC_CONST_HANDLER, ZEND_RETURN_SPEC_CONST_HANDLER, ZEND_RETURN_SPEC_CONST_HANDLER, @@ -42426,21 +45117,21 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_SEND_VAR_SPEC_VAR_HANDLER, - ZEND_SEND_VAR_SPEC_VAR_HANDLER, - ZEND_SEND_VAR_SPEC_VAR_HANDLER, - ZEND_SEND_VAR_SPEC_VAR_HANDLER, - ZEND_SEND_VAR_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_EX_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_EX_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_EX_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_EX_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_EX_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_SEND_VAR_SPEC_CV_HANDLER, - ZEND_SEND_VAR_SPEC_CV_HANDLER, - ZEND_SEND_VAR_SPEC_CV_HANDLER, - ZEND_SEND_VAR_SPEC_CV_HANDLER, - ZEND_SEND_VAR_SPEC_CV_HANDLER, + ZEND_SEND_VAR_EX_SPEC_CV_HANDLER, + ZEND_SEND_VAR_EX_SPEC_CV_HANDLER, + ZEND_SEND_VAR_EX_SPEC_CV_HANDLER, + ZEND_SEND_VAR_EX_SPEC_CV_HANDLER, + ZEND_SEND_VAR_EX_SPEC_CV_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -42816,16 +45507,16 @@ void zend_init_opcodes_handlers(void) ZEND_FETCH_DIM_R_SPEC_CV_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_FETCH_DIM_R_SPEC_CV_CV_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_CONST_CONST_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_CONST_TMP_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_CONST_CV_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_TMP_CONST_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_TMP_TMP_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_TMP_VAR_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_FETCH_OBJ_R_SPEC_TMP_CV_HANDLER, ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER, ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER, ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER, @@ -43016,16 +45707,16 @@ void zend_init_opcodes_handlers(void) ZEND_FETCH_IS_SPEC_CV_VAR_HANDLER, ZEND_FETCH_IS_SPEC_CV_UNUSED_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_CONST_CONST_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_CONST_TMP_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_CONST_CV_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_TMP_CONST_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_TMP_TMP_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_TMP_VAR_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_FETCH_DIM_IS_SPEC_TMP_CV_HANDLER, ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER, ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER, ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER, @@ -43041,16 +45732,16 @@ void zend_init_opcodes_handlers(void) ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_CONST_CONST_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_CONST_TMP_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_CONST_CV_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_TMP_CONST_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_TMP_TMP_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_TMP_VAR_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_FETCH_OBJ_IS_SPEC_TMP_CV_HANDLER, ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER, ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER, ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER, @@ -43091,16 +45782,16 @@ void zend_init_opcodes_handlers(void) ZEND_FETCH_FUNC_ARG_SPEC_CV_VAR_HANDLER, ZEND_FETCH_FUNC_ARG_SPEC_CV_UNUSED_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_CONST_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_TMP_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_VAR_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_UNUSED_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_CONST_CV_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_CONST_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_TMP_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_VAR_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_UNUSED_HANDLER, + ZEND_FETCH_DIM_FUNC_ARG_SPEC_TMP_CV_HANDLER, ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CONST_HANDLER, ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_TMP_HANDLER, ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_VAR_HANDLER, @@ -43116,16 +45807,16 @@ void zend_init_opcodes_handlers(void) ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_VAR_HANDLER, ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER, ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_CONST_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_TMP_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CONST_CV_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_CONST_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_TMP_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_VAR_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_FETCH_OBJ_FUNC_ARG_SPEC_TMP_CV_HANDLER, ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER, ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER, ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER, @@ -43216,18 +45907,17 @@ void zend_init_opcodes_handlers(void) ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER, - ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER, - ZEND_NULL_HANDLER, + ZEND_FETCH_LIST_SPEC_CONST_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER, - ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_LIST_SPEC_TMP_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_LIST_SPEC_VAR_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -43237,6 +45927,7 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_FETCH_LIST_SPEC_CV_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -43641,16 +46332,16 @@ void zend_init_opcodes_handlers(void) ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_VAR_HANDLER, ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_UNUSED_HANDLER, ZEND_NULL_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_CONST_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_TMP_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CONST_CV_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_CONST_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_TMP_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_VAR_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_TMP_CV_HANDLER, ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CONST_HANDLER, ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_TMP_HANDLER, ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_VAR_HANDLER, @@ -43666,6 +46357,16 @@ void zend_init_opcodes_handlers(void) ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CV_HANDLER, + ZEND_SEND_VAL_EX_SPEC_CONST_HANDLER, + ZEND_SEND_VAL_EX_SPEC_CONST_HANDLER, + ZEND_SEND_VAL_EX_SPEC_CONST_HANDLER, + ZEND_SEND_VAL_EX_SPEC_CONST_HANDLER, + ZEND_SEND_VAL_EX_SPEC_CONST_HANDLER, + ZEND_SEND_VAL_EX_SPEC_TMP_HANDLER, + ZEND_SEND_VAL_EX_SPEC_TMP_HANDLER, + ZEND_SEND_VAL_EX_SPEC_TMP_HANDLER, + ZEND_SEND_VAL_EX_SPEC_TMP_HANDLER, + ZEND_SEND_VAL_EX_SPEC_TMP_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -43691,12 +46392,26 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_SEND_VAR_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_SPEC_VAR_HANDLER, + ZEND_SEND_VAR_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_SEND_VAR_SPEC_CV_HANDLER, + ZEND_SEND_VAR_SPEC_CV_HANDLER, + ZEND_SEND_VAR_SPEC_CV_HANDLER, + ZEND_SEND_VAR_SPEC_CV_HANDLER, + ZEND_SEND_VAR_SPEC_CV_HANDLER, + ZEND_INIT_USER_CALL_SPEC_CONST_CONST_HANDLER, + ZEND_INIT_USER_CALL_SPEC_CONST_TMP_HANDLER, + ZEND_INIT_USER_CALL_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_INIT_USER_CALL_SPEC_CONST_CV_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -43717,6 +46432,31 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, + ZEND_SEND_ARRAY_SPEC_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -43727,16 +46467,51 