1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1998-2013 Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@zend.com> |
16 | Zeev Suraski <zeev@zend.com> |
17 | Dmitry Stogov <dmitry@zend.com> |
18 +----------------------------------------------------------------------+
19 */
20
21 #ifdef ZEND_WIN32
22 # pragma warning(once : 4101)
23 #endif
24 static user_opcode_handler_t zend_user_opcode_handlers[256] = {(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL};
25
26 static zend_uchar zend_user_opcodes[256] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255};
27
28 static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op);
29
30
31 #define ZEND_VM_CONTINUE() return 0
32 #define ZEND_VM_RETURN() return 1
33 #define ZEND_VM_ENTER() return 2
34 #define ZEND_VM_LEAVE() return 3
35 #define ZEND_VM_DISPATCH(opcode, opline) return zend_vm_get_opcode_handler(opcode, opline)(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
36
37 #define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC
38 #undef EX
39 #define EX(element) execute_data->element
40
41
execute(zend_op_array * op_array TSRMLS_DC)42 ZEND_API void execute(zend_op_array *op_array TSRMLS_DC)
43 {
44 zend_execute_data *execute_data;
45 zend_bool nested = 0;
46 zend_bool original_in_execution = EG(in_execution);
47
48
49 if (EG(exception)) {
50 return;
51 }
52
53 EG(in_execution) = 1;
54
55 zend_vm_enter:
56 /* Initialize execute_data */
57 execute_data = (zend_execute_data *)zend_vm_stack_alloc(
58 ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data)) +
59 ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2)) +
60 ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * op_array->T TSRMLS_CC);
61
62 EX(CVs) = (zval***)((char*)execute_data + ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data)));
63 memset(EX(CVs), 0, sizeof(zval**) * op_array->last_var);
64 EX(Ts) = (temp_variable *)(((char*)EX(CVs)) + ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2)));
65 EX(fbc) = NULL;
66 EX(called_scope) = NULL;
67 EX(object) = NULL;
68 EX(old_error_reporting) = NULL;
69 EX(op_array) = op_array;
70 EX(symbol_table) = EG(active_symbol_table);
71 EX(prev_execute_data) = EG(current_execute_data);
72 EG(current_execute_data) = execute_data;
73 EX(nested) = nested;
74 nested = 1;
75
76 if (op_array->start_op) {
77 ZEND_VM_SET_OPCODE(op_array->start_op);
78 } else {
79 ZEND_VM_SET_OPCODE(op_array->opcodes);
80 }
81
82 if (op_array->this_var != -1 && EG(This)) {
83 Z_ADDREF_P(EG(This)); /* For $this pointer */
84 if (!EG(active_symbol_table)) {
85 EX(CVs)[op_array->this_var] = (zval**)EX(CVs) + (op_array->last_var + op_array->this_var);
86 *EX(CVs)[op_array->this_var] = EG(This);
87 } else {
88 if (zend_hash_add(EG(active_symbol_table), "this", sizeof("this"), &EG(This), sizeof(zval *), (void**)&EX(CVs)[op_array->this_var])==FAILURE) {
89 Z_DELREF_P(EG(This));
90 }
91 }
92 }
93
94 EG(opline_ptr) = &EX(opline);
95
96 EX(function_state).function = (zend_function *) op_array;
97 EX(function_state).arguments = NULL;
98
99 while (1) {
100 int ret;
101 #ifdef ZEND_WIN32
102 if (EG(timed_out)) {
103 zend_timeout(0);
104 }
105 #endif
106
107 if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) > 0) {
108 switch (ret) {
109 case 1:
110 EG(in_execution) = original_in_execution;
111 return;
112 case 2:
113 op_array = EG(active_op_array);
114 goto zend_vm_enter;
115 case 3:
116 execute_data = EG(current_execute_data);
117 default:
118 break;
119 }
120 }
121
122 }
123 zend_error_noreturn(E_ERROR, "Arrived at end of main loop which shouldn't happen");
124 }
125
ZEND_JMP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)126 static int ZEND_FASTCALL ZEND_JMP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
127 {
128 #if DEBUG_ZEND>=2
129 printf("Jumping to %d\n", EX(opline)->op1.u.opline_num);
130 #endif
131 ZEND_VM_SET_OPCODE(EX(opline)->op1.u.jmp_addr);
132 ZEND_VM_CONTINUE(); /* CHECK_ME */
133 }
134
ZEND_INIT_STRING_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)135 static int ZEND_FASTCALL ZEND_INIT_STRING_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
136 {
137 zval *tmp = &EX_T(EX(opline)->result.u.var).tmp_var;
138
139 tmp->value.str.val = emalloc(1);
140 tmp->value.str.val[0] = 0;
141 tmp->value.str.len = 0;
142 Z_SET_REFCOUNT_P(tmp, 1);
143 tmp->type = IS_STRING;
144 Z_UNSET_ISREF_P(tmp);
145 ZEND_VM_NEXT_OPCODE();
146 }
147
zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)148 static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)
149 {
150 zend_bool nested;
151 zend_op_array *op_array = EX(op_array);
152
153 EG(current_execute_data) = EX(prev_execute_data);
154 EG(opline_ptr) = NULL;
155 if (!EG(active_symbol_table)) {
156 zval ***cv = EX(CVs);
157 zval ***end = cv + EX(op_array)->last_var;
158 while (cv != end) {
159 if (*cv) {
160 zval_ptr_dtor(*cv);
161 }
162 cv++;
163 }
164 }
165
166 if ((op_array->fn_flags & ZEND_ACC_CLOSURE) && op_array->prototype) {
167 zval_ptr_dtor((zval**)&op_array->prototype);
168 }
169
170 nested = EX(nested);
171
172 zend_vm_stack_free(execute_data TSRMLS_CC);
173
174 if (nested) {
175 execute_data = EG(current_execute_data);
176
177 if (EX(call_opline)->opcode == ZEND_INCLUDE_OR_EVAL) {
178
179 EX(function_state).function = (zend_function *) EX(op_array);
180 EX(function_state).arguments = NULL;
181 EX(object) = EX(current_object);
182
183 if (RETURN_VALUE_USED(EX(call_opline))) {
184 if (!EX_T(EX(call_opline)->result.u.var).var.ptr) { /* there was no return statement */
185 ALLOC_ZVAL(EX_T(EX(call_opline)->result.u.var).var.ptr);
186 INIT_PZVAL(EX_T(EX(call_opline)->result.u.var).var.ptr);
187 Z_LVAL_P(EX_T(EX(call_opline)->result.u.var).var.ptr) = 1;
188 Z_TYPE_P(EX_T(EX(call_opline)->result.u.var).var.ptr) = IS_BOOL;
189 }
190 }
191
192 EG(opline_ptr) = &EX(opline);
193 EG(active_op_array) = EX(op_array);
194 EG(return_value_ptr_ptr) = EX(original_return_value);
195 destroy_op_array(op_array TSRMLS_CC);
196 efree(op_array);
197 if (EG(exception)) {
198 zend_throw_exception_internal(NULL TSRMLS_CC);
199 }
200
201 EX(opline)++;
202 ZEND_VM_LEAVE();
203 } else {
204
205 EG(opline_ptr) = &EX(opline);
206 EG(active_op_array) = EX(op_array);
207 EG(return_value_ptr_ptr) = EX(original_return_value);
208 if (EG(active_symbol_table)) {
209 if (EG(symtable_cache_ptr)>=EG(symtable_cache_limit)) {
210 zend_hash_destroy(EG(active_symbol_table));
211 FREE_HASHTABLE(EG(active_symbol_table));
212 } else {
213 /* clean before putting into the cache, since clean
214 could call dtors, which could use cached hash */
215 zend_hash_clean(EG(active_symbol_table));
216 *(++EG(symtable_cache_ptr)) = EG(active_symbol_table);
217 }
218 }
219 EG(active_symbol_table) = EX(symbol_table);
220
221 EX(function_state).function = (zend_function *) EX(op_array);
222 EX(function_state).arguments = NULL;
223
224 if (EG(This)) {
225 if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) {
226 if (IS_CTOR_USED(EX(called_scope))) {
227 Z_DELREF_P(EG(This));
228 }
229 if (Z_REFCOUNT_P(EG(This)) == 1) {
230 zend_object_store_ctor_failed(EG(This) TSRMLS_CC);
231 }
232 }
233 zval_ptr_dtor(&EG(This));
234 }
235 EG(This) = EX(current_this);
236 EG(scope) = EX(current_scope);
237 EG(called_scope) = EX(current_called_scope);
238
239 EX(object) = EX(current_object);
240 EX(called_scope) = DECODE_CTOR(EX(called_scope));
241
242 zend_vm_stack_clear_multiple(TSRMLS_C);
243
244 if (EG(exception)) {
245 zend_throw_exception_internal(NULL TSRMLS_CC);
246 if (RETURN_VALUE_USED(EX(call_opline)) && EX_T(EX(call_opline)->result.u.var).var.ptr) {
247 zval_ptr_dtor(&EX_T(EX(call_opline)->result.u.var).var.ptr);
248 }
249 }
250
251 EX(opline)++;
252 ZEND_VM_LEAVE();
253 }
254 }
255 ZEND_VM_RETURN();
256 }
257
zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)258 static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)
259 {
260 zend_op *opline = EX(opline);
261 zend_bool should_change_scope = 0;
262
263 if (EX(function_state).function->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) {
264 if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) {
265 zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name);
266 ZEND_VM_NEXT_OPCODE(); /* Never reached */
267 }
268 if (EX(function_state).function->common.fn_flags & ZEND_ACC_DEPRECATED) {
269 zend_error(E_DEPRECATED, "Function %s%s%s() is deprecated",
270 EX(function_state).function->common.scope ? EX(function_state).function->common.scope->name : "",
271 EX(function_state).function->common.scope ? "::" : "",
272 EX(function_state).function->common.function_name);
273 }
274 }
275 if (EX(function_state).function->common.scope &&
276 !(EX(function_state).function->common.fn_flags & ZEND_ACC_STATIC) &&
277 !EX(object)) {
278
279 if (EX(function_state).function->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
280 /* FIXME: output identifiers properly */
281 zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name);
282 } else {
283 /* FIXME: output identifiers properly */
284 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
285 zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name);
286 }
287 }
288
289 if (EX(function_state).function->type == ZEND_USER_FUNCTION ||
290 EX(function_state).function->common.scope) {
291 should_change_scope = 1;
292 EX(current_this) = EG(This);
293 EX(current_scope) = EG(scope);
294 EX(current_called_scope) = EG(called_scope);
295 EG(This) = EX(object);
296 EG(scope) = (EX(function_state).function->type == ZEND_USER_FUNCTION || !EX(object)) ? EX(function_state).function->common.scope : NULL;
297 EG(called_scope) = EX(called_scope);
298 }
299
300 zend_arg_types_stack_3_pop(&EG(arg_types_stack), &EX(called_scope), &EX(current_object), &EX(fbc));
301 EX(function_state).arguments = zend_vm_stack_push_args(opline->extended_value TSRMLS_CC);
302
303 if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION) {
304 if (EX(function_state).function->common.arg_info) {
305 zend_uint i=0;
306 zval **p = (zval**)EX(function_state).arguments;
307 ulong arg_count = opline->extended_value;
308
309 while (arg_count>0) {
310 zend_verify_arg_type(EX(function_state).function, ++i, *(p-arg_count), 0 TSRMLS_CC);
311 arg_count--;
312 }
313 }
314
315 if (EXPECTED(EG(exception) == NULL)) {
316 ALLOC_INIT_ZVAL(EX_T(opline->result.u.var).var.ptr);
317 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
318 EX_T(opline->result.u.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference;
319
320 if (!zend_execute_internal) {
321 /* saves one function call if zend_execute_internal is not used */
322 ((zend_internal_function *) EX(function_state).function)->handler(opline->extended_value, EX_T(opline->result.u.var).var.ptr, EX(function_state).function->common.return_reference?&EX_T(opline->result.u.var).var.ptr:NULL, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC);
323 } else {
324 zend_execute_internal(execute_data, RETURN_VALUE_USED(opline) TSRMLS_CC);
325 }
326
327 if (!RETURN_VALUE_USED(opline)) {
328 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
329 }
330 } else if (RETURN_VALUE_USED(opline)) {
331 EX_T(opline->result.u.var).var.ptr = NULL;
332 }
333 } else if (EX(function_state).function->type == ZEND_USER_FUNCTION) {
334 EX(original_return_value) = EG(return_value_ptr_ptr);
335 EG(active_symbol_table) = NULL;
336 EG(active_op_array) = &EX(function_state).function->op_array;
337 EG(return_value_ptr_ptr) = NULL;
338 if (RETURN_VALUE_USED(opline)) {
339 EG(return_value_ptr_ptr) = &EX_T(opline->result.u.var).var.ptr;
340 EX_T(opline->result.u.var).var.ptr = NULL;
341 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
342 EX_T(opline->result.u.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference;
343 }
344
345 if (zend_execute == execute && !EG(exception)) {
346 EX(call_opline) = opline;
347 ZEND_VM_ENTER();
348 } else {
349 zend_execute(EG(active_op_array) TSRMLS_CC);
350 }
351
352 EG(opline_ptr) = &EX(opline);
353 EG(active_op_array) = EX(op_array);
354 EG(return_value_ptr_ptr) = EX(original_return_value);
355 if (EG(active_symbol_table)) {
356 if (EG(symtable_cache_ptr)>=EG(symtable_cache_limit)) {
357 zend_hash_destroy(EG(active_symbol_table));
358 FREE_HASHTABLE(EG(active_symbol_table));
359 } else {
360 /* clean before putting into the cache, since clean
361 could call dtors, which could use cached hash */
362 zend_hash_clean(EG(active_symbol_table));
363 *(++EG(symtable_cache_ptr)) = EG(active_symbol_table);
364 }
365 }
366 EG(active_symbol_table) = EX(symbol_table);
367 } else { /* ZEND_OVERLOADED_FUNCTION */
368 ALLOC_INIT_ZVAL(EX_T(opline->result.u.var).var.ptr);
369
370 /* Not sure what should be done here if it's a static method */
371 if (EX(object)) {
372 Z_OBJ_HT_P(EX(object))->call_method(EX(function_state).function->common.function_name, opline->extended_value, EX_T(opline->result.u.var).var.ptr, &EX_T(opline->result.u.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC);
373 } else {
374 zend_error_noreturn(E_ERROR, "Cannot call overloaded function for non-object");
375 }
376
377 if (EX(function_state).function->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) {
378 efree(EX(function_state).function->common.function_name);
379 }
380 efree(EX(function_state).function);
381
382 if (!RETURN_VALUE_USED(opline)) {
383 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
384 } else {
385 Z_UNSET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
386 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
387 EX_T(opline->result.u.var).var.fcall_returned_reference = 0;
388 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
389 }
390 }
391
392 EX(function_state).function = (zend_function *) EX(op_array);
393 EX(function_state).arguments = NULL;
394
395 if (should_change_scope) {
396 if (EG(This)) {
397 if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) {
398 if (IS_CTOR_USED(EX(called_scope))) {
399 Z_DELREF_P(EG(This));
400 }
401 if (Z_REFCOUNT_P(EG(This)) == 1) {
402 zend_object_store_ctor_failed(EG(This) TSRMLS_CC);
403 }
404 }
405 zval_ptr_dtor(&EG(This));
406 }
407 EG(This) = EX(current_this);
408 EG(scope) = EX(current_scope);
409 EG(called_scope) = EX(current_called_scope);
410 }
411
412 EX(object) = EX(current_object);
413 EX(called_scope) = DECODE_CTOR(EX(called_scope));
414
415 zend_vm_stack_clear_multiple(TSRMLS_C);
416
417 if (EG(exception)) {
418 zend_throw_exception_internal(NULL TSRMLS_CC);
419 if (RETURN_VALUE_USED(opline) && EX_T(opline->result.u.var).var.ptr) {
420 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
421 }
422 }
423
424 ZEND_VM_NEXT_OPCODE();
425 }
426
ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)427 static int ZEND_FASTCALL ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
428 {
429 EX(function_state).function = EX(fbc);
430 return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
431 }
432
ZEND_RECV_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)433 static int ZEND_FASTCALL ZEND_RECV_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
434 {
435 zend_op *opline = EX(opline);
436 zend_uint arg_num = Z_LVAL(opline->op1.u.constant);
437 zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC);
438
439 if (param == NULL) {
440 char *space;
441 char *class_name = get_active_class_name(&space TSRMLS_CC);
442 zend_execute_data *ptr = EX(prev_execute_data);
443
444 if (zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, NULL, opline->extended_value TSRMLS_CC)) {
445 if(ptr && ptr->op_array) {
446 zend_error(E_WARNING, "Missing argument %ld for %s%s%s(), called in %s on line %d and defined", opline->op1.u.constant.value.lval, class_name, space, get_active_function_name(TSRMLS_C), ptr->op_array->filename, ptr->opline->lineno);
447 } else {
448 zend_error(E_WARNING, "Missing argument %ld for %s%s%s()", opline->op1.u.constant.value.lval, class_name, space, get_active_function_name(TSRMLS_C));
449 }
450 }
451 if (opline->result.op_type == IS_VAR) {
452 PZVAL_UNLOCK_FREE(*EX_T(opline->result.u.var).var.ptr_ptr);
453 }
454 } else {
455 zend_free_op free_res;
456 zval **var_ptr;
457
458 zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param, opline->extended_value TSRMLS_CC);
459 var_ptr = get_zval_ptr_ptr(&opline->result, EX(Ts), &free_res, BP_VAR_W);
460 Z_DELREF_PP(var_ptr);
461 *var_ptr = *param;
462 Z_ADDREF_PP(var_ptr);
463 }
464
465 ZEND_VM_NEXT_OPCODE();
466 }
467
ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)468 static int ZEND_FASTCALL ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
469 {
470 zend_op *opline = EX(opline);
471 zval *object_zval;
472 zend_function *constructor;
473
474 if (EX_T(opline->op1.u.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) {
475 char *class_type;
476
477 if (EX_T(opline->op1.u.var).class_entry->ce_flags & ZEND_ACC_INTERFACE) {
478 class_type = "interface";
479 } else {
480 class_type = "abstract class";
481 }
482 zend_error_noreturn(E_ERROR, "Cannot instantiate %s %s", class_type, EX_T(opline->op1.u.var).class_entry->name);
483 }
484 ALLOC_ZVAL(object_zval);
485 object_init_ex(object_zval, EX_T(opline->op1.u.var).class_entry);
486 INIT_PZVAL(object_zval);
487
488 constructor = Z_OBJ_HT_P(object_zval)->get_constructor(object_zval TSRMLS_CC);
489
490 if (constructor == NULL) {
491 if (RETURN_VALUE_USED(opline)) {
492 AI_SET_PTR(EX_T(opline->result.u.var).var, object_zval);
493 } else {
494 zval_ptr_dtor(&object_zval);
495 }
496 ZEND_VM_JMP(EX(op_array)->opcodes + opline->op2.u.opline_num);
497 } else {
498 if (RETURN_VALUE_USED(opline)) {
499 AI_SET_PTR(EX_T(opline->result.u.var).var, object_zval);
500 PZVAL_LOCK(object_zval);
501 }
502
503 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), ENCODE_CTOR(EX(called_scope), RETURN_VALUE_USED(opline)));
504
505 /* We are not handling overloaded classes right now */
506 EX(object) = object_zval;
507 EX(fbc) = constructor;
508 EX(called_scope) = EX_T(opline->op1.u.var).class_entry;
509
510 ZEND_VM_NEXT_OPCODE();
511 }
512 }
513
ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)514 static int ZEND_FASTCALL ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
515 {
516 zend_op *opline = EX(opline);
517
518 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = EG(error_reporting);
519 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG; /* shouldn't be necessary */
520 if (EX(old_error_reporting) == NULL) {
521 EX(old_error_reporting) = &EX_T(opline->result.u.var).tmp_var;
522 }
523
524 if (EG(error_reporting)) {
525 zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), "0", 1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC);
526 }
527 ZEND_VM_NEXT_OPCODE();
528 }
529
ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)530 static int ZEND_FASTCALL ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
531 {
532 zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EG(scope)->name, EX(op_array)->function_name);
533 ZEND_VM_NEXT_OPCODE(); /* Never reached */
534 }
535
ZEND_EXT_STMT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)536 static int ZEND_FASTCALL ZEND_EXT_STMT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
537 {
538 if (!EG(no_extensions)) {
539 zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(op_array) TSRMLS_CC);
540 }
541 ZEND_VM_NEXT_OPCODE();
542 }
543
ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)544 static int ZEND_FASTCALL ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
545 {
546 if (!EG(no_extensions)) {
547 zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(op_array) TSRMLS_CC);
548 }
549 ZEND_VM_NEXT_OPCODE();
550 }
551
ZEND_EXT_FCALL_END_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)552 static int ZEND_FASTCALL ZEND_EXT_FCALL_END_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
553 {
554 if (!EG(no_extensions)) {
555 zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(op_array) TSRMLS_CC);
556 }
557 ZEND_VM_NEXT_OPCODE();
558 }
559
ZEND_DECLARE_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)560 static int ZEND_FASTCALL ZEND_DECLARE_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
561 {
562 zend_op *opline = EX(opline);
563
564 EX_T(opline->result.u.var).class_entry = do_bind_class(opline, EG(class_table), 0 TSRMLS_CC);
565 ZEND_VM_NEXT_OPCODE();
566 }
567
ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)568 static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
569 {
570 zend_op *opline = EX(opline);
571
572 EX_T(opline->result.u.var).class_entry = do_bind_inherited_class(opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC);
573 ZEND_VM_NEXT_OPCODE();
574 }
575
ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)576 static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
577 {
578 zend_op *opline = EX(opline);
579 zend_class_entry **pce, **pce_orig;
580
581 if (zend_hash_find(EG(class_table), Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant)+1, (void**)&pce) == FAILURE ||
582 (zend_hash_find(EG(class_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), (void**)&pce_orig) == SUCCESS &&
583 *pce != *pce_orig)) {
584 do_bind_inherited_class(opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC);
585 }
586 ZEND_VM_NEXT_OPCODE();
587 }
588
ZEND_DECLARE_FUNCTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)589 static int ZEND_FASTCALL ZEND_DECLARE_FUNCTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
590 {
591 do_bind_function(EX(opline), EG(function_table), 0);
592 ZEND_VM_NEXT_OPCODE();
593 }
594
ZEND_EXT_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)595 static int ZEND_FASTCALL ZEND_EXT_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
596 {
597 ZEND_VM_NEXT_OPCODE();
598 }
599
ZEND_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)600 static int ZEND_FASTCALL ZEND_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
601 {
602 ZEND_VM_NEXT_OPCODE();
603 }
604
ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)605 static int ZEND_FASTCALL ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
606 {
607 zend_uint op_num = EG(opline_before_exception)-EG(active_op_array)->opcodes;
608 int i;
609 zend_uint catch_op_num;
610 int catched = 0;
611 zval restored_error_reporting;
612
613 void **stack_frame = (void**)(((char*)EX(Ts)) +
614 (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * EX(op_array)->T));
615
616 while (zend_vm_stack_top(TSRMLS_C) != stack_frame) {
617 zval *stack_zval_p = zend_vm_stack_pop(TSRMLS_C);
618 zval_ptr_dtor(&stack_zval_p);
619 }
620
621 for (i=0; i<EG(active_op_array)->last_try_catch; i++) {
622 if (EG(active_op_array)->try_catch_array[i].try_op > op_num) {
623 /* further blocks will not be relevant... */
624 break;
625 }
626 if (op_num >= EG(active_op_array)->try_catch_array[i].try_op
627 && op_num < EG(active_op_array)->try_catch_array[i].catch_op) {
628 catch_op_num = EX(op_array)->try_catch_array[i].catch_op;
629 catched = 1;
630 }
631 }
632
633 while (EX(fbc)) {
634 EX(called_scope) = (zend_class_entry*)zend_ptr_stack_pop(&EG(arg_types_stack));
635 if (EX(object)) {
636 if (IS_CTOR_CALL(EX(called_scope))) {
637 if (IS_CTOR_USED(EX(called_scope))) {
638 Z_DELREF_P(EX(object));
639 }
640 if (Z_REFCOUNT_P(EX(object)) == 1) {
641 zend_object_store_ctor_failed(EX(object) TSRMLS_CC);
642 }
643 }
644 zval_ptr_dtor(&EX(object));
645 }
646 EX(called_scope) = DECODE_CTOR(EX(called_scope));
647 zend_arg_types_stack_2_pop(&EG(arg_types_stack), &EX(object), &EX(fbc));
648 }
649
650 for (i=0; i<EX(op_array)->last_brk_cont; i++) {
651 if (EX(op_array)->brk_cont_array[i].start < 0) {
652 continue;
653 } else if (EX(op_array)->brk_cont_array[i].start > op_num) {
654 /* further blocks will not be relevant... */
655 break;
656 } else if (op_num < EX(op_array)->brk_cont_array[i].brk) {
657 if (!catched ||
658 catch_op_num >= EX(op_array)->brk_cont_array[i].brk) {
659 zend_op *brk_opline = &EX(op_array)->opcodes[EX(op_array)->brk_cont_array[i].brk];
660
661 switch (brk_opline->opcode) {
662 case ZEND_SWITCH_FREE:
663 if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
664 zend_switch_free(&EX_T(brk_opline->op1.u.var), brk_opline->extended_value TSRMLS_CC);
665 }
666 break;
667 case ZEND_FREE:
668 if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
669 zendi_zval_dtor(EX_T(brk_opline->op1.u.var).tmp_var);
670 }
671 break;
672 }
673 }
674 }
675 }
676
677 /* restore previous error_reporting value */
678 if (!EG(error_reporting) && EX(old_error_reporting) != NULL && Z_LVAL_P(EX(old_error_reporting)) != 0) {
679 Z_TYPE(restored_error_reporting) = IS_LONG;
680 Z_LVAL(restored_error_reporting) = Z_LVAL_P(EX(old_error_reporting));
681 convert_to_string(&restored_error_reporting);
682 zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), Z_STRVAL(restored_error_reporting), Z_STRLEN(restored_error_reporting), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC);
683 zendi_zval_dtor(restored_error_reporting);
684 }
685 EX(old_error_reporting) = NULL;
686
687 if (!catched) {
688 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
689 } else {
690 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[catch_op_num]);
691 ZEND_VM_CONTINUE();
692 }
693 }
694
ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)695 static int ZEND_FASTCALL ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
696 {
697 zend_verify_abstract_class(EX_T(EX(opline)->op1.u.var).class_entry TSRMLS_CC);
698 ZEND_VM_NEXT_OPCODE();
699 }
700
ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)701 static int ZEND_FASTCALL ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
702 {
703 int ret = zend_user_opcode_handlers[EX(opline)->opcode](ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL);
704
705 switch (ret) {
706 case ZEND_USER_OPCODE_CONTINUE:
707 ZEND_VM_CONTINUE();
708 case ZEND_USER_OPCODE_RETURN:
709 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
710 case ZEND_USER_OPCODE_ENTER:
711 ZEND_VM_ENTER();
712 case ZEND_USER_OPCODE_LEAVE:
713 ZEND_VM_LEAVE();
714 case ZEND_USER_OPCODE_DISPATCH:
715 ZEND_VM_DISPATCH(EX(opline)->opcode, EX(opline));
716 default:
717 ZEND_VM_DISPATCH((zend_uchar)(ret & 0xff), EX(opline));
718 }
719 }
720
ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)721 static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
722 {
723 zend_op *opline = EX(opline);
724
725
726 if (IS_CONST == IS_UNUSED) {
727 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
728 ZEND_VM_NEXT_OPCODE();
729 } else {
730
731 zval *class_name = &opline->op2.u.constant;
732
733 if (IS_CONST != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
734 EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
735 } else if (Z_TYPE_P(class_name) == IS_STRING) {
736 EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
737 } else {
738 zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
739 }
740
741 ZEND_VM_NEXT_OPCODE();
742 }
743 }
744
ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)745 static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
746 {
747 zend_op *opline = EX(opline);
748 zval *function_name;
749 char *function_name_strval, *lcname;
750 int function_name_strlen;
751
752
753 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
754
755 if (IS_CONST == IS_CONST) {
756 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
757 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
758 }
759 } else {
760 function_name = &opline->op2.u.constant;
761
762 if (IS_CONST != IS_CONST && IS_CONST != IS_TMP_VAR &&
763 Z_TYPE_P(function_name) == IS_OBJECT &&
764 Z_OBJ_HANDLER_P(function_name, get_closure) &&
765 Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
766 if (EX(object)) {
767 Z_ADDREF_P(EX(object));
768 }
769 if (IS_CONST == IS_VAR && 0 &&
770 EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
771 /* Delay closure destruction until its invocation */
772 EX(fbc)->common.prototype = (zend_function*)function_name;
773 } else {
774
775 }
776 ZEND_VM_NEXT_OPCODE();
777 }
778
779 if (Z_TYPE_P(function_name) != IS_STRING) {
780 zend_error_noreturn(E_ERROR, "Function name must be a string");
781 }
782 function_name_strval = Z_STRVAL_P(function_name);
783 function_name_strlen = Z_STRLEN_P(function_name);
784 if (function_name_strval[0] == '\\') {
785
786 function_name_strlen -= 1;
787 lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
788 } else {
789 lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
790 }
791 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
792 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
793 }
794 efree(lcname);
795
796 }
797
798 EX(object) = NULL;
799 ZEND_VM_NEXT_OPCODE();
800 }
801
802
ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)803 static int ZEND_FASTCALL ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
804 {
805 zend_op *opline = EX(opline);
806 zend_op *op_data = opline + 1;
807
808 ZEND_VM_INC_OPCODE();
809 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
810
811 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc))==FAILURE) {
812 char *short_name = Z_STRVAL(opline->op1.u.constant)+Z_LVAL(op_data->op1.u.constant);
813 if (zend_hash_quick_find(EG(function_table), short_name, Z_STRLEN(opline->op1.u.constant)-Z_LVAL(op_data->op1.u.constant)+1, op_data->extended_value, (void **) &EX(fbc))==FAILURE) {
814 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
815 }
816 }
817
818 EX(object) = NULL;
819 ZEND_VM_NEXT_OPCODE();
820 }
821
ZEND_RECV_INIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)822 static int ZEND_FASTCALL ZEND_RECV_INIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
823 {
824 zend_op *opline = EX(opline);
825 zval *assignment_value;
826 zend_uint arg_num = Z_LVAL(opline->op1.u.constant);
827 zend_free_op free_res;
828 zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC);
829 zval **var_ptr;
830
831 if (param == NULL) {
832 ALLOC_ZVAL(assignment_value);
833 *assignment_value = opline->op2.u.constant;
834 if ((Z_TYPE(opline->op2.u.constant) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE(opline->op2.u.constant)==IS_CONSTANT_ARRAY) {
835 Z_SET_REFCOUNT_P(assignment_value, 1);
836 zval_update_constant(&assignment_value, 0 TSRMLS_CC);
837 } else {
838 zval_copy_ctor(assignment_value);
839 }
840 INIT_PZVAL(assignment_value);
841 } else {
842 assignment_value = *param;
843 Z_ADDREF_P(assignment_value);
844 }
845
846 zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value, opline->extended_value TSRMLS_CC);
847 var_ptr = get_zval_ptr_ptr(&opline->result, EX(Ts), &free_res, BP_VAR_W);
848 Z_DELREF_PP(var_ptr);
849 *var_ptr = assignment_value;
850
851 ZEND_VM_NEXT_OPCODE();
852 }
853
ZEND_BRK_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)854 static int ZEND_FASTCALL ZEND_BRK_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
855 {
856 zend_op *opline = EX(opline);
857
858 zend_brk_cont_element *el;
859
860 el = zend_brk_cont(&opline->op2.u.constant, opline->op1.u.opline_num,
861 EX(op_array), EX(Ts) TSRMLS_CC);
862
863 ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
864 }
865
ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)866 static int ZEND_FASTCALL ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
867 {
868 zend_op *opline = EX(opline);
869
870 zend_brk_cont_element *el;
871
872 el = zend_brk_cont(&opline->op2.u.constant, opline->op1.u.opline_num,
873 EX(op_array), EX(Ts) TSRMLS_CC);
874
875 ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
876 }
877
ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)878 static int ZEND_FASTCALL ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
879 {
880 zend_op *brk_opline;
881 zend_op *opline = EX(opline);
882 zend_brk_cont_element *el;
883
884 el = zend_brk_cont(&opline->op2.u.constant, opline->extended_value,
885 EX(op_array), EX(Ts) TSRMLS_CC);
886
887 brk_opline = EX(op_array)->opcodes + el->brk;
888
889 switch (brk_opline->opcode) {
890 case ZEND_SWITCH_FREE:
891 if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
892 zend_switch_free(&EX_T(brk_opline->op1.u.var), brk_opline->extended_value TSRMLS_CC);
893 }
894 break;
895 case ZEND_FREE:
896 if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
897 zendi_zval_dtor(EX_T(brk_opline->op1.u.var).tmp_var);
898 }
899 break;
900 }
901 ZEND_VM_JMP(opline->op1.u.jmp_addr);
902 }
903
ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)904 static int ZEND_FASTCALL ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
905 {
906 zend_op *opline = EX(opline);
907 zend_class_entry *ce = EX_T(opline->op1.u.var).class_entry;
908 zend_class_entry *iface = zend_fetch_class(Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant), opline->extended_value TSRMLS_CC);
909
910 if (iface) {
911 if (!(iface->ce_flags & ZEND_ACC_INTERFACE)) {
912 zend_error_noreturn(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name, iface->name);
913 }
914 zend_do_implement_interface(ce, iface TSRMLS_CC);
915 }
916
917 ZEND_VM_NEXT_OPCODE();
918 }
919
ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)920 static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
921 {
922 zend_op *opline = EX(opline);
923
924
925 if (IS_TMP_VAR == IS_UNUSED) {
926 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
927 ZEND_VM_NEXT_OPCODE();
928 } else {
929 zend_free_op free_op2;
930 zval *class_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
931
932 if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
933 EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
934 } else if (Z_TYPE_P(class_name) == IS_STRING) {
935 EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
936 } else {
937 zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
938 }
939
940 zval_dtor(free_op2.var);
941 ZEND_VM_NEXT_OPCODE();
942 }
943 }
944
ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)945 static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
946 {
947 zend_op *opline = EX(opline);
948 zval *function_name;
949 char *function_name_strval, *lcname;
950 int function_name_strlen;
951 zend_free_op free_op2;
952
953 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
954
955 if (IS_TMP_VAR == IS_CONST) {
956 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
957 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
958 }
959 } else {
960 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
961
962 if (IS_TMP_VAR != IS_CONST && IS_TMP_VAR != IS_TMP_VAR &&
963 Z_TYPE_P(function_name) == IS_OBJECT &&
964 Z_OBJ_HANDLER_P(function_name, get_closure) &&
965 Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
966 if (EX(object)) {
967 Z_ADDREF_P(EX(object));
968 }
969 if (IS_TMP_VAR == IS_VAR && 1 &&
970 EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
971 /* Delay closure destruction until its invocation */
972 EX(fbc)->common.prototype = (zend_function*)function_name;
973 } else {
974 zval_dtor(free_op2.var);
975 }
976 ZEND_VM_NEXT_OPCODE();
977 }
978
979 if (Z_TYPE_P(function_name) != IS_STRING) {
980 zend_error_noreturn(E_ERROR, "Function name must be a string");
981 }
982 function_name_strval = Z_STRVAL_P(function_name);
983 function_name_strlen = Z_STRLEN_P(function_name);
984 if (function_name_strval[0] == '\\') {
985
986 function_name_strlen -= 1;
987 lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
988 } else {
989 lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
990 }
991 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
992 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
993 }
994 efree(lcname);
995 zval_dtor(free_op2.var);
996 }
997
998 EX(object) = NULL;
999 ZEND_VM_NEXT_OPCODE();
1000 }
1001
1002
ZEND_BRK_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1003 static int ZEND_FASTCALL ZEND_BRK_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1004 {
1005 zend_op *opline = EX(opline);
1006 zend_free_op free_op2;
1007 zend_brk_cont_element *el;
1008
1009 el = zend_brk_cont(_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
1010 EX(op_array), EX(Ts) TSRMLS_CC);
1011 zval_dtor(free_op2.var);
1012 ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
1013 }
1014
ZEND_CONT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1015 static int ZEND_FASTCALL ZEND_CONT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1016 {
1017 zend_op *opline = EX(opline);
1018 zend_free_op free_op2;
1019 zend_brk_cont_element *el;
1020
1021 el = zend_brk_cont(_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
1022 EX(op_array), EX(Ts) TSRMLS_CC);
1023 zval_dtor(free_op2.var);
1024 ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
1025 }
1026
ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1027 static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1028 {
1029 zend_op *opline = EX(opline);
1030
1031
1032 if (IS_VAR == IS_UNUSED) {
1033 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
1034 ZEND_VM_NEXT_OPCODE();
1035 } else {
1036 zend_free_op free_op2;
1037 zval *class_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
1038
1039 if (IS_VAR != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
1040 EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
1041 } else if (Z_TYPE_P(class_name) == IS_STRING) {
1042 EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
1043 } else {
1044 zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
1045 }
1046
1047 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
1048 ZEND_VM_NEXT_OPCODE();
1049 }
1050 }
1051
ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1052 static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1053 {
1054 zend_op *opline = EX(opline);
1055 zval *function_name;
1056 char *function_name_strval, *lcname;
1057 int function_name_strlen;
1058 zend_free_op free_op2;
1059
1060 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
1061
1062 if (IS_VAR == IS_CONST) {
1063 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
1064 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
1065 }
1066 } else {
1067 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
1068
1069 if (IS_VAR != IS_CONST && IS_VAR != IS_TMP_VAR &&
1070 Z_TYPE_P(function_name) == IS_OBJECT &&
1071 Z_OBJ_HANDLER_P(function_name, get_closure) &&
1072 Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
1073 if (EX(object)) {
1074 Z_ADDREF_P(EX(object));
1075 }
1076 if (IS_VAR == IS_VAR && (free_op2.var != NULL) &&
1077 EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
1078 /* Delay closure destruction until its invocation */
1079 EX(fbc)->common.prototype = (zend_function*)function_name;
1080 } else {
1081 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
1082 }
1083 ZEND_VM_NEXT_OPCODE();
1084 }
1085
1086 if (Z_TYPE_P(function_name) != IS_STRING) {
1087 zend_error_noreturn(E_ERROR, "Function name must be a string");
1088 }
1089 function_name_strval = Z_STRVAL_P(function_name);
1090 function_name_strlen = Z_STRLEN_P(function_name);
1091 if (function_name_strval[0] == '\\') {
1092
1093 function_name_strlen -= 1;
1094 lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
1095 } else {
1096 lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
1097 }
1098 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
1099 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
1100 }
1101 efree(lcname);
1102 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
1103 }
1104
1105 EX(object) = NULL;
1106 ZEND_VM_NEXT_OPCODE();
1107 }
1108
1109
ZEND_BRK_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1110 static int ZEND_FASTCALL ZEND_BRK_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1111 {
1112 zend_op *opline = EX(opline);
1113 zend_free_op free_op2;
1114 zend_brk_cont_element *el;
1115
1116 el = zend_brk_cont(_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
1117 EX(op_array), EX(Ts) TSRMLS_CC);
1118 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
1119 ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
1120 }
1121
ZEND_CONT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1122 static int ZEND_FASTCALL ZEND_CONT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1123 {
1124 zend_op *opline = EX(opline);
1125 zend_free_op free_op2;
1126 zend_brk_cont_element *el;
1127
1128 el = zend_brk_cont(_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
1129 EX(op_array), EX(Ts) TSRMLS_CC);
1130 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
1131 ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
1132 }
1133
ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1134 static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1135 {
1136 zend_op *opline = EX(opline);
1137
1138
1139 if (IS_UNUSED == IS_UNUSED) {
1140 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
1141 ZEND_VM_NEXT_OPCODE();
1142 } else {
1143
1144 zval *class_name = NULL;
1145
1146 if (IS_UNUSED != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
1147 EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
1148 } else if (Z_TYPE_P(class_name) == IS_STRING) {
1149 EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
1150 } else {
1151 zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
1152 }
1153
1154 ZEND_VM_NEXT_OPCODE();
1155 }
1156 }
1157
ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1158 static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1159 {
1160 zend_op *opline = EX(opline);
1161
1162
1163 if (IS_CV == IS_UNUSED) {
1164 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
1165 ZEND_VM_NEXT_OPCODE();
1166 } else {
1167
1168 zval *class_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
1169
1170 if (IS_CV != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
1171 EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
1172 } else if (Z_TYPE_P(class_name) == IS_STRING) {
1173 EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
1174 } else {
1175 zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
1176 }
1177
1178 ZEND_VM_NEXT_OPCODE();
1179 }
1180 }
1181
ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1182 static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1183 {
1184 zend_op *opline = EX(opline);
1185 zval *function_name;
1186 char *function_name_strval, *lcname;
1187 int function_name_strlen;
1188
1189
1190 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
1191
1192 if (IS_CV == IS_CONST) {
1193 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
1194 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
1195 }
1196 } else {
1197 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
1198
1199 if (IS_CV != IS_CONST && IS_CV != IS_TMP_VAR &&
1200 Z_TYPE_P(function_name) == IS_OBJECT &&
1201 Z_OBJ_HANDLER_P(function_name, get_closure) &&
1202 Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
1203 if (EX(object)) {
1204 Z_ADDREF_P(EX(object));
1205 }
1206 if (IS_CV == IS_VAR && 0 &&
1207 EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
1208 /* Delay closure destruction until its invocation */
1209 EX(fbc)->common.prototype = (zend_function*)function_name;
1210 } else {
1211
1212 }
1213 ZEND_VM_NEXT_OPCODE();
1214 }
1215
1216 if (Z_TYPE_P(function_name) != IS_STRING) {
1217 zend_error_noreturn(E_ERROR, "Function name must be a string");
1218 }
1219 function_name_strval = Z_STRVAL_P(function_name);
1220 function_name_strlen = Z_STRLEN_P(function_name);
1221 if (function_name_strval[0] == '\\') {
1222
1223 function_name_strlen -= 1;
1224 lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
1225 } else {
1226 lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
1227 }
1228 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
1229 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
1230 }
1231 efree(lcname);
1232
1233 }
1234
1235 EX(object) = NULL;
1236 ZEND_VM_NEXT_OPCODE();
1237 }
1238
1239
ZEND_CATCH_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1240 static int ZEND_FASTCALL ZEND_CATCH_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1241 {
1242 zend_op *opline = EX(opline);
1243 zend_class_entry *ce;
1244
1245 /* Check whether an exception has been thrown, if not, jump over code */
1246 zend_exception_restore(TSRMLS_C);
1247 if (EG(exception) == NULL) {
1248 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
1249 ZEND_VM_CONTINUE(); /* CHECK_ME */
1250 }
1251 ce = Z_OBJCE_P(EG(exception));
1252 if (ce != EX_T(opline->op1.u.var).class_entry) {
1253 if (!instanceof_function(ce, EX_T(opline->op1.u.var).class_entry TSRMLS_CC)) {
1254 if (opline->op1.u.EA.type) {
1255 zend_throw_exception_internal(NULL TSRMLS_CC);
1256 ZEND_VM_NEXT_OPCODE();
1257 }
1258 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
1259 ZEND_VM_CONTINUE(); /* CHECK_ME */
1260 }
1261 }
1262
1263 if (!EG(active_symbol_table)) {
1264 if (EX(CVs)[opline->op2.u.var]) {
1265 zval_ptr_dtor(EX(CVs)[opline->op2.u.var]);
1266 }
1267 EX(CVs)[opline->op2.u.var] = (zval**)EX(CVs) + (EX(op_array)->last_var + opline->op2.u.var);
1268 *EX(CVs)[opline->op2.u.var] = EG(exception);
1269 } else {
1270 zend_compiled_variable *cv = &CV_DEF_OF(opline->op2.u.var);
1271 zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value,
1272 &EG(exception), sizeof(zval *), (void**)&EX(CVs)[opline->op2.u.var]);
1273 }
1274 EG(exception) = NULL;
1275 ZEND_VM_NEXT_OPCODE();
1276 }
1277
ZEND_BRK_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1278 static int ZEND_FASTCALL ZEND_BRK_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1279 {
1280 zend_op *opline = EX(opline);
1281
1282 zend_brk_cont_element *el;
1283
1284 el = zend_brk_cont(_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC), opline->op1.u.opline_num,
1285 EX(op_array), EX(Ts) TSRMLS_CC);
1286
1287 ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
1288 }
1289
ZEND_CONT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1290 static int ZEND_FASTCALL ZEND_CONT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1291 {
1292 zend_op *opline = EX(opline);
1293
1294 zend_brk_cont_element *el;
1295
1296 el = zend_brk_cont(_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC), opline->op1.u.opline_num,
1297 EX(op_array), EX(Ts) TSRMLS_CC);
1298
1299 ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
1300 }
1301
ZEND_BW_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1302 static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1303 {
1304 zend_op *opline = EX(opline);
1305
1306
1307 bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
1308 &opline->op1.u.constant TSRMLS_CC);
1309
1310 ZEND_VM_NEXT_OPCODE();
1311 }
1312
ZEND_BOOL_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1313 static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1314 {
1315 zend_op *opline = EX(opline);
1316
1317
1318 boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
1319 &opline->op1.u.constant TSRMLS_CC);
1320
1321 ZEND_VM_NEXT_OPCODE();
1322 }
1323
ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1324 static int ZEND_FASTCALL ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1325 {
1326 zend_op *opline = EX(opline);
1327
1328 zval *z = &opline->op1.u.constant;
1329
1330 if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
1331 INIT_PZVAL(z);
1332 }
1333 zend_print_variable(z);
1334
1335 ZEND_VM_NEXT_OPCODE();
1336 }
1337
ZEND_PRINT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1338 static int ZEND_FASTCALL ZEND_PRINT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1339 {
1340 zend_op *opline = EX(opline);
1341
1342 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
1343 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
1344
1345 return ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1346 }
1347
zend_fetch_var_address_helper_SPEC_CONST(int type,ZEND_OPCODE_HANDLER_ARGS)1348 static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND_OPCODE_HANDLER_ARGS)
1349 {
1350 zend_op *opline = EX(opline);
1351 zend_free_op free_op1;
1352 zval *varname = &opline->op1.u.constant;
1353 zval **retval;
1354 zval tmp_varname;
1355 HashTable *target_symbol_table;
1356
1357 if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
1358 tmp_varname = *varname;
1359 zval_copy_ctor(&tmp_varname);
1360 convert_to_string(&tmp_varname);
1361 varname = &tmp_varname;
1362 }
1363
1364 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
1365 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
1366
1367 } else {
1368 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
1369 /*
1370 if (!target_symbol_table) {
1371 ZEND_VM_NEXT_OPCODE();
1372 }
1373 */
1374 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
1375 switch (type) {
1376 case BP_VAR_R:
1377 case BP_VAR_UNSET:
1378 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
1379 /* break missing intentionally */
1380 case BP_VAR_IS:
1381 retval = &EG(uninitialized_zval_ptr);
1382 break;
1383 case BP_VAR_RW:
1384 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
1385 /* break missing intentionally */
1386 case BP_VAR_W: {
1387 zval *new_zval = &EG(uninitialized_zval);
1388
1389 Z_ADDREF_P(new_zval);
1390 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
1391 }
1392 break;
1393 EMPTY_SWITCH_DEFAULT_CASE()
1394 }
1395 }
1396 switch (opline->op2.u.EA.type) {
1397 case ZEND_FETCH_GLOBAL:
1398 if (IS_CONST != IS_TMP_VAR) {
1399
1400 }
1401 break;
1402 case ZEND_FETCH_LOCAL:
1403
1404 break;
1405 case ZEND_FETCH_STATIC:
1406 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
1407 break;
1408 case ZEND_FETCH_GLOBAL_LOCK:
1409 if (IS_CONST == IS_VAR && !free_op1.var) {
1410 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
1411 }
1412 break;
1413 }
1414 }
1415
1416
1417 if (IS_CONST != IS_CONST && varname == &tmp_varname) {
1418 zval_dtor(varname);
1419 }
1420 if (!RETURN_VALUE_UNUSED(&opline->result)) {
1421 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
1422 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
1423 }
1424 PZVAL_LOCK(*retval);
1425 switch (type) {
1426 case BP_VAR_R:
1427 case BP_VAR_IS:
1428 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
1429 break;
1430 case BP_VAR_UNSET: {
1431 zend_free_op free_res;
1432
1433 EX_T(opline->result.u.var).var.ptr_ptr = retval;
1434 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
1435 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
1436 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
1437 }
1438 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
1439 FREE_OP_VAR_PTR(free_res);
1440 break;
1441 default:
1442 EX_T(opline->result.u.var).var.ptr_ptr = retval;
1443 break;
1444 }
1445 }
1446 }
1447 ZEND_VM_NEXT_OPCODE();
1448 }
1449
ZEND_FETCH_R_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1450 static int ZEND_FASTCALL ZEND_FETCH_R_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1451 {
1452 return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1453 }
1454
ZEND_FETCH_W_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1455 static int ZEND_FASTCALL ZEND_FETCH_W_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1456 {
1457 return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1458 }
1459
ZEND_FETCH_RW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1460 static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1461 {
1462 return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1463 }
1464
ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1465 static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1466 {
1467 return zend_fetch_var_address_helper_SPEC_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1468 }
1469
ZEND_FETCH_UNSET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1470 static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1471 {
1472 return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1473 }
1474
ZEND_FETCH_IS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1475 static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1476 {
1477 return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1478 }
1479
ZEND_JMPZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1480 static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1481 {
1482 zend_op *opline = EX(opline);
1483
1484 zval *val = &opline->op1.u.constant;
1485 int ret;
1486
1487 if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
1488 ret = Z_LVAL_P(val);
1489 } else {
1490 ret = i_zend_is_true(val);
1491
1492 if (UNEXPECTED(EG(exception) != NULL)) {
1493 ZEND_VM_CONTINUE();
1494 }
1495 }
1496 if (!ret) {
1497 #if DEBUG_ZEND>=2
1498 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
1499 #endif
1500 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
1501 ZEND_VM_CONTINUE();
1502 }
1503
1504 ZEND_VM_NEXT_OPCODE();
1505 }
1506
ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1507 static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1508 {
1509 zend_op *opline = EX(opline);
1510
1511 zval *val = &opline->op1.u.constant;
1512 int ret;
1513
1514 if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
1515 ret = Z_LVAL_P(val);
1516 } else {
1517 ret = i_zend_is_true(val);
1518
1519 if (UNEXPECTED(EG(exception) != NULL)) {
1520 ZEND_VM_CONTINUE();
1521 }
1522 }
1523 if (ret) {
1524 #if DEBUG_ZEND>=2
1525 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
1526 #endif
1527 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
1528 ZEND_VM_CONTINUE();
1529 }
1530
1531 ZEND_VM_NEXT_OPCODE();
1532 }
1533
ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1534 static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1535 {
1536 zend_op *opline = EX(opline);
1537
1538 zval *val = &opline->op1.u.constant;
1539 int retval;
1540
1541 if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
1542 retval = Z_LVAL_P(val);
1543 } else {
1544 retval = i_zend_is_true(val);
1545
1546 if (UNEXPECTED(EG(exception) != NULL)) {
1547 ZEND_VM_CONTINUE();
1548 }
1549 }
1550 if (EXPECTED(retval != 0)) {
1551 #if DEBUG_ZEND>=2
1552 printf("Conditional jmp on true to %d\n", opline->extended_value);
1553 #endif
1554 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
1555 ZEND_VM_CONTINUE(); /* CHECK_ME */
1556 } else {
1557 #if DEBUG_ZEND>=2
1558 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
1559 #endif
1560 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
1561 ZEND_VM_CONTINUE(); /* CHECK_ME */
1562 }
1563 }
1564
ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1565 static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1566 {
1567 zend_op *opline = EX(opline);
1568
1569 zval *val = &opline->op1.u.constant;
1570 int retval;
1571
1572 if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
1573 retval = Z_LVAL_P(val);
1574 } else {
1575 retval = i_zend_is_true(val);
1576
1577 if (UNEXPECTED(EG(exception) != NULL)) {
1578 ZEND_VM_CONTINUE();
1579 }
1580 }
1581 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
1582 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
1583 if (!retval) {
1584 #if DEBUG_ZEND>=2
1585 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
1586 #endif
1587 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
1588 ZEND_VM_CONTINUE();
1589 }
1590 ZEND_VM_NEXT_OPCODE();
1591 }
1592
ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1593 static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1594 {
1595 zend_op *opline = EX(opline);
1596
1597 zval *val = &opline->op1.u.constant;
1598 int retval;
1599
1600 if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
1601 retval = Z_LVAL_P(val);
1602 } else {
1603 retval = i_zend_is_true(val);
1604
1605 if (UNEXPECTED(EG(exception) != NULL)) {
1606 ZEND_VM_CONTINUE();
1607 }
1608 }
1609 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
1610 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
1611 if (retval) {
1612 #if DEBUG_ZEND>=2
1613 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
1614 #endif
1615 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
1616 ZEND_VM_CONTINUE();
1617 }
1618 ZEND_VM_NEXT_OPCODE();
1619 }
1620
ZEND_DO_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1621 static int ZEND_FASTCALL ZEND_DO_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1622 {
1623 zend_op *opline = EX(opline);
1624
1625 zval *fname = &opline->op1.u.constant;
1626
1627 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
1628
1629 if (zend_hash_quick_find(EG(function_table), fname->value.str.val, fname->value.str.len+1, Z_LVAL(opline->op2.u.constant), (void **) &EX(function_state).function)==FAILURE) {
1630 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", fname->value.str.val);
1631 }
1632 EX(object) = NULL;
1633
1634 return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1635 }
1636
ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1637 static int ZEND_FASTCALL ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1638 {
1639 zend_op *opline = EX(opline);
1640 zval *retval_ptr;
1641 zval **retval_ptr_ptr;
1642
1643
1644 if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
1645
1646 if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) {
1647 /* Not supposed to happen, but we'll allow it */
1648 zend_error(E_NOTICE, "Only variable references should be returned by reference");
1649 goto return_by_value;
1650 }
1651
1652 retval_ptr_ptr = NULL;
1653
1654 if (IS_CONST == IS_VAR && !retval_ptr_ptr) {
1655 zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
1656 }
1657
1658 if (IS_CONST == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
1659 if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
1660 EX_T(opline->op1.u.var).var.fcall_returned_reference) {
1661 } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
1662 if (IS_CONST == IS_VAR && !0) {
1663 PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
1664 }
1665 zend_error(E_NOTICE, "Only variable references should be returned by reference");
1666 goto return_by_value;
1667 }
1668 }
1669
1670 if (EG(return_value_ptr_ptr)) {
1671 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
1672 Z_ADDREF_PP(retval_ptr_ptr);
1673
1674 (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
1675 }
1676 } else {
1677 return_by_value:
1678
1679 retval_ptr = &opline->op1.u.constant;
1680
1681 if (!EG(return_value_ptr_ptr)) {
1682 if (IS_CONST == IS_TMP_VAR) {
1683
1684 }
1685 } else if (!0) { /* Not a temp var */
1686 if (IS_CONST == IS_CONST ||
1687 EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
1688 (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
1689 zval *ret;
1690
1691 ALLOC_ZVAL(ret);
1692 INIT_PZVAL_COPY(ret, retval_ptr);
1693 zval_copy_ctor(ret);
1694 *EG(return_value_ptr_ptr) = ret;
1695 } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) &&
1696 retval_ptr == &EG(uninitialized_zval)) {
1697 zval *ret;
1698
1699 ALLOC_INIT_ZVAL(ret);
1700 *EG(return_value_ptr_ptr) = ret;
1701 } else {
1702 *EG(return_value_ptr_ptr) = retval_ptr;
1703 Z_ADDREF_P(retval_ptr);
1704 }
1705 } else {
1706 zval *ret;
1707
1708 ALLOC_ZVAL(ret);
1709 INIT_PZVAL_COPY(ret, retval_ptr);
1710 *EG(return_value_ptr_ptr) = ret;
1711 }
1712 }
1713
1714 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
1715 }
1716
ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1717 static int ZEND_FASTCALL ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1718 {
1719 zend_op *opline = EX(opline);
1720 zval *value;
1721 zval *exception;
1722
1723
1724 value = &opline->op1.u.constant;
1725
1726 if (IS_CONST == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
1727 zend_error_noreturn(E_ERROR, "Can only throw objects");
1728 }
1729 zend_exception_save(TSRMLS_C);
1730 /* Not sure if a complete copy is what we want here */
1731 ALLOC_ZVAL(exception);
1732 INIT_PZVAL_COPY(exception, value);
1733 if (!0) {
1734 zval_copy_ctor(exception);
1735 }
1736
1737 zend_throw_exception_object(exception TSRMLS_CC);
1738 zend_exception_restore(TSRMLS_C);
1739
1740 ZEND_VM_NEXT_OPCODE();
1741 }
1742
ZEND_SEND_VAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1743 static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1744 {
1745 zend_op *opline = EX(opline);
1746 if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
1747 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
1748 zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
1749 }
1750 {
1751 zval *valptr;
1752 zval *value;
1753
1754
1755 value = &opline->op1.u.constant;
1756
1757 ALLOC_ZVAL(valptr);
1758 INIT_PZVAL_COPY(valptr, value);
1759 if (!0) {
1760 zval_copy_ctor(valptr);
1761 }
1762 zend_vm_stack_push(valptr TSRMLS_CC);
1763
1764 }
1765 ZEND_VM_NEXT_OPCODE();
1766 }
1767
ZEND_BOOL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1768 static int ZEND_FASTCALL ZEND_BOOL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1769 {
1770 zend_op *opline = EX(opline);
1771
1772
1773 /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
1774 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(&opline->op1.u.constant);
1775 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
1776
1777 ZEND_VM_NEXT_OPCODE();
1778 }
1779
ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1780 static int ZEND_FASTCALL ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1781 {
1782 zend_op *opline = EX(opline);
1783
1784 zval *obj = &opline->op1.u.constant;
1785 zend_class_entry *ce;
1786 zend_function *clone;
1787 zend_object_clone_obj_t clone_call;
1788
1789 if (IS_CONST == IS_CONST ||
1790 (IS_CONST == IS_VAR && !obj) ||
1791 Z_TYPE_P(obj) != IS_OBJECT) {
1792 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
1793 }
1794
1795 ce = Z_OBJCE_P(obj);
1796 clone = ce ? ce->clone : NULL;
1797 clone_call = Z_OBJ_HT_P(obj)->clone_obj;
1798 if (!clone_call) {
1799 if (ce) {
1800 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
1801 } else {
1802 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
1803 }
1804 }
1805
1806 if (ce && clone) {
1807 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
1808 /* Ensure that if we're calling a private function, we're allowed to do so.
1809 */
1810 if (ce != EG(scope)) {
1811 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
1812 }
1813 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
1814 /* Ensure that if we're calling a protected function, we're allowed to do so.
1815 */
1816 if (!zend_check_protected(clone->common.scope, EG(scope))) {
1817 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
1818 }
1819 }
1820 }
1821
1822 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
1823 if (!EG(exception)) {
1824 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
1825 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
1826 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
1827 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
1828 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
1829 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
1830 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
1831 }
1832 }
1833
1834 ZEND_VM_NEXT_OPCODE();
1835 }
1836
ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1837 static int ZEND_FASTCALL ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1838 {
1839 zend_op *opline = EX(opline);
1840
1841 zval *expr = &opline->op1.u.constant;
1842 zval *result = &EX_T(opline->result.u.var).tmp_var;
1843
1844 if (opline->extended_value != IS_STRING) {
1845 *result = *expr;
1846 if (!0) {
1847 zendi_zval_copy_ctor(*result);
1848 }
1849 }
1850 switch (opline->extended_value) {
1851 case IS_NULL:
1852 convert_to_null(result);
1853 break;
1854 case IS_BOOL:
1855 convert_to_boolean(result);
1856 break;
1857 case IS_LONG:
1858 convert_to_long(result);
1859 break;
1860 case IS_DOUBLE:
1861 convert_to_double(result);
1862 break;
1863 case IS_STRING: {
1864 zval var_copy;
1865 int use_copy;
1866
1867 zend_make_printable_zval(expr, &var_copy, &use_copy);
1868 if (use_copy) {
1869 *result = var_copy;
1870 if (0) {
1871
1872 }
1873 } else {
1874 *result = *expr;
1875 if (!0) {
1876 zendi_zval_copy_ctor(*result);
1877 }
1878 }
1879 break;
1880 }
1881 case IS_ARRAY:
1882 convert_to_array(result);
1883 break;
1884 case IS_OBJECT:
1885 convert_to_object(result);
1886 break;
1887 }
1888
1889 ZEND_VM_NEXT_OPCODE();
1890 }
1891
ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)1892 static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
1893 {
1894 zend_op *opline = EX(opline);
1895 zend_op_array *new_op_array=NULL;
1896 int return_value_used;
1897
1898 zval *inc_filename = &opline->op1.u.constant;
1899 zval *tmp_inc_filename = NULL;
1900 zend_bool failure_retval=0;
1901
1902 if (inc_filename->type!=IS_STRING) {
1903 MAKE_STD_ZVAL(tmp_inc_filename);
1904 *tmp_inc_filename = *inc_filename;
1905 zval_copy_ctor(tmp_inc_filename);
1906 convert_to_string(tmp_inc_filename);
1907 inc_filename = tmp_inc_filename;
1908 }
1909
1910 return_value_used = RETURN_VALUE_USED(opline);
1911
1912 if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
1913 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
1914 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1915 } else {
1916 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1917 }
1918 } else {
1919 switch (Z_LVAL(opline->op2.u.constant)) {
1920 case ZEND_INCLUDE_ONCE:
1921 case ZEND_REQUIRE_ONCE: {
1922 zend_file_handle file_handle;
1923 char *resolved_path;
1924
1925 resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
1926 if (resolved_path) {
1927 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
1928 } else {
1929 resolved_path = Z_STRVAL_P(inc_filename);
1930 }
1931
1932 if (failure_retval) {
1933 /* do nothing, file already included */
1934 } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
1935
1936 if (!file_handle.opened_path) {
1937 file_handle.opened_path = estrdup(resolved_path);
1938 }
1939
1940 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
1941 new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
1942 zend_destroy_file_handle(&file_handle TSRMLS_CC);
1943 } else {
1944 zend_file_handle_dtor(&file_handle TSRMLS_CC);
1945 failure_retval=1;
1946 }
1947 } else {
1948 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
1949 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1950 } else {
1951 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1952 }
1953 }
1954 if (resolved_path != Z_STRVAL_P(inc_filename)) {
1955 efree(resolved_path);
1956 }
1957 }
1958 break;
1959 case ZEND_INCLUDE:
1960 case ZEND_REQUIRE:
1961 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
1962 break;
1963 case ZEND_EVAL: {
1964 char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
1965
1966 new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
1967 efree(eval_desc);
1968 }
1969 break;
1970 EMPTY_SWITCH_DEFAULT_CASE()
1971 }
1972 }
1973 if (tmp_inc_filename) {
1974 zval_ptr_dtor(&tmp_inc_filename);
1975 }
1976
1977 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
1978 if (new_op_array && !EG(exception)) {
1979 EX(original_return_value) = EG(return_value_ptr_ptr);
1980 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
1981 EG(active_op_array) = new_op_array;
1982 EX_T(opline->result.u.var).var.ptr = NULL;
1983
1984 EX(current_object) = EX(object);
1985
1986 EX(function_state).function = (zend_function *) new_op_array;
1987 EX(object) = NULL;
1988
1989 if (!EG(active_symbol_table)) {
1990 zend_rebuild_symbol_table(TSRMLS_C);
1991 }
1992
1993 if (zend_execute == execute) {
1994 EX(call_opline) = opline;
1995 ZEND_VM_ENTER();
1996 } else {
1997 zend_execute(new_op_array TSRMLS_CC);
1998 }
1999
2000 EX(function_state).function = (zend_function *) EX(op_array);
2001 EX(object) = EX(current_object);
2002
2003 if (return_value_used) {
2004 if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
2005 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
2006 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
2007 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
2008 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
2009 }
2010 }
2011
2012 EG(opline_ptr) = &EX(opline);
2013 EG(active_op_array) = EX(op_array);
2014 EG(return_value_ptr_ptr) = EX(original_return_value);
2015 destroy_op_array(new_op_array TSRMLS_CC);
2016 efree(new_op_array);
2017 if (EG(exception)) {
2018 zend_throw_exception_internal(NULL TSRMLS_CC);
2019 }
2020 } else {
2021 if (return_value_used) {
2022 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
2023 INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
2024 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
2025 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
2026 }
2027 }
2028 ZEND_VM_NEXT_OPCODE();
2029 }
2030
ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2031 static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2032 {
2033 zend_op *opline = EX(opline);
2034 zval tmp, *varname;
2035 HashTable *target_symbol_table;
2036
2037
2038 if (IS_CONST == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
2039 if (EG(active_symbol_table)) {
2040 zend_execute_data *ex = EX(prev_execute_data);
2041 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
2042
2043 if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
2044 while (ex && ex->symbol_table == EG(active_symbol_table)) {
2045 int i;
2046
2047 if (ex->op_array) {
2048 for (i = 0; i < ex->op_array->last_var; i++) {
2049 if (ex->op_array->vars[i].hash_value == cv->hash_value &&
2050 ex->op_array->vars[i].name_len == cv->name_len &&
2051 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
2052 ex->CVs[i] = NULL;
2053 break;
2054 }
2055 }
2056 }
2057 ex = ex->prev_execute_data;
2058 }
2059 }
2060 EX(CVs)[opline->op1.u.var] = NULL;
2061 } else if (EX(CVs)[opline->op1.u.var]) {
2062 zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
2063 EX(CVs)[opline->op1.u.var] = NULL;
2064 }
2065 ZEND_VM_NEXT_OPCODE();
2066 }
2067
2068 varname = &opline->op1.u.constant;
2069
2070 if (Z_TYPE_P(varname) != IS_STRING) {
2071 tmp = *varname;
2072 zval_copy_ctor(&tmp);
2073 convert_to_string(&tmp);
2074 varname = &tmp;
2075 } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) {
2076 Z_ADDREF_P(varname);
2077 }
2078
2079 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
2080 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
2081 } else {
2082 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
2083
2084 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
2085 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
2086 zend_execute_data *ex = execute_data;
2087
2088 do {
2089 int i;
2090
2091 if (ex->op_array) {
2092 for (i = 0; i < ex->op_array->last_var; i++) {
2093 if (ex->op_array->vars[i].hash_value == hash_value &&
2094 ex->op_array->vars[i].name_len == varname->value.str.len &&
2095 !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
2096 ex->CVs[i] = NULL;
2097 break;
2098 }
2099 }
2100 }
2101 ex = ex->prev_execute_data;
2102 } while (ex && ex->symbol_table == target_symbol_table);
2103 }
2104 }
2105
2106 if (varname == &tmp) {
2107 zval_dtor(&tmp);
2108 } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) {
2109 zval_ptr_dtor(&varname);
2110 }
2111
2112 ZEND_VM_NEXT_OPCODE();
2113 }
2114
ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2115 static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2116 {
2117 zend_op *opline = EX(opline);
2118
2119 zval *array_ptr, **array_ptr_ptr;
2120 HashTable *fe_ht;
2121 zend_object_iterator *iter = NULL;
2122 zend_class_entry *ce = NULL;
2123 zend_bool is_empty = 0;
2124
2125 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
2126 array_ptr_ptr = NULL;
2127 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
2128 ALLOC_INIT_ZVAL(array_ptr);
2129 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
2130 if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
2131 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
2132 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
2133 }
2134
2135 ce = Z_OBJCE_PP(array_ptr_ptr);
2136 if (!ce || ce->get_iterator == NULL) {
2137 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
2138 Z_ADDREF_PP(array_ptr_ptr);
2139 }
2140 array_ptr = *array_ptr_ptr;
2141 } else {
2142 if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
2143 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
2144 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
2145 Z_SET_ISREF_PP(array_ptr_ptr);
2146 }
2147 }
2148 array_ptr = *array_ptr_ptr;
2149 Z_ADDREF_P(array_ptr);
2150 }
2151 } else {
2152 array_ptr = &opline->op1.u.constant;
2153 if (0) { /* IS_TMP_VAR */
2154 zval *tmp;
2155
2156 ALLOC_ZVAL(tmp);
2157 INIT_PZVAL_COPY(tmp, array_ptr);
2158 array_ptr = tmp;
2159 if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
2160 ce = Z_OBJCE_P(array_ptr);
2161 if (ce && ce->get_iterator) {
2162 Z_DELREF_P(array_ptr);
2163 }
2164 }
2165 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
2166 ce = Z_OBJCE_P(array_ptr);
2167 if (!ce || !ce->get_iterator) {
2168 Z_ADDREF_P(array_ptr);
2169 }
2170 } else if (IS_CONST == IS_CONST ||
2171 ((IS_CONST == IS_CV || IS_CONST == IS_VAR) &&
2172 !Z_ISREF_P(array_ptr) &&
2173 Z_REFCOUNT_P(array_ptr) > 1)) {
2174 zval *tmp;
2175
2176 ALLOC_ZVAL(tmp);
2177 INIT_PZVAL_COPY(tmp, array_ptr);
2178 zval_copy_ctor(tmp);
2179 array_ptr = tmp;
2180 } else {
2181 Z_ADDREF_P(array_ptr);
2182 }
2183 }
2184
2185 if (ce && ce->get_iterator) {
2186 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
2187
2188 if (iter && !EG(exception)) {
2189 array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
2190 } else {
2191 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
2192
2193 } else {
2194
2195 }
2196 if (!EG(exception)) {
2197 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
2198 }
2199 zend_throw_exception_internal(NULL TSRMLS_CC);
2200 ZEND_VM_NEXT_OPCODE();
2201 }
2202 }
2203
2204 AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
2205 PZVAL_LOCK(array_ptr);
2206
2207 if (iter) {
2208 iter->index = 0;
2209 if (iter->funcs->rewind) {
2210 iter->funcs->rewind(iter TSRMLS_CC);
2211 if (EG(exception)) {
2212 Z_DELREF_P(array_ptr);
2213 zval_ptr_dtor(&array_ptr);
2214 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
2215
2216 } else {
2217
2218 }
2219 ZEND_VM_NEXT_OPCODE();
2220 }
2221 }
2222 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
2223 if (EG(exception)) {
2224 Z_DELREF_P(array_ptr);
2225 zval_ptr_dtor(&array_ptr);
2226 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
2227
2228 } else {
2229
2230 }
2231 ZEND_VM_NEXT_OPCODE();
2232 }
2233 iter->index = -1; /* will be set to 0 before using next handler */
2234 } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
2235 zend_hash_internal_pointer_reset(fe_ht);
2236 if (ce) {
2237 zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
2238 while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
2239 char *str_key;
2240 uint str_key_len;
2241 ulong int_key;
2242 zend_uchar key_type;
2243
2244 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
2245 if (key_type != HASH_KEY_NON_EXISTANT &&
2246 (key_type == HASH_KEY_IS_LONG ||
2247 zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
2248 break;
2249 }
2250 zend_hash_move_forward(fe_ht);
2251 }
2252 }
2253 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
2254 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
2255 } else {
2256 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
2257 is_empty = 1;
2258 }
2259
2260 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
2261
2262 } else {
2263
2264 }
2265 if (is_empty) {
2266 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
2267 } else {
2268 ZEND_VM_NEXT_OPCODE();
2269 }
2270 }
2271
ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2272 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2273 {
2274 zend_op *opline = EX(opline);
2275 zval **value;
2276 zend_bool isset = 1;
2277
2278 if (IS_CONST == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
2279 if (EX(CVs)[opline->op1.u.var]) {
2280 value = EX(CVs)[opline->op1.u.var];
2281 } else if (EG(active_symbol_table)) {
2282 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
2283
2284 if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
2285 isset = 0;
2286 }
2287 } else {
2288 isset = 0;
2289 }
2290 } else {
2291 HashTable *target_symbol_table;
2292
2293 zval tmp, *varname = &opline->op1.u.constant;
2294
2295 if (Z_TYPE_P(varname) != IS_STRING) {
2296 tmp = *varname;
2297 zval_copy_ctor(&tmp);
2298 convert_to_string(&tmp);
2299 varname = &tmp;
2300 }
2301
2302 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
2303 value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
2304 if (!value) {
2305 isset = 0;
2306 }
2307 } else {
2308 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
2309 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
2310 isset = 0;
2311 }
2312 }
2313
2314 if (varname == &tmp) {
2315 zval_dtor(&tmp);
2316 }
2317
2318 }
2319
2320 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
2321
2322 switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
2323 case ZEND_ISSET:
2324 if (isset && Z_TYPE_PP(value) == IS_NULL) {
2325 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
2326 } else {
2327 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
2328 }
2329 break;
2330 case ZEND_ISEMPTY:
2331 if (!isset || !i_zend_is_true(*value)) {
2332 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
2333 } else {
2334 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
2335 }
2336 break;
2337 }
2338
2339 ZEND_VM_NEXT_OPCODE();
2340 }
2341
ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2342 static int ZEND_FASTCALL ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2343 {
2344 #if 0 || (IS_CONST != IS_UNUSED)
2345 zend_op *opline = EX(opline);
2346 if (IS_CONST != IS_UNUSED) {
2347
2348 zval *ptr = &opline->op1.u.constant;
2349
2350 if (Z_TYPE_P(ptr) == IS_LONG) {
2351 EG(exit_status) = Z_LVAL_P(ptr);
2352 } else {
2353 zend_print_variable(ptr);
2354 }
2355
2356 }
2357 #endif
2358 zend_bailout();
2359 ZEND_VM_NEXT_OPCODE();
2360 }
2361
ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2362 static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2363 {
2364 zend_op *opline = EX(opline);
2365
2366 zval *value = &opline->op1.u.constant;
2367
2368 if (i_zend_is_true(value)) {
2369 EX_T(opline->result.u.var).tmp_var = *value;
2370 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
2371
2372 #if DEBUG_ZEND>=2
2373 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
2374 #endif
2375 ZEND_VM_JMP(opline->op2.u.jmp_addr);
2376 }
2377
2378 ZEND_VM_NEXT_OPCODE();
2379 }
2380
ZEND_QM_ASSIGN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2381 static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2382 {
2383 zend_op *opline = EX(opline);
2384
2385 zval *value = &opline->op1.u.constant;
2386
2387 EX_T(opline->result.u.var).tmp_var = *value;
2388 if (!0) {
2389 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
2390 }
2391
2392 ZEND_VM_NEXT_OPCODE();
2393 }
2394
ZEND_TICKS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2395 static int ZEND_FASTCALL ZEND_TICKS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2396 {
2397 zend_op *opline = EX(opline);
2398
2399 if (++EG(ticks_count)>=Z_LVAL(opline->op1.u.constant)) {
2400 EG(ticks_count)=0;
2401 if (zend_ticks_function) {
2402 zend_ticks_function(Z_LVAL(opline->op1.u.constant));
2403 }
2404 }
2405 ZEND_VM_NEXT_OPCODE();
2406 }
2407
ZEND_ADD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2408 static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2409 {
2410 zend_op *opline = EX(opline);
2411
2412
2413 add_function(&EX_T(opline->result.u.var).tmp_var,
2414 &opline->op1.u.constant,
2415 &opline->op2.u.constant TSRMLS_CC);
2416
2417
2418 ZEND_VM_NEXT_OPCODE();
2419 }
2420
ZEND_SUB_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2421 static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2422 {
2423 zend_op *opline = EX(opline);
2424
2425
2426 sub_function(&EX_T(opline->result.u.var).tmp_var,
2427 &opline->op1.u.constant,
2428 &opline->op2.u.constant TSRMLS_CC);
2429
2430
2431 ZEND_VM_NEXT_OPCODE();
2432 }
2433
ZEND_MUL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2434 static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2435 {
2436 zend_op *opline = EX(opline);
2437
2438
2439 mul_function(&EX_T(opline->result.u.var).tmp_var,
2440 &opline->op1.u.constant,
2441 &opline->op2.u.constant TSRMLS_CC);
2442
2443
2444 ZEND_VM_NEXT_OPCODE();
2445 }
2446
ZEND_DIV_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2447 static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2448 {
2449 zend_op *opline = EX(opline);
2450
2451
2452 div_function(&EX_T(opline->result.u.var).tmp_var,
2453 &opline->op1.u.constant,
2454 &opline->op2.u.constant TSRMLS_CC);
2455
2456
2457 ZEND_VM_NEXT_OPCODE();
2458 }
2459
ZEND_MOD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2460 static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2461 {
2462 zend_op *opline = EX(opline);
2463
2464
2465 mod_function(&EX_T(opline->result.u.var).tmp_var,
2466 &opline->op1.u.constant,
2467 &opline->op2.u.constant TSRMLS_CC);
2468
2469
2470 ZEND_VM_NEXT_OPCODE();
2471 }
2472
ZEND_SL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2473 static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2474 {
2475 zend_op *opline = EX(opline);
2476
2477
2478 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
2479 &opline->op1.u.constant,
2480 &opline->op2.u.constant TSRMLS_CC);
2481
2482
2483 ZEND_VM_NEXT_OPCODE();
2484 }
2485
ZEND_SR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2486 static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2487 {
2488 zend_op *opline = EX(opline);
2489
2490
2491 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
2492 &opline->op1.u.constant,
2493 &opline->op2.u.constant TSRMLS_CC);
2494
2495
2496 ZEND_VM_NEXT_OPCODE();
2497 }
2498
ZEND_CONCAT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2499 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2500 {
2501 zend_op *opline = EX(opline);
2502
2503
2504 concat_function(&EX_T(opline->result.u.var).tmp_var,
2505 &opline->op1.u.constant,
2506 &opline->op2.u.constant TSRMLS_CC);
2507
2508
2509 ZEND_VM_NEXT_OPCODE();
2510 }
2511
ZEND_IS_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2512 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2513 {
2514 zend_op *opline = EX(opline);
2515
2516
2517 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
2518 &opline->op1.u.constant,
2519 &opline->op2.u.constant TSRMLS_CC);
2520
2521
2522 ZEND_VM_NEXT_OPCODE();
2523 }
2524
ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2525 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2526 {
2527 zend_op *opline = EX(opline);
2528
2529 zval *result = &EX_T(opline->result.u.var).tmp_var;
2530
2531 is_identical_function(result,
2532 &opline->op1.u.constant,
2533 &opline->op2.u.constant TSRMLS_CC);
2534 Z_LVAL_P(result) = !Z_LVAL_P(result);
2535
2536
2537 ZEND_VM_NEXT_OPCODE();
2538 }
2539
ZEND_IS_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2540 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2541 {
2542 zend_op *opline = EX(opline);
2543
2544 zval *result = &EX_T(opline->result.u.var).tmp_var;
2545
2546 compare_function(result,
2547 &opline->op1.u.constant,
2548 &opline->op2.u.constant TSRMLS_CC);
2549 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
2550
2551
2552 ZEND_VM_NEXT_OPCODE();
2553 }
2554
ZEND_IS_NOT_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2555 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2556 {
2557 zend_op *opline = EX(opline);
2558
2559 zval *result = &EX_T(opline->result.u.var).tmp_var;
2560
2561 compare_function(result,
2562 &opline->op1.u.constant,
2563 &opline->op2.u.constant TSRMLS_CC);
2564 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
2565
2566
2567 ZEND_VM_NEXT_OPCODE();
2568 }
2569
ZEND_IS_SMALLER_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2570 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2571 {
2572 zend_op *opline = EX(opline);
2573
2574 zval *result = &EX_T(opline->result.u.var).tmp_var;
2575
2576 compare_function(result,
2577 &opline->op1.u.constant,
2578 &opline->op2.u.constant TSRMLS_CC);
2579 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
2580
2581
2582 ZEND_VM_NEXT_OPCODE();
2583 }
2584
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2585 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2586 {
2587 zend_op *opline = EX(opline);
2588
2589 zval *result = &EX_T(opline->result.u.var).tmp_var;
2590
2591 compare_function(result,
2592 &opline->op1.u.constant,
2593 &opline->op2.u.constant TSRMLS_CC);
2594 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
2595
2596
2597 ZEND_VM_NEXT_OPCODE();
2598 }
2599
ZEND_BW_OR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2600 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2601 {
2602 zend_op *opline = EX(opline);
2603
2604
2605 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
2606 &opline->op1.u.constant,
2607 &opline->op2.u.constant TSRMLS_CC);
2608
2609
2610 ZEND_VM_NEXT_OPCODE();
2611 }
2612
ZEND_BW_AND_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2613 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2614 {
2615 zend_op *opline = EX(opline);
2616
2617
2618 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
2619 &opline->op1.u.constant,
2620 &opline->op2.u.constant TSRMLS_CC);
2621
2622
2623 ZEND_VM_NEXT_OPCODE();
2624 }
2625
ZEND_BW_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2626 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2627 {
2628 zend_op *opline = EX(opline);
2629
2630
2631 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
2632 &opline->op1.u.constant,
2633 &opline->op2.u.constant TSRMLS_CC);
2634
2635
2636 ZEND_VM_NEXT_OPCODE();
2637 }
2638
ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2639 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2640 {
2641 zend_op *opline = EX(opline);
2642
2643
2644 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
2645 &opline->op1.u.constant,
2646 &opline->op2.u.constant TSRMLS_CC);
2647
2648
2649 ZEND_VM_NEXT_OPCODE();
2650 }
2651
ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2652 static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2653 {
2654 zend_op *opline = EX(opline);
2655
2656 zval *container = &opline->op1.u.constant;
2657
2658 if (Z_TYPE_P(container) != IS_ARRAY) {
2659 if (!RETURN_VALUE_UNUSED(&opline->result)) {
2660 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
2661 PZVAL_LOCK(EG(uninitialized_zval_ptr));
2662 }
2663 } else {
2664
2665 zval *dim = &opline->op2.u.constant;
2666
2667 AI_SET_PTR(EX_T(opline->result.u.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, BP_VAR_R TSRMLS_CC));
2668 SELECTIVE_PZVAL_LOCK(EX_T(opline->result.u.var).var.ptr, &opline->result);
2669
2670 }
2671 ZEND_VM_NEXT_OPCODE();
2672 }
2673
ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2674 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2675 {
2676 zend_op *opline = EX(opline);
2677 zval *function_name;
2678 zend_class_entry *ce;
2679
2680 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
2681
2682 if (IS_CONST == IS_CONST) {
2683 /* no function found. try a static method in class */
2684 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
2685 if (UNEXPECTED(EG(exception) != NULL)) {
2686 ZEND_VM_CONTINUE();
2687 }
2688 if (!ce) {
2689 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
2690 }
2691 EX(called_scope) = ce;
2692 } else {
2693 ce = EX_T(opline->op1.u.var).class_entry;
2694
2695 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
2696 EX(called_scope) = EG(called_scope);
2697 } else {
2698 EX(called_scope) = ce;
2699 }
2700 }
2701 if(IS_CONST != IS_UNUSED) {
2702 char *function_name_strval = NULL;
2703 int function_name_strlen = 0;
2704
2705
2706 if (IS_CONST == IS_CONST) {
2707 function_name_strval = Z_STRVAL(opline->op2.u.constant);
2708 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
2709 } else {
2710 function_name = &opline->op2.u.constant;
2711
2712 if (Z_TYPE_P(function_name) != IS_STRING) {
2713 zend_error_noreturn(E_ERROR, "Function name must be a string");
2714 } else {
2715 function_name_strval = Z_STRVAL_P(function_name);
2716 function_name_strlen = Z_STRLEN_P(function_name);
2717 }
2718 }
2719
2720 if (function_name_strval) {
2721 if (ce->get_static_method) {
2722 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
2723 } else {
2724 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
2725 }
2726 if (!EX(fbc)) {
2727 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
2728 }
2729 }
2730
2731 if (IS_CONST != IS_CONST) {
2732
2733 }
2734 } else {
2735 if(!ce->constructor) {
2736 zend_error_noreturn(E_ERROR, "Cannot call constructor");
2737 }
2738 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
2739 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
2740 }
2741 EX(fbc) = ce->constructor;
2742 }
2743
2744 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
2745 EX(object) = NULL;
2746 } else {
2747 if (EG(This) &&
2748 Z_OBJ_HT_P(EG(This))->get_class_entry &&
2749 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
2750 /* We are calling method of the other (incompatible) class,
2751 but passing $this. This is done for compatibility with php-4. */
2752 int severity;
2753 char *verb;
2754 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
2755 severity = E_STRICT;
2756 verb = "should not";
2757 } else {
2758 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
2759 severity = E_ERROR;
2760 verb = "cannot";
2761 }
2762 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
2763
2764 }
2765 if ((EX(object) = EG(This))) {
2766 Z_ADDREF_P(EX(object));
2767 EX(called_scope) = Z_OBJCE_P(EX(object));
2768 }
2769 }
2770
2771 ZEND_VM_NEXT_OPCODE();
2772 }
2773
ZEND_CASE_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2774 static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2775 {
2776 zend_op *opline = EX(opline);
2777 int switch_expr_is_overloaded=0;
2778
2779
2780 if (IS_CONST==IS_VAR) {
2781 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
2782 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
2783 } else {
2784 switch_expr_is_overloaded = 1;
2785 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
2786 }
2787 }
2788 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
2789 &opline->op1.u.constant,
2790 &opline->op2.u.constant TSRMLS_CC);
2791
2792 if (switch_expr_is_overloaded) {
2793 /* We only free op1 if this is a string offset,
2794 * Since if it is a TMP_VAR, it'll be reused by
2795 * other CASE opcodes (whereas string offsets
2796 * are allocated at each get_zval_ptr())
2797 */
2798
2799 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
2800 EX_T(opline->op1.u.var).var.ptr = NULL;
2801 }
2802 ZEND_VM_NEXT_OPCODE();
2803 }
2804
ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2805 static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2806 {
2807 zend_op *opline = EX(opline);
2808
2809 if (IS_CONST == IS_UNUSED) {
2810 /* namespaced constant */
2811 if (!zend_get_constant_ex(Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant), &EX_T(opline->result.u.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) {
2812 if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) {
2813 char *actual = (char *)zend_memrchr(Z_STRVAL(opline->op2.u.constant), '\\', Z_STRLEN(opline->op2.u.constant));
2814 if(!actual) {
2815 actual = Z_STRVAL(opline->op2.u.constant);
2816 } else {
2817 actual++;
2818 }
2819 /* non-qualified constant - allow text substitution */
2820 zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual);
2821 ZVAL_STRINGL(&EX_T(opline->result.u.var).tmp_var, actual, Z_STRLEN(opline->op2.u.constant)-(actual - Z_STRVAL(opline->op2.u.constant)), 1);
2822 } else {
2823 zend_error_noreturn(E_ERROR, "Undefined constant '%s'",
2824 Z_STRVAL(opline->op2.u.constant), Z_STRVAL(opline->op2.u.constant));
2825 }
2826 }
2827 ZEND_VM_NEXT_OPCODE();
2828 } else {
2829 /* class constant */
2830 zend_class_entry *ce;
2831 zval **value;
2832
2833 if (IS_CONST == IS_CONST) {
2834
2835 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
2836 if (UNEXPECTED(EG(exception) != NULL)) {
2837 ZEND_VM_CONTINUE();
2838 }
2839 if (!ce) {
2840 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
2841 }
2842 } else {
2843 ce = EX_T(opline->op1.u.var).class_entry;
2844 }
2845
2846 if (zend_hash_find(&ce->constants_table, Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant)+1, (void **) &value) == SUCCESS) {
2847 if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY ||
2848 (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) {
2849 zend_class_entry *old_scope = EG(scope);
2850
2851 EG(scope) = ce;
2852 zval_update_constant(value, (void *) 1 TSRMLS_CC);
2853 EG(scope) = old_scope;
2854 }
2855 EX_T(opline->result.u.var).tmp_var = **value;
2856 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
2857 } else {
2858 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
2859 }
2860
2861 ZEND_VM_NEXT_OPCODE();
2862 }
2863 }
2864
ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2865 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2866 {
2867 zend_op *opline = EX(opline);
2868
2869 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
2870 zval *expr_ptr;
2871 zval *offset=&opline->op2.u.constant;
2872
2873 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
2874 zval **expr_ptr_ptr = NULL;
2875
2876 if (opline->extended_value) {
2877 expr_ptr_ptr=NULL;
2878 expr_ptr = *expr_ptr_ptr;
2879 } else {
2880 expr_ptr=&opline->op1.u.constant;
2881 }
2882 #else
2883 expr_ptr=&opline->op1.u.constant;
2884 #endif
2885
2886 if (0) { /* temporary variable */
2887 zval *new_expr;
2888
2889 ALLOC_ZVAL(new_expr);
2890 INIT_PZVAL_COPY(new_expr, expr_ptr);
2891 expr_ptr = new_expr;
2892 } else {
2893 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
2894 if (opline->extended_value) {
2895 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
2896 expr_ptr = *expr_ptr_ptr;
2897 Z_ADDREF_P(expr_ptr);
2898 } else
2899 #endif
2900 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
2901 zval *new_expr;
2902
2903 ALLOC_ZVAL(new_expr);
2904 INIT_PZVAL_COPY(new_expr, expr_ptr);
2905 expr_ptr = new_expr;
2906 zendi_zval_copy_ctor(*expr_ptr);
2907 } else {
2908 Z_ADDREF_P(expr_ptr);
2909 }
2910 }
2911 if (offset) {
2912 switch (Z_TYPE_P(offset)) {
2913 case IS_DOUBLE:
2914 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
2915 break;
2916 case IS_LONG:
2917 case IS_BOOL:
2918 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
2919 break;
2920 case IS_STRING:
2921 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
2922 break;
2923 case IS_NULL:
2924 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
2925 break;
2926 default:
2927 zend_error(E_WARNING, "Illegal offset type");
2928 zval_ptr_dtor(&expr_ptr);
2929 /* do nothing */
2930 break;
2931 }
2932
2933 } else {
2934 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
2935 }
2936 if (opline->extended_value) {
2937
2938 } else {
2939
2940 }
2941 ZEND_VM_NEXT_OPCODE();
2942 }
2943
ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2944 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2945 {
2946 zend_op *opline = EX(opline);
2947
2948 array_init(&EX_T(opline->result.u.var).tmp_var);
2949 if (IS_CONST == IS_UNUSED) {
2950 ZEND_VM_NEXT_OPCODE();
2951 #if 0 || IS_CONST != IS_UNUSED
2952 } else {
2953 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
2954 #endif
2955 }
2956 }
2957
ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2958 static int ZEND_FASTCALL ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2959 {
2960 zend_op *opline = EX(opline);
2961
2962 zval *name = &opline->op1.u.constant;
2963 zval *val = &opline->op2.u.constant;
2964 zend_constant c;
2965
2966 if ((Z_TYPE_P(val) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE_P(val) == IS_CONSTANT_ARRAY) {
2967 zval tmp = *val;
2968 zval *tmp_ptr = &tmp;
2969
2970 if (Z_TYPE_P(val) == IS_CONSTANT_ARRAY) {
2971 zval_copy_ctor(&tmp);
2972 }
2973 INIT_PZVAL(&tmp);
2974 zval_update_constant(&tmp_ptr, NULL TSRMLS_CC);
2975 c.value = *tmp_ptr;
2976 } else {
2977 c.value = *val;
2978 zval_copy_ctor(&c.value);
2979 }
2980 c.flags = CONST_CS; /* non persistent, case sensetive */
2981 c.name = zend_strndup(Z_STRVAL_P(name), Z_STRLEN_P(name));
2982 c.name_len = Z_STRLEN_P(name)+1;
2983 c.module_number = PHP_USER_CONSTANT;
2984
2985 if (zend_register_constant(&c TSRMLS_CC) == FAILURE) {
2986 }
2987
2988
2989 ZEND_VM_NEXT_OPCODE();
2990 }
2991
ZEND_DECLARE_LAMBDA_FUNCTION_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)2992 static int ZEND_FASTCALL ZEND_DECLARE_LAMBDA_FUNCTION_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
2993 {
2994 zend_op *opline = EX(opline);
2995 zend_function *op_array;
2996
2997 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), Z_LVAL(opline->op2.u.constant), (void *) &op_array) == FAILURE ||
2998 op_array->type != ZEND_USER_FUNCTION) {
2999 zend_error_noreturn(E_ERROR, "Base lambda function for closure not found");
3000 }
3001
3002 zend_create_closure(&EX_T(opline->result.u.var).tmp_var, op_array TSRMLS_CC);
3003
3004 ZEND_VM_NEXT_OPCODE();
3005 }
3006
ZEND_ADD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3007 static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3008 {
3009 zend_op *opline = EX(opline);
3010 zend_free_op free_op2;
3011
3012 add_function(&EX_T(opline->result.u.var).tmp_var,
3013 &opline->op1.u.constant,
3014 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3015
3016 zval_dtor(free_op2.var);
3017 ZEND_VM_NEXT_OPCODE();
3018 }
3019
ZEND_SUB_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3020 static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3021 {
3022 zend_op *opline = EX(opline);
3023 zend_free_op free_op2;
3024
3025 sub_function(&EX_T(opline->result.u.var).tmp_var,
3026 &opline->op1.u.constant,
3027 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3028
3029 zval_dtor(free_op2.var);
3030 ZEND_VM_NEXT_OPCODE();
3031 }
3032
ZEND_MUL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3033 static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3034 {
3035 zend_op *opline = EX(opline);
3036 zend_free_op free_op2;
3037
3038 mul_function(&EX_T(opline->result.u.var).tmp_var,
3039 &opline->op1.u.constant,
3040 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3041
3042 zval_dtor(free_op2.var);
3043 ZEND_VM_NEXT_OPCODE();
3044 }
3045
ZEND_DIV_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3046 static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3047 {
3048 zend_op *opline = EX(opline);
3049 zend_free_op free_op2;
3050
3051 div_function(&EX_T(opline->result.u.var).tmp_var,
3052 &opline->op1.u.constant,
3053 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3054
3055 zval_dtor(free_op2.var);
3056 ZEND_VM_NEXT_OPCODE();
3057 }
3058
ZEND_MOD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3059 static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3060 {
3061 zend_op *opline = EX(opline);
3062 zend_free_op free_op2;
3063
3064 mod_function(&EX_T(opline->result.u.var).tmp_var,
3065 &opline->op1.u.constant,
3066 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3067
3068 zval_dtor(free_op2.var);
3069 ZEND_VM_NEXT_OPCODE();
3070 }
3071
ZEND_SL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3072 static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3073 {
3074 zend_op *opline = EX(opline);
3075 zend_free_op free_op2;
3076
3077 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
3078 &opline->op1.u.constant,
3079 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3080
3081 zval_dtor(free_op2.var);
3082 ZEND_VM_NEXT_OPCODE();
3083 }
3084
ZEND_SR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3085 static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3086 {
3087 zend_op *opline = EX(opline);
3088 zend_free_op free_op2;
3089
3090 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
3091 &opline->op1.u.constant,
3092 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3093
3094 zval_dtor(free_op2.var);
3095 ZEND_VM_NEXT_OPCODE();
3096 }
3097
ZEND_CONCAT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3098 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3099 {
3100 zend_op *opline = EX(opline);
3101 zend_free_op free_op2;
3102
3103 concat_function(&EX_T(opline->result.u.var).tmp_var,
3104 &opline->op1.u.constant,
3105 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3106
3107 zval_dtor(free_op2.var);
3108 ZEND_VM_NEXT_OPCODE();
3109 }
3110
ZEND_IS_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3111 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3112 {
3113 zend_op *opline = EX(opline);
3114 zend_free_op free_op2;
3115
3116 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
3117 &opline->op1.u.constant,
3118 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3119
3120 zval_dtor(free_op2.var);
3121 ZEND_VM_NEXT_OPCODE();
3122 }
3123
ZEND_IS_NOT_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3124 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3125 {
3126 zend_op *opline = EX(opline);
3127 zend_free_op free_op2;
3128 zval *result = &EX_T(opline->result.u.var).tmp_var;
3129
3130 is_identical_function(result,
3131 &opline->op1.u.constant,
3132 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3133 Z_LVAL_P(result) = !Z_LVAL_P(result);
3134
3135 zval_dtor(free_op2.var);
3136 ZEND_VM_NEXT_OPCODE();
3137 }
3138
ZEND_IS_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3139 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3140 {
3141 zend_op *opline = EX(opline);
3142 zend_free_op free_op2;
3143 zval *result = &EX_T(opline->result.u.var).tmp_var;
3144
3145 compare_function(result,
3146 &opline->op1.u.constant,
3147 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3148 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
3149
3150 zval_dtor(free_op2.var);
3151 ZEND_VM_NEXT_OPCODE();
3152 }
3153
ZEND_IS_NOT_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3154 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3155 {
3156 zend_op *opline = EX(opline);
3157 zend_free_op free_op2;
3158 zval *result = &EX_T(opline->result.u.var).tmp_var;
3159
3160 compare_function(result,
3161 &opline->op1.u.constant,
3162 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3163 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
3164
3165 zval_dtor(free_op2.var);
3166 ZEND_VM_NEXT_OPCODE();
3167 }
3168
ZEND_IS_SMALLER_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3169 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3170 {
3171 zend_op *opline = EX(opline);
3172 zend_free_op free_op2;
3173 zval *result = &EX_T(opline->result.u.var).tmp_var;
3174
3175 compare_function(result,
3176 &opline->op1.u.constant,
3177 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3178 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
3179
3180 zval_dtor(free_op2.var);
3181 ZEND_VM_NEXT_OPCODE();
3182 }
3183
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3184 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3185 {
3186 zend_op *opline = EX(opline);
3187 zend_free_op free_op2;
3188 zval *result = &EX_T(opline->result.u.var).tmp_var;
3189
3190 compare_function(result,
3191 &opline->op1.u.constant,
3192 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3193 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
3194
3195 zval_dtor(free_op2.var);
3196 ZEND_VM_NEXT_OPCODE();
3197 }
3198
ZEND_BW_OR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3199 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3200 {
3201 zend_op *opline = EX(opline);
3202 zend_free_op free_op2;
3203
3204 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
3205 &opline->op1.u.constant,
3206 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3207
3208 zval_dtor(free_op2.var);
3209 ZEND_VM_NEXT_OPCODE();
3210 }
3211
ZEND_BW_AND_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3212 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3213 {
3214 zend_op *opline = EX(opline);
3215 zend_free_op free_op2;
3216
3217 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
3218 &opline->op1.u.constant,
3219 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3220
3221 zval_dtor(free_op2.var);
3222 ZEND_VM_NEXT_OPCODE();
3223 }
3224
ZEND_BW_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3225 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3226 {
3227 zend_op *opline = EX(opline);
3228 zend_free_op free_op2;
3229
3230 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
3231 &opline->op1.u.constant,
3232 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3233
3234 zval_dtor(free_op2.var);
3235 ZEND_VM_NEXT_OPCODE();
3236 }
3237
ZEND_BOOL_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3238 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3239 {
3240 zend_op *opline = EX(opline);
3241 zend_free_op free_op2;
3242
3243 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
3244 &opline->op1.u.constant,
3245 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3246
3247 zval_dtor(free_op2.var);
3248 ZEND_VM_NEXT_OPCODE();
3249 }
3250
ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3251 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3252 {
3253 zend_op *opline = EX(opline);
3254 zval *function_name;
3255 zend_class_entry *ce;
3256
3257 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
3258
3259 if (IS_CONST == IS_CONST) {
3260 /* no function found. try a static method in class */
3261 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
3262 if (UNEXPECTED(EG(exception) != NULL)) {
3263 ZEND_VM_CONTINUE();
3264 }
3265 if (!ce) {
3266 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
3267 }
3268 EX(called_scope) = ce;
3269 } else {
3270 ce = EX_T(opline->op1.u.var).class_entry;
3271
3272 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
3273 EX(called_scope) = EG(called_scope);
3274 } else {
3275 EX(called_scope) = ce;
3276 }
3277 }
3278 if(IS_TMP_VAR != IS_UNUSED) {
3279 char *function_name_strval = NULL;
3280 int function_name_strlen = 0;
3281 zend_free_op free_op2;
3282
3283 if (IS_TMP_VAR == IS_CONST) {
3284 function_name_strval = Z_STRVAL(opline->op2.u.constant);
3285 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
3286 } else {
3287 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
3288
3289 if (Z_TYPE_P(function_name) != IS_STRING) {
3290 zend_error_noreturn(E_ERROR, "Function name must be a string");
3291 } else {
3292 function_name_strval = Z_STRVAL_P(function_name);
3293 function_name_strlen = Z_STRLEN_P(function_name);
3294 }
3295 }
3296
3297 if (function_name_strval) {
3298 if (ce->get_static_method) {
3299 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
3300 } else {
3301 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
3302 }
3303 if (!EX(fbc)) {
3304 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
3305 }
3306 }
3307
3308 if (IS_TMP_VAR != IS_CONST) {
3309 zval_dtor(free_op2.var);
3310 }
3311 } else {
3312 if(!ce->constructor) {
3313 zend_error_noreturn(E_ERROR, "Cannot call constructor");
3314 }
3315 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
3316 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
3317 }
3318 EX(fbc) = ce->constructor;
3319 }
3320
3321 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
3322 EX(object) = NULL;
3323 } else {
3324 if (EG(This) &&
3325 Z_OBJ_HT_P(EG(This))->get_class_entry &&
3326 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
3327 /* We are calling method of the other (incompatible) class,
3328 but passing $this. This is done for compatibility with php-4. */
3329 int severity;
3330 char *verb;
3331 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
3332 severity = E_STRICT;
3333 verb = "should not";
3334 } else {
3335 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
3336 severity = E_ERROR;
3337 verb = "cannot";
3338 }
3339 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
3340
3341 }
3342 if ((EX(object) = EG(This))) {
3343 Z_ADDREF_P(EX(object));
3344 EX(called_scope) = Z_OBJCE_P(EX(object));
3345 }
3346 }
3347
3348 ZEND_VM_NEXT_OPCODE();
3349 }
3350
ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3351 static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3352 {
3353 zend_op *opline = EX(opline);
3354 int switch_expr_is_overloaded=0;
3355 zend_free_op free_op2;
3356
3357 if (IS_CONST==IS_VAR) {
3358 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
3359 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
3360 } else {
3361 switch_expr_is_overloaded = 1;
3362 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
3363 }
3364 }
3365 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
3366 &opline->op1.u.constant,
3367 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3368
3369 zval_dtor(free_op2.var);
3370 if (switch_expr_is_overloaded) {
3371 /* We only free op1 if this is a string offset,
3372 * Since if it is a TMP_VAR, it'll be reused by
3373 * other CASE opcodes (whereas string offsets
3374 * are allocated at each get_zval_ptr())
3375 */
3376
3377 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
3378 EX_T(opline->op1.u.var).var.ptr = NULL;
3379 }
3380 ZEND_VM_NEXT_OPCODE();
3381 }
3382
ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3383 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3384 {
3385 zend_op *opline = EX(opline);
3386 zend_free_op free_op2;
3387 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
3388 zval *expr_ptr;
3389 zval *offset=_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
3390
3391 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
3392 zval **expr_ptr_ptr = NULL;
3393
3394 if (opline->extended_value) {
3395 expr_ptr_ptr=NULL;
3396 expr_ptr = *expr_ptr_ptr;
3397 } else {
3398 expr_ptr=&opline->op1.u.constant;
3399 }
3400 #else
3401 expr_ptr=&opline->op1.u.constant;
3402 #endif
3403
3404 if (0) { /* temporary variable */
3405 zval *new_expr;
3406
3407 ALLOC_ZVAL(new_expr);
3408 INIT_PZVAL_COPY(new_expr, expr_ptr);
3409 expr_ptr = new_expr;
3410 } else {
3411 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
3412 if (opline->extended_value) {
3413 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
3414 expr_ptr = *expr_ptr_ptr;
3415 Z_ADDREF_P(expr_ptr);
3416 } else
3417 #endif
3418 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
3419 zval *new_expr;
3420
3421 ALLOC_ZVAL(new_expr);
3422 INIT_PZVAL_COPY(new_expr, expr_ptr);
3423 expr_ptr = new_expr;
3424 zendi_zval_copy_ctor(*expr_ptr);
3425 } else {
3426 Z_ADDREF_P(expr_ptr);
3427 }
3428 }
3429 if (offset) {
3430 switch (Z_TYPE_P(offset)) {
3431 case IS_DOUBLE:
3432 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
3433 break;
3434 case IS_LONG:
3435 case IS_BOOL:
3436 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
3437 break;
3438 case IS_STRING:
3439 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
3440 break;
3441 case IS_NULL:
3442 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
3443 break;
3444 default:
3445 zend_error(E_WARNING, "Illegal offset type");
3446 zval_ptr_dtor(&expr_ptr);
3447 /* do nothing */
3448 break;
3449 }
3450 zval_dtor(free_op2.var);
3451 } else {
3452 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
3453 }
3454 if (opline->extended_value) {
3455
3456 } else {
3457
3458 }
3459 ZEND_VM_NEXT_OPCODE();
3460 }
3461
ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3462 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3463 {
3464 zend_op *opline = EX(opline);
3465
3466 array_init(&EX_T(opline->result.u.var).tmp_var);
3467 if (IS_CONST == IS_UNUSED) {
3468 ZEND_VM_NEXT_OPCODE();
3469 #if 0 || IS_CONST != IS_UNUSED
3470 } else {
3471 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
3472 #endif
3473 }
3474 }
3475
ZEND_ADD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3476 static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3477 {
3478 zend_op *opline = EX(opline);
3479 zend_free_op free_op2;
3480
3481 add_function(&EX_T(opline->result.u.var).tmp_var,
3482 &opline->op1.u.constant,
3483 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3484
3485 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3486 ZEND_VM_NEXT_OPCODE();
3487 }
3488
ZEND_SUB_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3489 static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3490 {
3491 zend_op *opline = EX(opline);
3492 zend_free_op free_op2;
3493
3494 sub_function(&EX_T(opline->result.u.var).tmp_var,
3495 &opline->op1.u.constant,
3496 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3497
3498 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3499 ZEND_VM_NEXT_OPCODE();
3500 }
3501
ZEND_MUL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3502 static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3503 {
3504 zend_op *opline = EX(opline);
3505 zend_free_op free_op2;
3506
3507 mul_function(&EX_T(opline->result.u.var).tmp_var,
3508 &opline->op1.u.constant,
3509 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3510
3511 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3512 ZEND_VM_NEXT_OPCODE();
3513 }
3514
ZEND_DIV_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3515 static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3516 {
3517 zend_op *opline = EX(opline);
3518 zend_free_op free_op2;
3519
3520 div_function(&EX_T(opline->result.u.var).tmp_var,
3521 &opline->op1.u.constant,
3522 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3523
3524 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3525 ZEND_VM_NEXT_OPCODE();
3526 }
3527
ZEND_MOD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3528 static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3529 {
3530 zend_op *opline = EX(opline);
3531 zend_free_op free_op2;
3532
3533 mod_function(&EX_T(opline->result.u.var).tmp_var,
3534 &opline->op1.u.constant,
3535 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3536
3537 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3538 ZEND_VM_NEXT_OPCODE();
3539 }
3540
ZEND_SL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3541 static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3542 {
3543 zend_op *opline = EX(opline);
3544 zend_free_op free_op2;
3545
3546 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
3547 &opline->op1.u.constant,
3548 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3549
3550 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3551 ZEND_VM_NEXT_OPCODE();
3552 }
3553
ZEND_SR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3554 static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3555 {
3556 zend_op *opline = EX(opline);
3557 zend_free_op free_op2;
3558
3559 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
3560 &opline->op1.u.constant,
3561 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3562
3563 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3564 ZEND_VM_NEXT_OPCODE();
3565 }
3566
ZEND_CONCAT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3567 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3568 {
3569 zend_op *opline = EX(opline);
3570 zend_free_op free_op2;
3571
3572 concat_function(&EX_T(opline->result.u.var).tmp_var,
3573 &opline->op1.u.constant,
3574 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3575
3576 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3577 ZEND_VM_NEXT_OPCODE();
3578 }
3579
ZEND_IS_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3580 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3581 {
3582 zend_op *opline = EX(opline);
3583 zend_free_op free_op2;
3584
3585 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
3586 &opline->op1.u.constant,
3587 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3588
3589 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3590 ZEND_VM_NEXT_OPCODE();
3591 }
3592
ZEND_IS_NOT_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3593 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3594 {
3595 zend_op *opline = EX(opline);
3596 zend_free_op free_op2;
3597 zval *result = &EX_T(opline->result.u.var).tmp_var;
3598
3599 is_identical_function(result,
3600 &opline->op1.u.constant,
3601 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3602 Z_LVAL_P(result) = !Z_LVAL_P(result);
3603
3604 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3605 ZEND_VM_NEXT_OPCODE();
3606 }
3607
ZEND_IS_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3608 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3609 {
3610 zend_op *opline = EX(opline);
3611 zend_free_op free_op2;
3612 zval *result = &EX_T(opline->result.u.var).tmp_var;
3613
3614 compare_function(result,
3615 &opline->op1.u.constant,
3616 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3617 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
3618
3619 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3620 ZEND_VM_NEXT_OPCODE();
3621 }
3622
ZEND_IS_NOT_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3623 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3624 {
3625 zend_op *opline = EX(opline);
3626 zend_free_op free_op2;
3627 zval *result = &EX_T(opline->result.u.var).tmp_var;
3628
3629 compare_function(result,
3630 &opline->op1.u.constant,
3631 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3632 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
3633
3634 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3635 ZEND_VM_NEXT_OPCODE();
3636 }
3637
ZEND_IS_SMALLER_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3638 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3639 {
3640 zend_op *opline = EX(opline);
3641 zend_free_op free_op2;
3642 zval *result = &EX_T(opline->result.u.var).tmp_var;
3643
3644 compare_function(result,
3645 &opline->op1.u.constant,
3646 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3647 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
3648
3649 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3650 ZEND_VM_NEXT_OPCODE();
3651 }
3652
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3653 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3654 {
3655 zend_op *opline = EX(opline);
3656 zend_free_op free_op2;
3657 zval *result = &EX_T(opline->result.u.var).tmp_var;
3658
3659 compare_function(result,
3660 &opline->op1.u.constant,
3661 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3662 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
3663
3664 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3665 ZEND_VM_NEXT_OPCODE();
3666 }
3667
ZEND_BW_OR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3668 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3669 {
3670 zend_op *opline = EX(opline);
3671 zend_free_op free_op2;
3672
3673 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
3674 &opline->op1.u.constant,
3675 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3676
3677 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3678 ZEND_VM_NEXT_OPCODE();
3679 }
3680
ZEND_BW_AND_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3681 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3682 {
3683 zend_op *opline = EX(opline);
3684 zend_free_op free_op2;
3685
3686 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
3687 &opline->op1.u.constant,
3688 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3689
3690 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3691 ZEND_VM_NEXT_OPCODE();
3692 }
3693
ZEND_BW_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3694 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3695 {
3696 zend_op *opline = EX(opline);
3697 zend_free_op free_op2;
3698
3699 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
3700 &opline->op1.u.constant,
3701 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3702
3703 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3704 ZEND_VM_NEXT_OPCODE();
3705 }
3706
ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3707 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3708 {
3709 zend_op *opline = EX(opline);
3710 zend_free_op free_op2;
3711
3712 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
3713 &opline->op1.u.constant,
3714 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3715
3716 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3717 ZEND_VM_NEXT_OPCODE();
3718 }
3719
ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3720 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3721 {
3722 zend_op *opline = EX(opline);
3723 zval *function_name;
3724 zend_class_entry *ce;
3725
3726 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
3727
3728 if (IS_CONST == IS_CONST) {
3729 /* no function found. try a static method in class */
3730 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
3731 if (UNEXPECTED(EG(exception) != NULL)) {
3732 ZEND_VM_CONTINUE();
3733 }
3734 if (!ce) {
3735 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
3736 }
3737 EX(called_scope) = ce;
3738 } else {
3739 ce = EX_T(opline->op1.u.var).class_entry;
3740
3741 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
3742 EX(called_scope) = EG(called_scope);
3743 } else {
3744 EX(called_scope) = ce;
3745 }
3746 }
3747 if(IS_VAR != IS_UNUSED) {
3748 char *function_name_strval = NULL;
3749 int function_name_strlen = 0;
3750 zend_free_op free_op2;
3751
3752 if (IS_VAR == IS_CONST) {
3753 function_name_strval = Z_STRVAL(opline->op2.u.constant);
3754 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
3755 } else {
3756 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
3757
3758 if (Z_TYPE_P(function_name) != IS_STRING) {
3759 zend_error_noreturn(E_ERROR, "Function name must be a string");
3760 } else {
3761 function_name_strval = Z_STRVAL_P(function_name);
3762 function_name_strlen = Z_STRLEN_P(function_name);
3763 }
3764 }
3765
3766 if (function_name_strval) {
3767 if (ce->get_static_method) {
3768 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
3769 } else {
3770 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
3771 }
3772 if (!EX(fbc)) {
3773 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
3774 }
3775 }
3776
3777 if (IS_VAR != IS_CONST) {
3778 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3779 }
3780 } else {
3781 if(!ce->constructor) {
3782 zend_error_noreturn(E_ERROR, "Cannot call constructor");
3783 }
3784 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
3785 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
3786 }
3787 EX(fbc) = ce->constructor;
3788 }
3789
3790 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
3791 EX(object) = NULL;
3792 } else {
3793 if (EG(This) &&
3794 Z_OBJ_HT_P(EG(This))->get_class_entry &&
3795 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
3796 /* We are calling method of the other (incompatible) class,
3797 but passing $this. This is done for compatibility with php-4. */
3798 int severity;
3799 char *verb;
3800 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
3801 severity = E_STRICT;
3802 verb = "should not";
3803 } else {
3804 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
3805 severity = E_ERROR;
3806 verb = "cannot";
3807 }
3808 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
3809
3810 }
3811 if ((EX(object) = EG(This))) {
3812 Z_ADDREF_P(EX(object));
3813 EX(called_scope) = Z_OBJCE_P(EX(object));
3814 }
3815 }
3816
3817 ZEND_VM_NEXT_OPCODE();
3818 }
3819
ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3820 static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3821 {
3822 zend_op *opline = EX(opline);
3823 int switch_expr_is_overloaded=0;
3824 zend_free_op free_op2;
3825
3826 if (IS_CONST==IS_VAR) {
3827 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
3828 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
3829 } else {
3830 switch_expr_is_overloaded = 1;
3831 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
3832 }
3833 }
3834 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
3835 &opline->op1.u.constant,
3836 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
3837
3838 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3839 if (switch_expr_is_overloaded) {
3840 /* We only free op1 if this is a string offset,
3841 * Since if it is a TMP_VAR, it'll be reused by
3842 * other CASE opcodes (whereas string offsets
3843 * are allocated at each get_zval_ptr())
3844 */
3845
3846 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
3847 EX_T(opline->op1.u.var).var.ptr = NULL;
3848 }
3849 ZEND_VM_NEXT_OPCODE();
3850 }
3851
ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3852 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3853 {
3854 zend_op *opline = EX(opline);
3855 zend_free_op free_op2;
3856 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
3857 zval *expr_ptr;
3858 zval *offset=_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
3859
3860 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
3861 zval **expr_ptr_ptr = NULL;
3862
3863 if (opline->extended_value) {
3864 expr_ptr_ptr=NULL;
3865 expr_ptr = *expr_ptr_ptr;
3866 } else {
3867 expr_ptr=&opline->op1.u.constant;
3868 }
3869 #else
3870 expr_ptr=&opline->op1.u.constant;
3871 #endif
3872
3873 if (0) { /* temporary variable */
3874 zval *new_expr;
3875
3876 ALLOC_ZVAL(new_expr);
3877 INIT_PZVAL_COPY(new_expr, expr_ptr);
3878 expr_ptr = new_expr;
3879 } else {
3880 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
3881 if (opline->extended_value) {
3882 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
3883 expr_ptr = *expr_ptr_ptr;
3884 Z_ADDREF_P(expr_ptr);
3885 } else
3886 #endif
3887 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
3888 zval *new_expr;
3889
3890 ALLOC_ZVAL(new_expr);
3891 INIT_PZVAL_COPY(new_expr, expr_ptr);
3892 expr_ptr = new_expr;
3893 zendi_zval_copy_ctor(*expr_ptr);
3894 } else {
3895 Z_ADDREF_P(expr_ptr);
3896 }
3897 }
3898 if (offset) {
3899 switch (Z_TYPE_P(offset)) {
3900 case IS_DOUBLE:
3901 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
3902 break;
3903 case IS_LONG:
3904 case IS_BOOL:
3905 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
3906 break;
3907 case IS_STRING:
3908 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
3909 break;
3910 case IS_NULL:
3911 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
3912 break;
3913 default:
3914 zend_error(E_WARNING, "Illegal offset type");
3915 zval_ptr_dtor(&expr_ptr);
3916 /* do nothing */
3917 break;
3918 }
3919 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
3920 } else {
3921 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
3922 }
3923 if (opline->extended_value) {
3924
3925 } else {
3926
3927 }
3928 ZEND_VM_NEXT_OPCODE();
3929 }
3930
ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3931 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3932 {
3933 zend_op *opline = EX(opline);
3934
3935 array_init(&EX_T(opline->result.u.var).tmp_var);
3936 if (IS_CONST == IS_UNUSED) {
3937 ZEND_VM_NEXT_OPCODE();
3938 #if 0 || IS_CONST != IS_UNUSED
3939 } else {
3940 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
3941 #endif
3942 }
3943 }
3944
ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)3945 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
3946 {
3947 zend_op *opline = EX(opline);
3948 zval *function_name;
3949 zend_class_entry *ce;
3950
3951 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
3952
3953 if (IS_CONST == IS_CONST) {
3954 /* no function found. try a static method in class */
3955 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
3956 if (UNEXPECTED(EG(exception) != NULL)) {
3957 ZEND_VM_CONTINUE();
3958 }
3959 if (!ce) {
3960 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
3961 }
3962 EX(called_scope) = ce;
3963 } else {
3964 ce = EX_T(opline->op1.u.var).class_entry;
3965
3966 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
3967 EX(called_scope) = EG(called_scope);
3968 } else {
3969 EX(called_scope) = ce;
3970 }
3971 }
3972 if(IS_UNUSED != IS_UNUSED) {
3973 char *function_name_strval = NULL;
3974 int function_name_strlen = 0;
3975
3976
3977 if (IS_UNUSED == IS_CONST) {
3978 function_name_strval = Z_STRVAL(opline->op2.u.constant);
3979 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
3980 } else {
3981 function_name = NULL;
3982
3983 if (Z_TYPE_P(function_name) != IS_STRING) {
3984 zend_error_noreturn(E_ERROR, "Function name must be a string");
3985 } else {
3986 function_name_strval = Z_STRVAL_P(function_name);
3987 function_name_strlen = Z_STRLEN_P(function_name);
3988 }
3989 }
3990
3991 if (function_name_strval) {
3992 if (ce->get_static_method) {
3993 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
3994 } else {
3995 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
3996 }
3997 if (!EX(fbc)) {
3998 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
3999 }
4000 }
4001
4002 if (IS_UNUSED != IS_CONST) {
4003
4004 }
4005 } else {
4006 if(!ce->constructor) {
4007 zend_error_noreturn(E_ERROR, "Cannot call constructor");
4008 }
4009 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
4010 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
4011 }
4012 EX(fbc) = ce->constructor;
4013 }
4014
4015 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
4016 EX(object) = NULL;
4017 } else {
4018 if (EG(This) &&
4019 Z_OBJ_HT_P(EG(This))->get_class_entry &&
4020 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
4021 /* We are calling method of the other (incompatible) class,
4022 but passing $this. This is done for compatibility with php-4. */
4023 int severity;
4024 char *verb;
4025 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
4026 severity = E_STRICT;
4027 verb = "should not";
4028 } else {
4029 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
4030 severity = E_ERROR;
4031 verb = "cannot";
4032 }
4033 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
4034
4035 }
4036 if ((EX(object) = EG(This))) {
4037 Z_ADDREF_P(EX(object));
4038 EX(called_scope) = Z_OBJCE_P(EX(object));
4039 }
4040 }
4041
4042 ZEND_VM_NEXT_OPCODE();
4043 }
4044
ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4045 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4046 {
4047 zend_op *opline = EX(opline);
4048
4049 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
4050 zval *expr_ptr;
4051 zval *offset=NULL;
4052
4053 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
4054 zval **expr_ptr_ptr = NULL;
4055
4056 if (opline->extended_value) {
4057 expr_ptr_ptr=NULL;
4058 expr_ptr = *expr_ptr_ptr;
4059 } else {
4060 expr_ptr=&opline->op1.u.constant;
4061 }
4062 #else
4063 expr_ptr=&opline->op1.u.constant;
4064 #endif
4065
4066 if (0) { /* temporary variable */
4067 zval *new_expr;
4068
4069 ALLOC_ZVAL(new_expr);
4070 INIT_PZVAL_COPY(new_expr, expr_ptr);
4071 expr_ptr = new_expr;
4072 } else {
4073 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
4074 if (opline->extended_value) {
4075 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
4076 expr_ptr = *expr_ptr_ptr;
4077 Z_ADDREF_P(expr_ptr);
4078 } else
4079 #endif
4080 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
4081 zval *new_expr;
4082
4083 ALLOC_ZVAL(new_expr);
4084 INIT_PZVAL_COPY(new_expr, expr_ptr);
4085 expr_ptr = new_expr;
4086 zendi_zval_copy_ctor(*expr_ptr);
4087 } else {
4088 Z_ADDREF_P(expr_ptr);
4089 }
4090 }
4091 if (offset) {
4092 switch (Z_TYPE_P(offset)) {
4093 case IS_DOUBLE:
4094 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
4095 break;
4096 case IS_LONG:
4097 case IS_BOOL:
4098 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
4099 break;
4100 case IS_STRING:
4101 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
4102 break;
4103 case IS_NULL:
4104 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
4105 break;
4106 default:
4107 zend_error(E_WARNING, "Illegal offset type");
4108 zval_ptr_dtor(&expr_ptr);
4109 /* do nothing */
4110 break;
4111 }
4112
4113 } else {
4114 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
4115 }
4116 if (opline->extended_value) {
4117
4118 } else {
4119
4120 }
4121 ZEND_VM_NEXT_OPCODE();
4122 }
4123
ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4124 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4125 {
4126 zend_op *opline = EX(opline);
4127
4128 array_init(&EX_T(opline->result.u.var).tmp_var);
4129 if (IS_CONST == IS_UNUSED) {
4130 ZEND_VM_NEXT_OPCODE();
4131 #if 0 || IS_CONST != IS_UNUSED
4132 } else {
4133 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4134 #endif
4135 }
4136 }
4137
ZEND_ADD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4138 static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4139 {
4140 zend_op *opline = EX(opline);
4141
4142
4143 add_function(&EX_T(opline->result.u.var).tmp_var,
4144 &opline->op1.u.constant,
4145 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4146
4147
4148 ZEND_VM_NEXT_OPCODE();
4149 }
4150
ZEND_SUB_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4151 static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4152 {
4153 zend_op *opline = EX(opline);
4154
4155
4156 sub_function(&EX_T(opline->result.u.var).tmp_var,
4157 &opline->op1.u.constant,
4158 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4159
4160
4161 ZEND_VM_NEXT_OPCODE();
4162 }
4163
ZEND_MUL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4164 static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4165 {
4166 zend_op *opline = EX(opline);
4167
4168
4169 mul_function(&EX_T(opline->result.u.var).tmp_var,
4170 &opline->op1.u.constant,
4171 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4172
4173
4174 ZEND_VM_NEXT_OPCODE();
4175 }
4176
ZEND_DIV_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4177 static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4178 {
4179 zend_op *opline = EX(opline);
4180
4181
4182 div_function(&EX_T(opline->result.u.var).tmp_var,
4183 &opline->op1.u.constant,
4184 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4185
4186
4187 ZEND_VM_NEXT_OPCODE();
4188 }
4189
ZEND_MOD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4190 static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4191 {
4192 zend_op *opline = EX(opline);
4193
4194
4195 mod_function(&EX_T(opline->result.u.var).tmp_var,
4196 &opline->op1.u.constant,
4197 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4198
4199
4200 ZEND_VM_NEXT_OPCODE();
4201 }
4202
ZEND_SL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4203 static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4204 {
4205 zend_op *opline = EX(opline);
4206
4207
4208 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
4209 &opline->op1.u.constant,
4210 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4211
4212
4213 ZEND_VM_NEXT_OPCODE();
4214 }
4215
ZEND_SR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4216 static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4217 {
4218 zend_op *opline = EX(opline);
4219
4220
4221 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
4222 &opline->op1.u.constant,
4223 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4224
4225
4226 ZEND_VM_NEXT_OPCODE();
4227 }
4228
ZEND_CONCAT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4229 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4230 {
4231 zend_op *opline = EX(opline);
4232
4233
4234 concat_function(&EX_T(opline->result.u.var).tmp_var,
4235 &opline->op1.u.constant,
4236 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4237
4238
4239 ZEND_VM_NEXT_OPCODE();
4240 }
4241
ZEND_IS_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4242 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4243 {
4244 zend_op *opline = EX(opline);
4245
4246
4247 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
4248 &opline->op1.u.constant,
4249 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4250
4251
4252 ZEND_VM_NEXT_OPCODE();
4253 }
4254
ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4255 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4256 {
4257 zend_op *opline = EX(opline);
4258
4259 zval *result = &EX_T(opline->result.u.var).tmp_var;
4260
4261 is_identical_function(result,
4262 &opline->op1.u.constant,
4263 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4264 Z_LVAL_P(result) = !Z_LVAL_P(result);
4265
4266
4267 ZEND_VM_NEXT_OPCODE();
4268 }
4269
ZEND_IS_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4270 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4271 {
4272 zend_op *opline = EX(opline);
4273
4274 zval *result = &EX_T(opline->result.u.var).tmp_var;
4275
4276 compare_function(result,
4277 &opline->op1.u.constant,
4278 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4279 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
4280
4281
4282 ZEND_VM_NEXT_OPCODE();
4283 }
4284
ZEND_IS_NOT_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4285 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4286 {
4287 zend_op *opline = EX(opline);
4288
4289 zval *result = &EX_T(opline->result.u.var).tmp_var;
4290
4291 compare_function(result,
4292 &opline->op1.u.constant,
4293 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4294 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
4295
4296
4297 ZEND_VM_NEXT_OPCODE();
4298 }
4299
ZEND_IS_SMALLER_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4300 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4301 {
4302 zend_op *opline = EX(opline);
4303
4304 zval *result = &EX_T(opline->result.u.var).tmp_var;
4305
4306 compare_function(result,
4307 &opline->op1.u.constant,
4308 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4309 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
4310
4311
4312 ZEND_VM_NEXT_OPCODE();
4313 }
4314
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4315 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4316 {
4317 zend_op *opline = EX(opline);
4318
4319 zval *result = &EX_T(opline->result.u.var).tmp_var;
4320
4321 compare_function(result,
4322 &opline->op1.u.constant,
4323 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4324 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
4325
4326
4327 ZEND_VM_NEXT_OPCODE();
4328 }
4329
ZEND_BW_OR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4330 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4331 {
4332 zend_op *opline = EX(opline);
4333
4334
4335 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
4336 &opline->op1.u.constant,
4337 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4338
4339
4340 ZEND_VM_NEXT_OPCODE();
4341 }
4342
ZEND_BW_AND_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4343 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4344 {
4345 zend_op *opline = EX(opline);
4346
4347
4348 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
4349 &opline->op1.u.constant,
4350 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4351
4352
4353 ZEND_VM_NEXT_OPCODE();
4354 }
4355
ZEND_BW_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4356 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4357 {
4358 zend_op *opline = EX(opline);
4359
4360
4361 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
4362 &opline->op1.u.constant,
4363 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4364
4365
4366 ZEND_VM_NEXT_OPCODE();
4367 }
4368
ZEND_BOOL_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4369 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4370 {
4371 zend_op *opline = EX(opline);
4372
4373
4374 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
4375 &opline->op1.u.constant,
4376 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4377
4378
4379 ZEND_VM_NEXT_OPCODE();
4380 }
4381
ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4382 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4383 {
4384 zend_op *opline = EX(opline);
4385 zval *function_name;
4386 zend_class_entry *ce;
4387
4388 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
4389
4390 if (IS_CONST == IS_CONST) {
4391 /* no function found. try a static method in class */
4392 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
4393 if (UNEXPECTED(EG(exception) != NULL)) {
4394 ZEND_VM_CONTINUE();
4395 }
4396 if (!ce) {
4397 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
4398 }
4399 EX(called_scope) = ce;
4400 } else {
4401 ce = EX_T(opline->op1.u.var).class_entry;
4402
4403 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
4404 EX(called_scope) = EG(called_scope);
4405 } else {
4406 EX(called_scope) = ce;
4407 }
4408 }
4409 if(IS_CV != IS_UNUSED) {
4410 char *function_name_strval = NULL;
4411 int function_name_strlen = 0;
4412
4413
4414 if (IS_CV == IS_CONST) {
4415 function_name_strval = Z_STRVAL(opline->op2.u.constant);
4416 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
4417 } else {
4418 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
4419
4420 if (Z_TYPE_P(function_name) != IS_STRING) {
4421 zend_error_noreturn(E_ERROR, "Function name must be a string");
4422 } else {
4423 function_name_strval = Z_STRVAL_P(function_name);
4424 function_name_strlen = Z_STRLEN_P(function_name);
4425 }
4426 }
4427
4428 if (function_name_strval) {
4429 if (ce->get_static_method) {
4430 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
4431 } else {
4432 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
4433 }
4434 if (!EX(fbc)) {
4435 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
4436 }
4437 }
4438
4439 if (IS_CV != IS_CONST) {
4440
4441 }
4442 } else {
4443 if(!ce->constructor) {
4444 zend_error_noreturn(E_ERROR, "Cannot call constructor");
4445 }
4446 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
4447 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
4448 }
4449 EX(fbc) = ce->constructor;
4450 }
4451
4452 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
4453 EX(object) = NULL;
4454 } else {
4455 if (EG(This) &&
4456 Z_OBJ_HT_P(EG(This))->get_class_entry &&
4457 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
4458 /* We are calling method of the other (incompatible) class,
4459 but passing $this. This is done for compatibility with php-4. */
4460 int severity;
4461 char *verb;
4462 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
4463 severity = E_STRICT;
4464 verb = "should not";
4465 } else {
4466 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
4467 severity = E_ERROR;
4468 verb = "cannot";
4469 }
4470 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
4471
4472 }
4473 if ((EX(object) = EG(This))) {
4474 Z_ADDREF_P(EX(object));
4475 EX(called_scope) = Z_OBJCE_P(EX(object));
4476 }
4477 }
4478
4479 ZEND_VM_NEXT_OPCODE();
4480 }
4481
ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4482 static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4483 {
4484 zend_op *opline = EX(opline);
4485 int switch_expr_is_overloaded=0;
4486
4487
4488 if (IS_CONST==IS_VAR) {
4489 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
4490 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
4491 } else {
4492 switch_expr_is_overloaded = 1;
4493 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
4494 }
4495 }
4496 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
4497 &opline->op1.u.constant,
4498 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
4499
4500 if (switch_expr_is_overloaded) {
4501 /* We only free op1 if this is a string offset,
4502 * Since if it is a TMP_VAR, it'll be reused by
4503 * other CASE opcodes (whereas string offsets
4504 * are allocated at each get_zval_ptr())
4505 */
4506
4507 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
4508 EX_T(opline->op1.u.var).var.ptr = NULL;
4509 }
4510 ZEND_VM_NEXT_OPCODE();
4511 }
4512
ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4513 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4514 {
4515 zend_op *opline = EX(opline);
4516
4517 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
4518 zval *expr_ptr;
4519 zval *offset=_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
4520
4521 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
4522 zval **expr_ptr_ptr = NULL;
4523
4524 if (opline->extended_value) {
4525 expr_ptr_ptr=NULL;
4526 expr_ptr = *expr_ptr_ptr;
4527 } else {
4528 expr_ptr=&opline->op1.u.constant;
4529 }
4530 #else
4531 expr_ptr=&opline->op1.u.constant;
4532 #endif
4533
4534 if (0) { /* temporary variable */
4535 zval *new_expr;
4536
4537 ALLOC_ZVAL(new_expr);
4538 INIT_PZVAL_COPY(new_expr, expr_ptr);
4539 expr_ptr = new_expr;
4540 } else {
4541 #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
4542 if (opline->extended_value) {
4543 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
4544 expr_ptr = *expr_ptr_ptr;
4545 Z_ADDREF_P(expr_ptr);
4546 } else
4547 #endif
4548 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
4549 zval *new_expr;
4550
4551 ALLOC_ZVAL(new_expr);
4552 INIT_PZVAL_COPY(new_expr, expr_ptr);
4553 expr_ptr = new_expr;
4554 zendi_zval_copy_ctor(*expr_ptr);
4555 } else {
4556 Z_ADDREF_P(expr_ptr);
4557 }
4558 }
4559 if (offset) {
4560 switch (Z_TYPE_P(offset)) {
4561 case IS_DOUBLE:
4562 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
4563 break;
4564 case IS_LONG:
4565 case IS_BOOL:
4566 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
4567 break;
4568 case IS_STRING:
4569 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
4570 break;
4571 case IS_NULL:
4572 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
4573 break;
4574 default:
4575 zend_error(E_WARNING, "Illegal offset type");
4576 zval_ptr_dtor(&expr_ptr);
4577 /* do nothing */
4578 break;
4579 }
4580
4581 } else {
4582 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
4583 }
4584 if (opline->extended_value) {
4585
4586 } else {
4587
4588 }
4589 ZEND_VM_NEXT_OPCODE();
4590 }
4591
ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4592 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4593 {
4594 zend_op *opline = EX(opline);
4595
4596 array_init(&EX_T(opline->result.u.var).tmp_var);
4597 if (IS_CONST == IS_UNUSED) {
4598 ZEND_VM_NEXT_OPCODE();
4599 #if 0 || IS_CONST != IS_UNUSED
4600 } else {
4601 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4602 #endif
4603 }
4604 }
4605
ZEND_BW_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4606 static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4607 {
4608 zend_op *opline = EX(opline);
4609 zend_free_op free_op1;
4610
4611 bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
4612 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
4613 zval_dtor(free_op1.var);
4614 ZEND_VM_NEXT_OPCODE();
4615 }
4616
ZEND_BOOL_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4617 static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4618 {
4619 zend_op *opline = EX(opline);
4620 zend_free_op free_op1;
4621
4622 boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
4623 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
4624 zval_dtor(free_op1.var);
4625 ZEND_VM_NEXT_OPCODE();
4626 }
4627
ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4628 static int ZEND_FASTCALL ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4629 {
4630 zend_op *opline = EX(opline);
4631 zend_free_op free_op1;
4632 zval *z = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4633
4634 if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
4635 INIT_PZVAL(z);
4636 }
4637 zend_print_variable(z);
4638
4639 zval_dtor(free_op1.var);
4640 ZEND_VM_NEXT_OPCODE();
4641 }
4642
ZEND_PRINT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4643 static int ZEND_FASTCALL ZEND_PRINT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4644 {
4645 zend_op *opline = EX(opline);
4646
4647 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
4648 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
4649
4650 return ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4651 }
4652
zend_fetch_var_address_helper_SPEC_TMP(int type,ZEND_OPCODE_HANDLER_ARGS)4653 static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_OPCODE_HANDLER_ARGS)
4654 {
4655 zend_op *opline = EX(opline);
4656 zend_free_op free_op1;
4657 zval *varname = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4658 zval **retval;
4659 zval tmp_varname;
4660 HashTable *target_symbol_table;
4661
4662 if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
4663 tmp_varname = *varname;
4664 zval_copy_ctor(&tmp_varname);
4665 convert_to_string(&tmp_varname);
4666 varname = &tmp_varname;
4667 }
4668
4669 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
4670 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
4671 zval_dtor(free_op1.var);
4672 } else {
4673 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
4674 /*
4675 if (!target_symbol_table) {
4676 ZEND_VM_NEXT_OPCODE();
4677 }
4678 */
4679 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
4680 switch (type) {
4681 case BP_VAR_R:
4682 case BP_VAR_UNSET:
4683 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
4684 /* break missing intentionally */
4685 case BP_VAR_IS:
4686 retval = &EG(uninitialized_zval_ptr);
4687 break;
4688 case BP_VAR_RW:
4689 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
4690 /* break missing intentionally */
4691 case BP_VAR_W: {
4692 zval *new_zval = &EG(uninitialized_zval);
4693
4694 Z_ADDREF_P(new_zval);
4695 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
4696 }
4697 break;
4698 EMPTY_SWITCH_DEFAULT_CASE()
4699 }
4700 }
4701 switch (opline->op2.u.EA.type) {
4702 case ZEND_FETCH_GLOBAL:
4703 if (IS_TMP_VAR != IS_TMP_VAR) {
4704 zval_dtor(free_op1.var);
4705 }
4706 break;
4707 case ZEND_FETCH_LOCAL:
4708 zval_dtor(free_op1.var);
4709 break;
4710 case ZEND_FETCH_STATIC:
4711 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
4712 break;
4713 case ZEND_FETCH_GLOBAL_LOCK:
4714 if (IS_TMP_VAR == IS_VAR && !free_op1.var) {
4715 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
4716 }
4717 break;
4718 }
4719 }
4720
4721
4722 if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) {
4723 zval_dtor(varname);
4724 }
4725 if (!RETURN_VALUE_UNUSED(&opline->result)) {
4726 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
4727 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
4728 }
4729 PZVAL_LOCK(*retval);
4730 switch (type) {
4731 case BP_VAR_R:
4732 case BP_VAR_IS:
4733 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
4734 break;
4735 case BP_VAR_UNSET: {
4736 zend_free_op free_res;
4737
4738 EX_T(opline->result.u.var).var.ptr_ptr = retval;
4739 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
4740 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
4741 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
4742 }
4743 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
4744 FREE_OP_VAR_PTR(free_res);
4745 break;
4746 default:
4747 EX_T(opline->result.u.var).var.ptr_ptr = retval;
4748 break;
4749 }
4750 }
4751 }
4752 ZEND_VM_NEXT_OPCODE();
4753 }
4754
ZEND_FETCH_R_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4755 static int ZEND_FASTCALL ZEND_FETCH_R_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4756 {
4757 return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4758 }
4759
ZEND_FETCH_W_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4760 static int ZEND_FASTCALL ZEND_FETCH_W_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4761 {
4762 return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4763 }
4764
ZEND_FETCH_RW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4765 static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4766 {
4767 return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4768 }
4769
ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4770 static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4771 {
4772 return zend_fetch_var_address_helper_SPEC_TMP(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4773 }
4774
ZEND_FETCH_UNSET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4775 static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4776 {
4777 return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4778 }
4779
ZEND_FETCH_IS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4780 static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4781 {
4782 return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
4783 }
4784
ZEND_JMPZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4785 static int ZEND_FASTCALL ZEND_JMPZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4786 {
4787 zend_op *opline = EX(opline);
4788 zend_free_op free_op1;
4789 zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4790 int ret;
4791
4792 if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
4793 ret = Z_LVAL_P(val);
4794 } else {
4795 ret = i_zend_is_true(val);
4796 zval_dtor(free_op1.var);
4797 if (UNEXPECTED(EG(exception) != NULL)) {
4798 ZEND_VM_CONTINUE();
4799 }
4800 }
4801 if (!ret) {
4802 #if DEBUG_ZEND>=2
4803 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
4804 #endif
4805 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
4806 ZEND_VM_CONTINUE();
4807 }
4808
4809 ZEND_VM_NEXT_OPCODE();
4810 }
4811
ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4812 static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4813 {
4814 zend_op *opline = EX(opline);
4815 zend_free_op free_op1;
4816 zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4817 int ret;
4818
4819 if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
4820 ret = Z_LVAL_P(val);
4821 } else {
4822 ret = i_zend_is_true(val);
4823 zval_dtor(free_op1.var);
4824 if (UNEXPECTED(EG(exception) != NULL)) {
4825 ZEND_VM_CONTINUE();
4826 }
4827 }
4828 if (ret) {
4829 #if DEBUG_ZEND>=2
4830 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
4831 #endif
4832 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
4833 ZEND_VM_CONTINUE();
4834 }
4835
4836 ZEND_VM_NEXT_OPCODE();
4837 }
4838
ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4839 static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4840 {
4841 zend_op *opline = EX(opline);
4842 zend_free_op free_op1;
4843 zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4844 int retval;
4845
4846 if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
4847 retval = Z_LVAL_P(val);
4848 } else {
4849 retval = i_zend_is_true(val);
4850 zval_dtor(free_op1.var);
4851 if (UNEXPECTED(EG(exception) != NULL)) {
4852 ZEND_VM_CONTINUE();
4853 }
4854 }
4855 if (EXPECTED(retval != 0)) {
4856 #if DEBUG_ZEND>=2
4857 printf("Conditional jmp on true to %d\n", opline->extended_value);
4858 #endif
4859 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
4860 ZEND_VM_CONTINUE(); /* CHECK_ME */
4861 } else {
4862 #if DEBUG_ZEND>=2
4863 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
4864 #endif
4865 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
4866 ZEND_VM_CONTINUE(); /* CHECK_ME */
4867 }
4868 }
4869
ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4870 static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4871 {
4872 zend_op *opline = EX(opline);
4873 zend_free_op free_op1;
4874 zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4875 int retval;
4876
4877 if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
4878 retval = Z_LVAL_P(val);
4879 } else {
4880 retval = i_zend_is_true(val);
4881 zval_dtor(free_op1.var);
4882 if (UNEXPECTED(EG(exception) != NULL)) {
4883 ZEND_VM_CONTINUE();
4884 }
4885 }
4886 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
4887 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
4888 if (!retval) {
4889 #if DEBUG_ZEND>=2
4890 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
4891 #endif
4892 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
4893 ZEND_VM_CONTINUE();
4894 }
4895 ZEND_VM_NEXT_OPCODE();
4896 }
4897
ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4898 static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4899 {
4900 zend_op *opline = EX(opline);
4901 zend_free_op free_op1;
4902 zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4903 int retval;
4904
4905 if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
4906 retval = Z_LVAL_P(val);
4907 } else {
4908 retval = i_zend_is_true(val);
4909 zval_dtor(free_op1.var);
4910 if (UNEXPECTED(EG(exception) != NULL)) {
4911 ZEND_VM_CONTINUE();
4912 }
4913 }
4914 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
4915 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
4916 if (retval) {
4917 #if DEBUG_ZEND>=2
4918 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
4919 #endif
4920 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
4921 ZEND_VM_CONTINUE();
4922 }
4923 ZEND_VM_NEXT_OPCODE();
4924 }
4925
ZEND_FREE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4926 static int ZEND_FASTCALL ZEND_FREE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4927 {
4928 zendi_zval_dtor(EX_T(EX(opline)->op1.u.var).tmp_var);
4929 ZEND_VM_NEXT_OPCODE();
4930 }
4931
ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)4932 static int ZEND_FASTCALL ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
4933 {
4934 zend_op *opline = EX(opline);
4935 zval *retval_ptr;
4936 zval **retval_ptr_ptr;
4937 zend_free_op free_op1;
4938
4939 if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
4940
4941 if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) {
4942 /* Not supposed to happen, but we'll allow it */
4943 zend_error(E_NOTICE, "Only variable references should be returned by reference");
4944 goto return_by_value;
4945 }
4946
4947 retval_ptr_ptr = NULL;
4948
4949 if (IS_TMP_VAR == IS_VAR && !retval_ptr_ptr) {
4950 zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
4951 }
4952
4953 if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
4954 if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
4955 EX_T(opline->op1.u.var).var.fcall_returned_reference) {
4956 } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
4957 if (IS_TMP_VAR == IS_VAR && !1) {
4958 PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
4959 }
4960 zend_error(E_NOTICE, "Only variable references should be returned by reference");
4961 goto return_by_value;
4962 }
4963 }
4964
4965 if (EG(return_value_ptr_ptr)) {
4966 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
4967 Z_ADDREF_PP(retval_ptr_ptr);
4968
4969 (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
4970 }
4971 } else {
4972 return_by_value:
4973
4974 retval_ptr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
4975
4976 if (!EG(return_value_ptr_ptr)) {
4977 if (IS_TMP_VAR == IS_TMP_VAR) {
4978 zval_dtor(free_op1.var);
4979 }
4980 } else if (!1) { /* Not a temp var */
4981 if (IS_TMP_VAR == IS_CONST ||
4982 EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
4983 (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
4984 zval *ret;
4985
4986 ALLOC_ZVAL(ret);
4987 INIT_PZVAL_COPY(ret, retval_ptr);
4988 zval_copy_ctor(ret);
4989 *EG(return_value_ptr_ptr) = ret;
4990 } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) &&
4991 retval_ptr == &EG(uninitialized_zval)) {
4992 zval *ret;
4993
4994 ALLOC_INIT_ZVAL(ret);
4995 *EG(return_value_ptr_ptr) = ret;
4996 } else {
4997 *EG(return_value_ptr_ptr) = retval_ptr;
4998 Z_ADDREF_P(retval_ptr);
4999 }
5000 } else {
5001 zval *ret;
5002
5003 ALLOC_ZVAL(ret);
5004 INIT_PZVAL_COPY(ret, retval_ptr);
5005 *EG(return_value_ptr_ptr) = ret;
5006 }
5007 }
5008
5009 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
5010 }
5011
ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5012 static int ZEND_FASTCALL ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5013 {
5014 zend_op *opline = EX(opline);
5015 zval *value;
5016 zval *exception;
5017 zend_free_op free_op1;
5018
5019 value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5020
5021 if (IS_TMP_VAR == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
5022 zend_error_noreturn(E_ERROR, "Can only throw objects");
5023 }
5024 zend_exception_save(TSRMLS_C);
5025 /* Not sure if a complete copy is what we want here */
5026 ALLOC_ZVAL(exception);
5027 INIT_PZVAL_COPY(exception, value);
5028 if (!1) {
5029 zval_copy_ctor(exception);
5030 }
5031
5032 zend_throw_exception_object(exception TSRMLS_CC);
5033 zend_exception_restore(TSRMLS_C);
5034
5035 ZEND_VM_NEXT_OPCODE();
5036 }
5037
ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5038 static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5039 {
5040 zend_op *opline = EX(opline);
5041 if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
5042 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
5043 zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
5044 }
5045 {
5046 zval *valptr;
5047 zval *value;
5048 zend_free_op free_op1;
5049
5050 value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5051
5052 ALLOC_ZVAL(valptr);
5053 INIT_PZVAL_COPY(valptr, value);
5054 if (!1) {
5055 zval_copy_ctor(valptr);
5056 }
5057 zend_vm_stack_push(valptr TSRMLS_CC);
5058
5059 }
5060 ZEND_VM_NEXT_OPCODE();
5061 }
5062
ZEND_BOOL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5063 static int ZEND_FASTCALL ZEND_BOOL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5064 {
5065 zend_op *opline = EX(opline);
5066 zend_free_op free_op1;
5067
5068 /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
5069 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC));
5070 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
5071 zval_dtor(free_op1.var);
5072
5073 ZEND_VM_NEXT_OPCODE();
5074 }
5075
ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5076 static int ZEND_FASTCALL ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5077 {
5078 zend_op *opline = EX(opline);
5079 zend_free_op free_op1;
5080 zval *obj = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5081 zend_class_entry *ce;
5082 zend_function *clone;
5083 zend_object_clone_obj_t clone_call;
5084
5085 if (IS_TMP_VAR == IS_CONST ||
5086 (IS_TMP_VAR == IS_VAR && !obj) ||
5087 Z_TYPE_P(obj) != IS_OBJECT) {
5088 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
5089 }
5090
5091 ce = Z_OBJCE_P(obj);
5092 clone = ce ? ce->clone : NULL;
5093 clone_call = Z_OBJ_HT_P(obj)->clone_obj;
5094 if (!clone_call) {
5095 if (ce) {
5096 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
5097 } else {
5098 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
5099 }
5100 }
5101
5102 if (ce && clone) {
5103 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
5104 /* Ensure that if we're calling a private function, we're allowed to do so.
5105 */
5106 if (ce != EG(scope)) {
5107 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
5108 }
5109 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
5110 /* Ensure that if we're calling a protected function, we're allowed to do so.
5111 */
5112 if (!zend_check_protected(clone->common.scope, EG(scope))) {
5113 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
5114 }
5115 }
5116 }
5117
5118 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
5119 if (!EG(exception)) {
5120 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
5121 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
5122 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
5123 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
5124 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
5125 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
5126 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
5127 }
5128 }
5129
5130 ZEND_VM_NEXT_OPCODE();
5131 }
5132
ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5133 static int ZEND_FASTCALL ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5134 {
5135 zend_op *opline = EX(opline);
5136 zend_free_op free_op1;
5137 zval *expr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5138 zval *result = &EX_T(opline->result.u.var).tmp_var;
5139
5140 if (opline->extended_value != IS_STRING) {
5141 *result = *expr;
5142 if (!1) {
5143 zendi_zval_copy_ctor(*result);
5144 }
5145 }
5146 switch (opline->extended_value) {
5147 case IS_NULL:
5148 convert_to_null(result);
5149 break;
5150 case IS_BOOL:
5151 convert_to_boolean(result);
5152 break;
5153 case IS_LONG:
5154 convert_to_long(result);
5155 break;
5156 case IS_DOUBLE:
5157 convert_to_double(result);
5158 break;
5159 case IS_STRING: {
5160 zval var_copy;
5161 int use_copy;
5162
5163 zend_make_printable_zval(expr, &var_copy, &use_copy);
5164 if (use_copy) {
5165 *result = var_copy;
5166 if (1) {
5167 zval_dtor(free_op1.var);
5168 }
5169 } else {
5170 *result = *expr;
5171 if (!1) {
5172 zendi_zval_copy_ctor(*result);
5173 }
5174 }
5175 break;
5176 }
5177 case IS_ARRAY:
5178 convert_to_array(result);
5179 break;
5180 case IS_OBJECT:
5181 convert_to_object(result);
5182 break;
5183 }
5184
5185 ZEND_VM_NEXT_OPCODE();
5186 }
5187
ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5188 static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5189 {
5190 zend_op *opline = EX(opline);
5191 zend_op_array *new_op_array=NULL;
5192 int return_value_used;
5193 zend_free_op free_op1;
5194 zval *inc_filename = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5195 zval *tmp_inc_filename = NULL;
5196 zend_bool failure_retval=0;
5197
5198 if (inc_filename->type!=IS_STRING) {
5199 MAKE_STD_ZVAL(tmp_inc_filename);
5200 *tmp_inc_filename = *inc_filename;
5201 zval_copy_ctor(tmp_inc_filename);
5202 convert_to_string(tmp_inc_filename);
5203 inc_filename = tmp_inc_filename;
5204 }
5205
5206 return_value_used = RETURN_VALUE_USED(opline);
5207
5208 if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
5209 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
5210 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
5211 } else {
5212 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
5213 }
5214 } else {
5215 switch (Z_LVAL(opline->op2.u.constant)) {
5216 case ZEND_INCLUDE_ONCE:
5217 case ZEND_REQUIRE_ONCE: {
5218 zend_file_handle file_handle;
5219 char *resolved_path;
5220
5221 resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
5222 if (resolved_path) {
5223 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
5224 } else {
5225 resolved_path = Z_STRVAL_P(inc_filename);
5226 }
5227
5228 if (failure_retval) {
5229 /* do nothing, file already included */
5230 } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
5231
5232 if (!file_handle.opened_path) {
5233 file_handle.opened_path = estrdup(resolved_path);
5234 }
5235
5236 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
5237 new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
5238 zend_destroy_file_handle(&file_handle TSRMLS_CC);
5239 } else {
5240 zend_file_handle_dtor(&file_handle TSRMLS_CC);
5241 failure_retval=1;
5242 }
5243 } else {
5244 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
5245 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
5246 } else {
5247 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
5248 }
5249 }
5250 if (resolved_path != Z_STRVAL_P(inc_filename)) {
5251 efree(resolved_path);
5252 }
5253 }
5254 break;
5255 case ZEND_INCLUDE:
5256 case ZEND_REQUIRE:
5257 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
5258 break;
5259 case ZEND_EVAL: {
5260 char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
5261
5262 new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
5263 efree(eval_desc);
5264 }
5265 break;
5266 EMPTY_SWITCH_DEFAULT_CASE()
5267 }
5268 }
5269 if (tmp_inc_filename) {
5270 zval_ptr_dtor(&tmp_inc_filename);
5271 }
5272 zval_dtor(free_op1.var);
5273 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
5274 if (new_op_array && !EG(exception)) {
5275 EX(original_return_value) = EG(return_value_ptr_ptr);
5276 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
5277 EG(active_op_array) = new_op_array;
5278 EX_T(opline->result.u.var).var.ptr = NULL;
5279
5280 EX(current_object) = EX(object);
5281
5282 EX(function_state).function = (zend_function *) new_op_array;
5283 EX(object) = NULL;
5284
5285 if (!EG(active_symbol_table)) {
5286 zend_rebuild_symbol_table(TSRMLS_C);
5287 }
5288
5289 if (zend_execute == execute) {
5290 EX(call_opline) = opline;
5291 ZEND_VM_ENTER();
5292 } else {
5293 zend_execute(new_op_array TSRMLS_CC);
5294 }
5295
5296 EX(function_state).function = (zend_function *) EX(op_array);
5297 EX(object) = EX(current_object);
5298
5299 if (return_value_used) {
5300 if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
5301 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
5302 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
5303 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
5304 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
5305 }
5306 }
5307
5308 EG(opline_ptr) = &EX(opline);
5309 EG(active_op_array) = EX(op_array);
5310 EG(return_value_ptr_ptr) = EX(original_return_value);
5311 destroy_op_array(new_op_array TSRMLS_CC);
5312 efree(new_op_array);
5313 if (EG(exception)) {
5314 zend_throw_exception_internal(NULL TSRMLS_CC);
5315 }
5316 } else {
5317 if (return_value_used) {
5318 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
5319 INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
5320 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
5321 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
5322 }
5323 }
5324 ZEND_VM_NEXT_OPCODE();
5325 }
5326
ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5327 static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5328 {
5329 zend_op *opline = EX(opline);
5330 zval tmp, *varname;
5331 HashTable *target_symbol_table;
5332 zend_free_op free_op1;
5333
5334 if (IS_TMP_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
5335 if (EG(active_symbol_table)) {
5336 zend_execute_data *ex = EX(prev_execute_data);
5337 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
5338
5339 if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
5340 while (ex && ex->symbol_table == EG(active_symbol_table)) {
5341 int i;
5342
5343 if (ex->op_array) {
5344 for (i = 0; i < ex->op_array->last_var; i++) {
5345 if (ex->op_array->vars[i].hash_value == cv->hash_value &&
5346 ex->op_array->vars[i].name_len == cv->name_len &&
5347 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
5348 ex->CVs[i] = NULL;
5349 break;
5350 }
5351 }
5352 }
5353 ex = ex->prev_execute_data;
5354 }
5355 }
5356 EX(CVs)[opline->op1.u.var] = NULL;
5357 } else if (EX(CVs)[opline->op1.u.var]) {
5358 zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
5359 EX(CVs)[opline->op1.u.var] = NULL;
5360 }
5361 ZEND_VM_NEXT_OPCODE();
5362 }
5363
5364 varname = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5365
5366 if (Z_TYPE_P(varname) != IS_STRING) {
5367 tmp = *varname;
5368 zval_copy_ctor(&tmp);
5369 convert_to_string(&tmp);
5370 varname = &tmp;
5371 } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) {
5372 Z_ADDREF_P(varname);
5373 }
5374
5375 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
5376 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
5377 } else {
5378 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
5379
5380 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
5381 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
5382 zend_execute_data *ex = execute_data;
5383
5384 do {
5385 int i;
5386
5387 if (ex->op_array) {
5388 for (i = 0; i < ex->op_array->last_var; i++) {
5389 if (ex->op_array->vars[i].hash_value == hash_value &&
5390 ex->op_array->vars[i].name_len == varname->value.str.len &&
5391 !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
5392 ex->CVs[i] = NULL;
5393 break;
5394 }
5395 }
5396 }
5397 ex = ex->prev_execute_data;
5398 } while (ex && ex->symbol_table == target_symbol_table);
5399 }
5400 }
5401
5402 if (varname == &tmp) {
5403 zval_dtor(&tmp);
5404 } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) {
5405 zval_ptr_dtor(&varname);
5406 }
5407 zval_dtor(free_op1.var);
5408 ZEND_VM_NEXT_OPCODE();
5409 }
5410
ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5411 static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5412 {
5413 zend_op *opline = EX(opline);
5414 zend_free_op free_op1;
5415 zval *array_ptr, **array_ptr_ptr;
5416 HashTable *fe_ht;
5417 zend_object_iterator *iter = NULL;
5418 zend_class_entry *ce = NULL;
5419 zend_bool is_empty = 0;
5420
5421 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
5422 array_ptr_ptr = NULL;
5423 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
5424 ALLOC_INIT_ZVAL(array_ptr);
5425 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
5426 if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
5427 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
5428 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
5429 }
5430
5431 ce = Z_OBJCE_PP(array_ptr_ptr);
5432 if (!ce || ce->get_iterator == NULL) {
5433 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
5434 Z_ADDREF_PP(array_ptr_ptr);
5435 }
5436 array_ptr = *array_ptr_ptr;
5437 } else {
5438 if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
5439 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
5440 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
5441 Z_SET_ISREF_PP(array_ptr_ptr);
5442 }
5443 }
5444 array_ptr = *array_ptr_ptr;
5445 Z_ADDREF_P(array_ptr);
5446 }
5447 } else {
5448 array_ptr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5449 if (1) { /* IS_TMP_VAR */
5450 zval *tmp;
5451
5452 ALLOC_ZVAL(tmp);
5453 INIT_PZVAL_COPY(tmp, array_ptr);
5454 array_ptr = tmp;
5455 if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
5456 ce = Z_OBJCE_P(array_ptr);
5457 if (ce && ce->get_iterator) {
5458 Z_DELREF_P(array_ptr);
5459 }
5460 }
5461 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
5462 ce = Z_OBJCE_P(array_ptr);
5463 if (!ce || !ce->get_iterator) {
5464 Z_ADDREF_P(array_ptr);
5465 }
5466 } else if (IS_TMP_VAR == IS_CONST ||
5467 ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) &&
5468 !Z_ISREF_P(array_ptr) &&
5469 Z_REFCOUNT_P(array_ptr) > 1)) {
5470 zval *tmp;
5471
5472 ALLOC_ZVAL(tmp);
5473 INIT_PZVAL_COPY(tmp, array_ptr);
5474 zval_copy_ctor(tmp);
5475 array_ptr = tmp;
5476 } else {
5477 Z_ADDREF_P(array_ptr);
5478 }
5479 }
5480
5481 if (ce && ce->get_iterator) {
5482 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
5483
5484 if (iter && !EG(exception)) {
5485 array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
5486 } else {
5487 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
5488
5489 } else {
5490
5491 }
5492 if (!EG(exception)) {
5493 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
5494 }
5495 zend_throw_exception_internal(NULL TSRMLS_CC);
5496 ZEND_VM_NEXT_OPCODE();
5497 }
5498 }
5499
5500 AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
5501 PZVAL_LOCK(array_ptr);
5502
5503 if (iter) {
5504 iter->index = 0;
5505 if (iter->funcs->rewind) {
5506 iter->funcs->rewind(iter TSRMLS_CC);
5507 if (EG(exception)) {
5508 Z_DELREF_P(array_ptr);
5509 zval_ptr_dtor(&array_ptr);
5510 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
5511
5512 } else {
5513
5514 }
5515 ZEND_VM_NEXT_OPCODE();
5516 }
5517 }
5518 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
5519 if (EG(exception)) {
5520 Z_DELREF_P(array_ptr);
5521 zval_ptr_dtor(&array_ptr);
5522 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
5523
5524 } else {
5525
5526 }
5527 ZEND_VM_NEXT_OPCODE();
5528 }
5529 iter->index = -1; /* will be set to 0 before using next handler */
5530 } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
5531 zend_hash_internal_pointer_reset(fe_ht);
5532 if (ce) {
5533 zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
5534 while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
5535 char *str_key;
5536 uint str_key_len;
5537 ulong int_key;
5538 zend_uchar key_type;
5539
5540 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
5541 if (key_type != HASH_KEY_NON_EXISTANT &&
5542 (key_type == HASH_KEY_IS_LONG ||
5543 zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
5544 break;
5545 }
5546 zend_hash_move_forward(fe_ht);
5547 }
5548 }
5549 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
5550 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
5551 } else {
5552 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
5553 is_empty = 1;
5554 }
5555
5556 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
5557
5558 } else {
5559
5560 }
5561 if (is_empty) {
5562 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
5563 } else {
5564 ZEND_VM_NEXT_OPCODE();
5565 }
5566 }
5567
ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5568 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5569 {
5570 zend_op *opline = EX(opline);
5571 zval **value;
5572 zend_bool isset = 1;
5573
5574 if (IS_TMP_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
5575 if (EX(CVs)[opline->op1.u.var]) {
5576 value = EX(CVs)[opline->op1.u.var];
5577 } else if (EG(active_symbol_table)) {
5578 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
5579
5580 if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
5581 isset = 0;
5582 }
5583 } else {
5584 isset = 0;
5585 }
5586 } else {
5587 HashTable *target_symbol_table;
5588 zend_free_op free_op1;
5589 zval tmp, *varname = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5590
5591 if (Z_TYPE_P(varname) != IS_STRING) {
5592 tmp = *varname;
5593 zval_copy_ctor(&tmp);
5594 convert_to_string(&tmp);
5595 varname = &tmp;
5596 }
5597
5598 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
5599 value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
5600 if (!value) {
5601 isset = 0;
5602 }
5603 } else {
5604 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
5605 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
5606 isset = 0;
5607 }
5608 }
5609
5610 if (varname == &tmp) {
5611 zval_dtor(&tmp);
5612 }
5613 zval_dtor(free_op1.var);
5614 }
5615
5616 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
5617
5618 switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
5619 case ZEND_ISSET:
5620 if (isset && Z_TYPE_PP(value) == IS_NULL) {
5621 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
5622 } else {
5623 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
5624 }
5625 break;
5626 case ZEND_ISEMPTY:
5627 if (!isset || !i_zend_is_true(*value)) {
5628 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
5629 } else {
5630 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
5631 }
5632 break;
5633 }
5634
5635 ZEND_VM_NEXT_OPCODE();
5636 }
5637
ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5638 static int ZEND_FASTCALL ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5639 {
5640 #if 0 || (IS_TMP_VAR != IS_UNUSED)
5641 zend_op *opline = EX(opline);
5642 if (IS_TMP_VAR != IS_UNUSED) {
5643 zend_free_op free_op1;
5644 zval *ptr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5645
5646 if (Z_TYPE_P(ptr) == IS_LONG) {
5647 EG(exit_status) = Z_LVAL_P(ptr);
5648 } else {
5649 zend_print_variable(ptr);
5650 }
5651 zval_dtor(free_op1.var);
5652 }
5653 #endif
5654 zend_bailout();
5655 ZEND_VM_NEXT_OPCODE();
5656 }
5657
ZEND_END_SILENCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5658 static int ZEND_FASTCALL ZEND_END_SILENCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5659 {
5660 zend_op *opline = EX(opline);
5661 zval restored_error_reporting;
5662
5663 if (!EG(error_reporting) && Z_LVAL(EX_T(opline->op1.u.var).tmp_var) != 0) {
5664 Z_TYPE(restored_error_reporting) = IS_LONG;
5665 Z_LVAL(restored_error_reporting) = Z_LVAL(EX_T(opline->op1.u.var).tmp_var);
5666 convert_to_string(&restored_error_reporting);
5667 zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), Z_STRVAL(restored_error_reporting), Z_STRLEN(restored_error_reporting), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC);
5668 zendi_zval_dtor(restored_error_reporting);
5669 }
5670 if (EX(old_error_reporting) == &EX_T(opline->op1.u.var).tmp_var) {
5671 EX(old_error_reporting) = NULL;
5672 }
5673 ZEND_VM_NEXT_OPCODE();
5674 }
5675
ZEND_JMP_SET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5676 static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5677 {
5678 zend_op *opline = EX(opline);
5679 zend_free_op free_op1;
5680 zval *value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5681
5682 if (i_zend_is_true(value)) {
5683 EX_T(opline->result.u.var).tmp_var = *value;
5684 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
5685 zval_dtor(free_op1.var);
5686 #if DEBUG_ZEND>=2
5687 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
5688 #endif
5689 ZEND_VM_JMP(opline->op2.u.jmp_addr);
5690 }
5691
5692 zval_dtor(free_op1.var);
5693 ZEND_VM_NEXT_OPCODE();
5694 }
5695
ZEND_QM_ASSIGN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5696 static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5697 {
5698 zend_op *opline = EX(opline);
5699 zend_free_op free_op1;
5700 zval *value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5701
5702 EX_T(opline->result.u.var).tmp_var = *value;
5703 if (!1) {
5704 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
5705 }
5706
5707 ZEND_VM_NEXT_OPCODE();
5708 }
5709
ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5710 static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5711 {
5712 zend_op *opline = EX(opline);
5713 zend_free_op free_op1;
5714 zval *expr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5715 zend_bool result;
5716
5717 if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) {
5718 result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.u.var).class_entry TSRMLS_CC);
5719 } else {
5720 result = 0;
5721 }
5722 ZVAL_BOOL(&EX_T(opline->result.u.var).tmp_var, result);
5723 zval_dtor(free_op1.var);
5724 ZEND_VM_NEXT_OPCODE();
5725 }
5726
ZEND_ADD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5727 static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5728 {
5729 zend_op *opline = EX(opline);
5730 zend_free_op free_op1;
5731
5732 add_function(&EX_T(opline->result.u.var).tmp_var,
5733 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5734 &opline->op2.u.constant TSRMLS_CC);
5735 zval_dtor(free_op1.var);
5736
5737 ZEND_VM_NEXT_OPCODE();
5738 }
5739
ZEND_SUB_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5740 static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5741 {
5742 zend_op *opline = EX(opline);
5743 zend_free_op free_op1;
5744
5745 sub_function(&EX_T(opline->result.u.var).tmp_var,
5746 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5747 &opline->op2.u.constant TSRMLS_CC);
5748 zval_dtor(free_op1.var);
5749
5750 ZEND_VM_NEXT_OPCODE();
5751 }
5752
ZEND_MUL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5753 static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5754 {
5755 zend_op *opline = EX(opline);
5756 zend_free_op free_op1;
5757
5758 mul_function(&EX_T(opline->result.u.var).tmp_var,
5759 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5760 &opline->op2.u.constant TSRMLS_CC);
5761 zval_dtor(free_op1.var);
5762
5763 ZEND_VM_NEXT_OPCODE();
5764 }
5765
ZEND_DIV_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5766 static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5767 {
5768 zend_op *opline = EX(opline);
5769 zend_free_op free_op1;
5770
5771 div_function(&EX_T(opline->result.u.var).tmp_var,
5772 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5773 &opline->op2.u.constant TSRMLS_CC);
5774 zval_dtor(free_op1.var);
5775
5776 ZEND_VM_NEXT_OPCODE();
5777 }
5778
ZEND_MOD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5779 static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5780 {
5781 zend_op *opline = EX(opline);
5782 zend_free_op free_op1;
5783
5784 mod_function(&EX_T(opline->result.u.var).tmp_var,
5785 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5786 &opline->op2.u.constant TSRMLS_CC);
5787 zval_dtor(free_op1.var);
5788
5789 ZEND_VM_NEXT_OPCODE();
5790 }
5791
ZEND_SL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5792 static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5793 {
5794 zend_op *opline = EX(opline);
5795 zend_free_op free_op1;
5796
5797 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
5798 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5799 &opline->op2.u.constant TSRMLS_CC);
5800 zval_dtor(free_op1.var);
5801
5802 ZEND_VM_NEXT_OPCODE();
5803 }
5804
ZEND_SR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5805 static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5806 {
5807 zend_op *opline = EX(opline);
5808 zend_free_op free_op1;
5809
5810 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
5811 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5812 &opline->op2.u.constant TSRMLS_CC);
5813 zval_dtor(free_op1.var);
5814
5815 ZEND_VM_NEXT_OPCODE();
5816 }
5817
ZEND_CONCAT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5818 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5819 {
5820 zend_op *opline = EX(opline);
5821 zend_free_op free_op1;
5822
5823 concat_function(&EX_T(opline->result.u.var).tmp_var,
5824 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5825 &opline->op2.u.constant TSRMLS_CC);
5826 zval_dtor(free_op1.var);
5827
5828 ZEND_VM_NEXT_OPCODE();
5829 }
5830
ZEND_IS_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5831 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5832 {
5833 zend_op *opline = EX(opline);
5834 zend_free_op free_op1;
5835
5836 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
5837 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5838 &opline->op2.u.constant TSRMLS_CC);
5839 zval_dtor(free_op1.var);
5840
5841 ZEND_VM_NEXT_OPCODE();
5842 }
5843
ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5844 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5845 {
5846 zend_op *opline = EX(opline);
5847 zend_free_op free_op1;
5848 zval *result = &EX_T(opline->result.u.var).tmp_var;
5849
5850 is_identical_function(result,
5851 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5852 &opline->op2.u.constant TSRMLS_CC);
5853 Z_LVAL_P(result) = !Z_LVAL_P(result);
5854 zval_dtor(free_op1.var);
5855
5856 ZEND_VM_NEXT_OPCODE();
5857 }
5858
ZEND_IS_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5859 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5860 {
5861 zend_op *opline = EX(opline);
5862 zend_free_op free_op1;
5863 zval *result = &EX_T(opline->result.u.var).tmp_var;
5864
5865 compare_function(result,
5866 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5867 &opline->op2.u.constant TSRMLS_CC);
5868 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
5869 zval_dtor(free_op1.var);
5870
5871 ZEND_VM_NEXT_OPCODE();
5872 }
5873
ZEND_IS_NOT_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5874 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5875 {
5876 zend_op *opline = EX(opline);
5877 zend_free_op free_op1;
5878 zval *result = &EX_T(opline->result.u.var).tmp_var;
5879
5880 compare_function(result,
5881 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5882 &opline->op2.u.constant TSRMLS_CC);
5883 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
5884 zval_dtor(free_op1.var);
5885
5886 ZEND_VM_NEXT_OPCODE();
5887 }
5888
ZEND_IS_SMALLER_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5889 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5890 {
5891 zend_op *opline = EX(opline);
5892 zend_free_op free_op1;
5893 zval *result = &EX_T(opline->result.u.var).tmp_var;
5894
5895 compare_function(result,
5896 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5897 &opline->op2.u.constant TSRMLS_CC);
5898 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
5899 zval_dtor(free_op1.var);
5900
5901 ZEND_VM_NEXT_OPCODE();
5902 }
5903
ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5904 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5905 {
5906 zend_op *opline = EX(opline);
5907 zend_free_op free_op1;
5908 zval *result = &EX_T(opline->result.u.var).tmp_var;
5909
5910 compare_function(result,
5911 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5912 &opline->op2.u.constant TSRMLS_CC);
5913 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
5914 zval_dtor(free_op1.var);
5915
5916 ZEND_VM_NEXT_OPCODE();
5917 }
5918
ZEND_BW_OR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5919 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5920 {
5921 zend_op *opline = EX(opline);
5922 zend_free_op free_op1;
5923
5924 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
5925 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5926 &opline->op2.u.constant TSRMLS_CC);
5927 zval_dtor(free_op1.var);
5928
5929 ZEND_VM_NEXT_OPCODE();
5930 }
5931
ZEND_BW_AND_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5932 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5933 {
5934 zend_op *opline = EX(opline);
5935 zend_free_op free_op1;
5936
5937 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
5938 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5939 &opline->op2.u.constant TSRMLS_CC);
5940 zval_dtor(free_op1.var);
5941
5942 ZEND_VM_NEXT_OPCODE();
5943 }
5944
ZEND_BW_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5945 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5946 {
5947 zend_op *opline = EX(opline);
5948 zend_free_op free_op1;
5949
5950 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
5951 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5952 &opline->op2.u.constant TSRMLS_CC);
5953 zval_dtor(free_op1.var);
5954
5955 ZEND_VM_NEXT_OPCODE();
5956 }
5957
ZEND_BOOL_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5958 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5959 {
5960 zend_op *opline = EX(opline);
5961 zend_free_op free_op1;
5962
5963 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
5964 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
5965 &opline->op2.u.constant TSRMLS_CC);
5966 zval_dtor(free_op1.var);
5967
5968 ZEND_VM_NEXT_OPCODE();
5969 }
5970
ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5971 static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5972 {
5973 zend_op *opline = EX(opline);
5974 zend_free_op free_op1;
5975 zval *container = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
5976
5977 if (Z_TYPE_P(container) != IS_ARRAY) {
5978 if (!RETURN_VALUE_UNUSED(&opline->result)) {
5979 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
5980 PZVAL_LOCK(EG(uninitialized_zval_ptr));
5981 }
5982 } else {
5983
5984 zval *dim = &opline->op2.u.constant;
5985
5986 AI_SET_PTR(EX_T(opline->result.u.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, BP_VAR_R TSRMLS_CC));
5987 SELECTIVE_PZVAL_LOCK(EX_T(opline->result.u.var).var.ptr, &opline->result);
5988
5989 }
5990 ZEND_VM_NEXT_OPCODE();
5991 }
5992
ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)5993 static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
5994 {
5995 zend_op *opline = EX(opline);
5996 zval *str = &EX_T(opline->result.u.var).tmp_var;
5997
5998 if (IS_TMP_VAR == IS_UNUSED) {
5999 /* Initialize for erealloc in add_char_to_string */
6000 Z_STRVAL_P(str) = NULL;
6001 Z_STRLEN_P(str) = 0;
6002 Z_TYPE_P(str) = IS_STRING;
6003
6004 INIT_PZVAL(str);
6005 }
6006
6007 add_char_to_string(str, str, &opline->op2.u.constant);
6008
6009 /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */
6010 ZEND_VM_NEXT_OPCODE();
6011 }
6012
ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6013 static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6014 {
6015 zend_op *opline = EX(opline);
6016 zval *str = &EX_T(opline->result.u.var).tmp_var;
6017
6018 if (IS_TMP_VAR == IS_UNUSED) {
6019 /* Initialize for erealloc in add_string_to_string */
6020 Z_STRVAL_P(str) = NULL;
6021 Z_STRLEN_P(str) = 0;
6022 Z_TYPE_P(str) = IS_STRING;
6023
6024 INIT_PZVAL(str);
6025 }
6026
6027 add_string_to_string(str, str, &opline->op2.u.constant);
6028
6029 /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */
6030 ZEND_VM_NEXT_OPCODE();
6031 }
6032
ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6033 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6034 {
6035 zend_op *opline = EX(opline);
6036 zval *function_name;
6037 char *function_name_strval;
6038 int function_name_strlen;
6039 zend_free_op free_op1;
6040
6041 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
6042
6043 function_name = &opline->op2.u.constant;
6044
6045 if (Z_TYPE_P(function_name)!=IS_STRING) {
6046 zend_error_noreturn(E_ERROR, "Method name must be a string");
6047 }
6048
6049 function_name_strval = Z_STRVAL_P(function_name);
6050 function_name_strlen = Z_STRLEN_P(function_name);
6051
6052 EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6053
6054 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
6055 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
6056 zend_error_noreturn(E_ERROR, "Object does not support method calls");
6057 }
6058
6059 /* First, locate the function. */
6060 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
6061 if (!EX(fbc)) {
6062 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
6063 }
6064
6065 EX(called_scope) = Z_OBJCE_P(EX(object));
6066 } else {
6067 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
6068 }
6069
6070 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
6071 EX(object) = NULL;
6072 } else {
6073 if (!PZVAL_IS_REF(EX(object))) {
6074 Z_ADDREF_P(EX(object)); /* For $this pointer */
6075 } else {
6076 zval *this_ptr;
6077 ALLOC_ZVAL(this_ptr);
6078 INIT_PZVAL_COPY(this_ptr, EX(object));
6079 zval_copy_ctor(this_ptr);
6080 EX(object) = this_ptr;
6081 }
6082 }
6083
6084
6085 ZEND_VM_NEXT_OPCODE();
6086 }
6087
ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6088 static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6089 {
6090 zend_op *opline = EX(opline);
6091 int switch_expr_is_overloaded=0;
6092 zend_free_op free_op1;
6093
6094 if (IS_TMP_VAR==IS_VAR) {
6095 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
6096 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
6097 } else {
6098 switch_expr_is_overloaded = 1;
6099 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
6100 }
6101 }
6102 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
6103 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6104 &opline->op2.u.constant TSRMLS_CC);
6105
6106 if (switch_expr_is_overloaded) {
6107 /* We only free op1 if this is a string offset,
6108 * Since if it is a TMP_VAR, it'll be reused by
6109 * other CASE opcodes (whereas string offsets
6110 * are allocated at each get_zval_ptr())
6111 */
6112 zval_dtor(free_op1.var);
6113 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
6114 EX_T(opline->op1.u.var).var.ptr = NULL;
6115 }
6116 ZEND_VM_NEXT_OPCODE();
6117 }
6118
ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6119 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6120 {
6121 zend_op *opline = EX(opline);
6122 zend_free_op free_op1;
6123 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
6124 zval *expr_ptr;
6125 zval *offset=&opline->op2.u.constant;
6126
6127 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
6128 zval **expr_ptr_ptr = NULL;
6129
6130 if (opline->extended_value) {
6131 expr_ptr_ptr=NULL;
6132 expr_ptr = *expr_ptr_ptr;
6133 } else {
6134 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6135 }
6136 #else
6137 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6138 #endif
6139
6140 if (1) { /* temporary variable */
6141 zval *new_expr;
6142
6143 ALLOC_ZVAL(new_expr);
6144 INIT_PZVAL_COPY(new_expr, expr_ptr);
6145 expr_ptr = new_expr;
6146 } else {
6147 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
6148 if (opline->extended_value) {
6149 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
6150 expr_ptr = *expr_ptr_ptr;
6151 Z_ADDREF_P(expr_ptr);
6152 } else
6153 #endif
6154 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
6155 zval *new_expr;
6156
6157 ALLOC_ZVAL(new_expr);
6158 INIT_PZVAL_COPY(new_expr, expr_ptr);
6159 expr_ptr = new_expr;
6160 zendi_zval_copy_ctor(*expr_ptr);
6161 } else {
6162 Z_ADDREF_P(expr_ptr);
6163 }
6164 }
6165 if (offset) {
6166 switch (Z_TYPE_P(offset)) {
6167 case IS_DOUBLE:
6168 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
6169 break;
6170 case IS_LONG:
6171 case IS_BOOL:
6172 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
6173 break;
6174 case IS_STRING:
6175 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
6176 break;
6177 case IS_NULL:
6178 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
6179 break;
6180 default:
6181 zend_error(E_WARNING, "Illegal offset type");
6182 zval_ptr_dtor(&expr_ptr);
6183 /* do nothing */
6184 break;
6185 }
6186
6187 } else {
6188 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
6189 }
6190 if (opline->extended_value) {
6191
6192 } else {
6193
6194 }
6195 ZEND_VM_NEXT_OPCODE();
6196 }
6197
ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6198 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6199 {
6200 zend_op *opline = EX(opline);
6201
6202 array_init(&EX_T(opline->result.u.var).tmp_var);
6203 if (IS_TMP_VAR == IS_UNUSED) {
6204 ZEND_VM_NEXT_OPCODE();
6205 #if 0 || IS_TMP_VAR != IS_UNUSED
6206 } else {
6207 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
6208 #endif
6209 }
6210 }
6211
ZEND_ADD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6212 static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6213 {
6214 zend_op *opline = EX(opline);
6215 zend_free_op free_op1, free_op2;
6216
6217 add_function(&EX_T(opline->result.u.var).tmp_var,
6218 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6219 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6220 zval_dtor(free_op1.var);
6221 zval_dtor(free_op2.var);
6222 ZEND_VM_NEXT_OPCODE();
6223 }
6224
ZEND_SUB_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6225 static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6226 {
6227 zend_op *opline = EX(opline);
6228 zend_free_op free_op1, free_op2;
6229
6230 sub_function(&EX_T(opline->result.u.var).tmp_var,
6231 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6232 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6233 zval_dtor(free_op1.var);
6234 zval_dtor(free_op2.var);
6235 ZEND_VM_NEXT_OPCODE();
6236 }
6237
ZEND_MUL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6238 static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6239 {
6240 zend_op *opline = EX(opline);
6241 zend_free_op free_op1, free_op2;
6242
6243 mul_function(&EX_T(opline->result.u.var).tmp_var,
6244 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6245 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6246 zval_dtor(free_op1.var);
6247 zval_dtor(free_op2.var);
6248 ZEND_VM_NEXT_OPCODE();
6249 }
6250
ZEND_DIV_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6251 static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6252 {
6253 zend_op *opline = EX(opline);
6254 zend_free_op free_op1, free_op2;
6255
6256 div_function(&EX_T(opline->result.u.var).tmp_var,
6257 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6258 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6259 zval_dtor(free_op1.var);
6260 zval_dtor(free_op2.var);
6261 ZEND_VM_NEXT_OPCODE();
6262 }
6263
ZEND_MOD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6264 static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6265 {
6266 zend_op *opline = EX(opline);
6267 zend_free_op free_op1, free_op2;
6268
6269 mod_function(&EX_T(opline->result.u.var).tmp_var,
6270 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6271 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6272 zval_dtor(free_op1.var);
6273 zval_dtor(free_op2.var);
6274 ZEND_VM_NEXT_OPCODE();
6275 }
6276
ZEND_SL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6277 static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6278 {
6279 zend_op *opline = EX(opline);
6280 zend_free_op free_op1, free_op2;
6281
6282 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
6283 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6284 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6285 zval_dtor(free_op1.var);
6286 zval_dtor(free_op2.var);
6287 ZEND_VM_NEXT_OPCODE();
6288 }
6289
ZEND_SR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6290 static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6291 {
6292 zend_op *opline = EX(opline);
6293 zend_free_op free_op1, free_op2;
6294
6295 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
6296 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6297 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6298 zval_dtor(free_op1.var);
6299 zval_dtor(free_op2.var);
6300 ZEND_VM_NEXT_OPCODE();
6301 }
6302
ZEND_CONCAT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6303 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6304 {
6305 zend_op *opline = EX(opline);
6306 zend_free_op free_op1, free_op2;
6307
6308 concat_function(&EX_T(opline->result.u.var).tmp_var,
6309 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6310 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6311 zval_dtor(free_op1.var);
6312 zval_dtor(free_op2.var);
6313 ZEND_VM_NEXT_OPCODE();
6314 }
6315
ZEND_IS_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6316 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6317 {
6318 zend_op *opline = EX(opline);
6319 zend_free_op free_op1, free_op2;
6320
6321 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
6322 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6323 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6324 zval_dtor(free_op1.var);
6325 zval_dtor(free_op2.var);
6326 ZEND_VM_NEXT_OPCODE();
6327 }
6328
ZEND_IS_NOT_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6329 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6330 {
6331 zend_op *opline = EX(opline);
6332 zend_free_op free_op1, free_op2;
6333 zval *result = &EX_T(opline->result.u.var).tmp_var;
6334
6335 is_identical_function(result,
6336 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6337 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6338 Z_LVAL_P(result) = !Z_LVAL_P(result);
6339 zval_dtor(free_op1.var);
6340 zval_dtor(free_op2.var);
6341 ZEND_VM_NEXT_OPCODE();
6342 }
6343
ZEND_IS_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6344 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6345 {
6346 zend_op *opline = EX(opline);
6347 zend_free_op free_op1, free_op2;
6348 zval *result = &EX_T(opline->result.u.var).tmp_var;
6349
6350 compare_function(result,
6351 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6352 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6353 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
6354 zval_dtor(free_op1.var);
6355 zval_dtor(free_op2.var);
6356 ZEND_VM_NEXT_OPCODE();
6357 }
6358
ZEND_IS_NOT_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6359 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6360 {
6361 zend_op *opline = EX(opline);
6362 zend_free_op free_op1, free_op2;
6363 zval *result = &EX_T(opline->result.u.var).tmp_var;
6364
6365 compare_function(result,
6366 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6367 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6368 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
6369 zval_dtor(free_op1.var);
6370 zval_dtor(free_op2.var);
6371 ZEND_VM_NEXT_OPCODE();
6372 }
6373
ZEND_IS_SMALLER_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6374 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6375 {
6376 zend_op *opline = EX(opline);
6377 zend_free_op free_op1, free_op2;
6378 zval *result = &EX_T(opline->result.u.var).tmp_var;
6379
6380 compare_function(result,
6381 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6382 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6383 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
6384 zval_dtor(free_op1.var);
6385 zval_dtor(free_op2.var);
6386 ZEND_VM_NEXT_OPCODE();
6387 }
6388
ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6389 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6390 {
6391 zend_op *opline = EX(opline);
6392 zend_free_op free_op1, free_op2;
6393 zval *result = &EX_T(opline->result.u.var).tmp_var;
6394
6395 compare_function(result,
6396 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6397 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6398 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
6399 zval_dtor(free_op1.var);
6400 zval_dtor(free_op2.var);
6401 ZEND_VM_NEXT_OPCODE();
6402 }
6403
ZEND_BW_OR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6404 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6405 {
6406 zend_op *opline = EX(opline);
6407 zend_free_op free_op1, free_op2;
6408
6409 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
6410 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6411 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6412 zval_dtor(free_op1.var);
6413 zval_dtor(free_op2.var);
6414 ZEND_VM_NEXT_OPCODE();
6415 }
6416
ZEND_BW_AND_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6417 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6418 {
6419 zend_op *opline = EX(opline);
6420 zend_free_op free_op1, free_op2;
6421
6422 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
6423 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6424 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6425 zval_dtor(free_op1.var);
6426 zval_dtor(free_op2.var);
6427 ZEND_VM_NEXT_OPCODE();
6428 }
6429
ZEND_BW_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6430 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6431 {
6432 zend_op *opline = EX(opline);
6433 zend_free_op free_op1, free_op2;
6434
6435 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
6436 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6437 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6438 zval_dtor(free_op1.var);
6439 zval_dtor(free_op2.var);
6440 ZEND_VM_NEXT_OPCODE();
6441 }
6442
ZEND_BOOL_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6443 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6444 {
6445 zend_op *opline = EX(opline);
6446 zend_free_op free_op1, free_op2;
6447
6448 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
6449 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6450 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6451 zval_dtor(free_op1.var);
6452 zval_dtor(free_op2.var);
6453 ZEND_VM_NEXT_OPCODE();
6454 }
6455
ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6456 static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6457 {
6458 zend_op *opline = EX(opline);
6459 zend_free_op free_op2;
6460 zval *str = &EX_T(opline->result.u.var).tmp_var;
6461 zval *var = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
6462 zval var_copy;
6463 int use_copy = 0;
6464
6465 if (IS_TMP_VAR == IS_UNUSED) {
6466 /* Initialize for erealloc in add_string_to_string */
6467 Z_STRVAL_P(str) = NULL;
6468 Z_STRLEN_P(str) = 0;
6469 Z_TYPE_P(str) = IS_STRING;
6470
6471 INIT_PZVAL(str);
6472 }
6473
6474 if (Z_TYPE_P(var) != IS_STRING) {
6475 zend_make_printable_zval(var, &var_copy, &use_copy);
6476
6477 if (use_copy) {
6478 var = &var_copy;
6479 }
6480 }
6481 add_string_to_string(str, str, var);
6482
6483 if (use_copy) {
6484 zval_dtor(var);
6485 }
6486 /* original comment, possibly problematic:
6487 * FREE_OP is missing intentionally here - we're always working on the same temporary variable
6488 * (