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_SEND_USER_SPEC_VAR_HANDLER, + ZEND_SEND_USER_SPEC_VAR_HANDLER, + ZEND_SEND_USER_SPEC_VAR_HANDLER, + ZEND_SEND_USER_SPEC_VAR_HANDLER, + ZEND_SEND_USER_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_SEND_USER_SPEC_CV_HANDLER, + ZEND_SEND_USER_SPEC_CV_HANDLER, + ZEND_SEND_USER_SPEC_CV_HANDLER, + ZEND_SEND_USER_SPEC_CV_HANDLER, + ZEND_SEND_USER_SPEC_CV_HANDLER, + ZEND_STRLEN_SPEC_CONST_HANDLER, + ZEND_STRLEN_SPEC_CONST_HANDLER, + ZEND_STRLEN_SPEC_CONST_HANDLER, + ZEND_STRLEN_SPEC_CONST_HANDLER, + ZEND_STRLEN_SPEC_CONST_HANDLER, + ZEND_STRLEN_SPEC_TMP_HANDLER, + ZEND_STRLEN_SPEC_TMP_HANDLER, + ZEND_STRLEN_SPEC_TMP_HANDLER, + ZEND_STRLEN_SPEC_TMP_HANDLER, + ZEND_STRLEN_SPEC_TMP_HANDLER, + ZEND_STRLEN_SPEC_VAR_HANDLER, + ZEND_STRLEN_SPEC_VAR_HANDLER, + ZEND_STRLEN_SPEC_VAR_HANDLER, + ZEND_STRLEN_SPEC_VAR_HANDLER, + ZEND_STRLEN_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_STRLEN_SPEC_CV_HANDLER, + ZEND_STRLEN_SPEC_CV_HANDLER, + ZEND_STRLEN_SPEC_CV_HANDLER, + ZEND_STRLEN_SPEC_CV_HANDLER, + ZEND_STRLEN_SPEC_CV_HANDLER, + ZEND_DEFINED_SPEC_CONST_HANDLER, + ZEND_DEFINED_SPEC_CONST_HANDLER, + ZEND_DEFINED_SPEC_CONST_HANDLER, + ZEND_DEFINED_SPEC_CONST_HANDLER, + ZEND_DEFINED_SPEC_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -43757,115 +46532,31 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, + ZEND_TYPE_CHECK_SPEC_CONST_HANDLER, + ZEND_TYPE_CHECK_SPEC_CONST_HANDLER, + ZEND_TYPE_CHECK_SPEC_CONST_HANDLER, + ZEND_TYPE_CHECK_SPEC_CONST_HANDLER, + ZEND_TYPE_CHECK_SPEC_CONST_HANDLER, + ZEND_TYPE_CHECK_SPEC_TMP_HANDLER, + ZEND_TYPE_CHECK_SPEC_TMP_HANDLER, + ZEND_TYPE_CHECK_SPEC_TMP_HANDLER, + ZEND_TYPE_CHECK_SPEC_TMP_HANDLER, + ZEND_TYPE_CHECK_SPEC_TMP_HANDLER, + ZEND_TYPE_CHECK_SPEC_VAR_HANDLER, + ZEND_TYPE_CHECK_SPEC_VAR_HANDLER, + ZEND_TYPE_CHECK_SPEC_VAR_HANDLER, + ZEND_TYPE_CHECK_SPEC_VAR_HANDLER, + ZEND_TYPE_CHECK_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_TYPE_CHECK_SPEC_CV_HANDLER, + ZEND_TYPE_CHECK_SPEC_CV_HANDLER, + ZEND_TYPE_CHECK_SPEC_CV_HANDLER, + ZEND_TYPE_CHECK_SPEC_CV_HANDLER, + ZEND_TYPE_CHECK_SPEC_CV_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -44316,31 +47007,31 @@ void zend_init_opcodes_handlers(void) ZEND_DECLARE_FUNCTION_SPEC_HANDLER, ZEND_DECLARE_FUNCTION_SPEC_HANDLER, ZEND_DECLARE_FUNCTION_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, - ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, @@ -44466,16 +47157,16 @@ void zend_init_opcodes_handlers(void) ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER, ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER, ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_CONST_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_TMP_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_VAR_HANDLER, ZEND_NULL_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CONST_CV_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_CONST_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_TMP_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_VAR_HANDLER, ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, - ZEND_NULL_HANDLER, + ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_TMP_CV_HANDLER, ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CONST_HANDLER, ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_TMP_HANDLER, ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_VAR_HANDLER, @@ -44691,56 +47382,56 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CONST_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CONST_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CONST_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CONST_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CONST_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_TMP_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_TMP_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_TMP_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_TMP_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_TMP_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_VAR_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_VAR_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_VAR_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_VAR_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER, - ZEND_QM_ASSIGN_VAR_SPEC_CV_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CONST_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CONST_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CONST_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CONST_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CONST_HANDLER, - ZEND_JMP_SET_VAR_SPEC_TMP_HANDLER, - ZEND_JMP_SET_VAR_SPEC_TMP_HANDLER, - ZEND_JMP_SET_VAR_SPEC_TMP_HANDLER, - ZEND_JMP_SET_VAR_SPEC_TMP_HANDLER, - ZEND_JMP_SET_VAR_SPEC_TMP_HANDLER, - ZEND_JMP_SET_VAR_SPEC_VAR_HANDLER, - ZEND_JMP_SET_VAR_SPEC_VAR_HANDLER, - ZEND_JMP_SET_VAR_SPEC_VAR_HANDLER, - ZEND_JMP_SET_VAR_SPEC_VAR_HANDLER, - ZEND_JMP_SET_VAR_SPEC_VAR_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CV_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CV_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CV_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CV_HANDLER, - ZEND_JMP_SET_VAR_SPEC_CV_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, ZEND_DISCARD_EXCEPTION_SPEC_HANDLER, ZEND_DISCARD_EXCEPTION_SPEC_HANDLER, ZEND_DISCARD_EXCEPTION_SPEC_HANDLER, @@ -44891,11 +47582,136 @@ void zend_init_opcodes_handlers(void) ZEND_RECV_VARIADIC_SPEC_HANDLER, ZEND_RECV_VARIADIC_SPEC_HANDLER, ZEND_RECV_VARIADIC_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_SEND_UNPACK_SPEC_HANDLER, + ZEND_POW_SPEC_CONST_CONST_HANDLER, + ZEND_POW_SPEC_CONST_TMP_HANDLER, + ZEND_POW_SPEC_CONST_VAR_HANDLER, + ZEND_NULL_HANDLER, + ZEND_POW_SPEC_CONST_CV_HANDLER, + ZEND_POW_SPEC_TMP_CONST_HANDLER, + ZEND_POW_SPEC_TMP_TMP_HANDLER, + ZEND_POW_SPEC_TMP_VAR_HANDLER, + ZEND_NULL_HANDLER, + ZEND_POW_SPEC_TMP_CV_HANDLER, + ZEND_POW_SPEC_VAR_CONST_HANDLER, + ZEND_POW_SPEC_VAR_TMP_HANDLER, + ZEND_POW_SPEC_VAR_VAR_HANDLER, + ZEND_NULL_HANDLER, + ZEND_POW_SPEC_VAR_CV_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_POW_SPEC_CV_CONST_HANDLER, + ZEND_POW_SPEC_CV_TMP_HANDLER, + ZEND_POW_SPEC_CV_VAR_HANDLER, + ZEND_NULL_HANDLER, + ZEND_POW_SPEC_CV_CV_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_ASSIGN_POW_SPEC_VAR_CONST_HANDLER, + ZEND_ASSIGN_POW_SPEC_VAR_TMP_HANDLER, + ZEND_ASSIGN_POW_SPEC_VAR_VAR_HANDLER, + ZEND_ASSIGN_POW_SPEC_VAR_UNUSED_HANDLER, + ZEND_ASSIGN_POW_SPEC_VAR_CV_HANDLER, + ZEND_ASSIGN_POW_SPEC_UNUSED_CONST_HANDLER, + ZEND_ASSIGN_POW_SPEC_UNUSED_TMP_HANDLER, + ZEND_ASSIGN_POW_SPEC_UNUSED_VAR_HANDLER, + ZEND_ASSIGN_POW_SPEC_UNUSED_UNUSED_HANDLER, + ZEND_ASSIGN_POW_SPEC_UNUSED_CV_HANDLER, + ZEND_ASSIGN_POW_SPEC_CV_CONST_HANDLER, + ZEND_ASSIGN_POW_SPEC_CV_TMP_HANDLER, + ZEND_ASSIGN_POW_SPEC_CV_VAR_HANDLER, + ZEND_ASSIGN_POW_SPEC_CV_UNUSED_HANDLER, + ZEND_ASSIGN_POW_SPEC_CV_CV_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_BIND_GLOBAL_SPEC_CV_CONST_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_COALESCE_SPEC_CONST_HANDLER, + ZEND_COALESCE_SPEC_CONST_HANDLER, + ZEND_COALESCE_SPEC_CONST_HANDLER, + ZEND_COALESCE_SPEC_CONST_HANDLER, + ZEND_COALESCE_SPEC_CONST_HANDLER, + ZEND_COALESCE_SPEC_TMP_HANDLER, + ZEND_COALESCE_SPEC_TMP_HANDLER, + ZEND_COALESCE_SPEC_TMP_HANDLER, + ZEND_COALESCE_SPEC_TMP_HANDLER, + ZEND_COALESCE_SPEC_TMP_HANDLER, + ZEND_COALESCE_SPEC_VAR_HANDLER, + ZEND_COALESCE_SPEC_VAR_HANDLER, + ZEND_COALESCE_SPEC_VAR_HANDLER, + ZEND_COALESCE_SPEC_VAR_HANDLER, + ZEND_COALESCE_SPEC_VAR_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_COALESCE_SPEC_CV_HANDLER, + ZEND_COALESCE_SPEC_CV_HANDLER, + ZEND_COALESCE_SPEC_CV_HANDLER, + ZEND_COALESCE_SPEC_CV_HANDLER, + ZEND_COALESCE_SPEC_CV_HANDLER, ZEND_NULL_HANDLER }; zend_opcode_handlers = (opcode_handler_t*)labels; } -static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op) +static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, const zend_op* op) { static const int zend_vm_decode[] = { _UNUSED_CODE, /* 0 */ @@ -44926,6 +47742,6 @@ ZEND_API void zend_vm_set_opcode_handler(zend_op* op) ZEND_API int zend_do_fcall(ZEND_OPCODE_HANDLER_ARGS) { - return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return ZEND_DO_FCALL_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } |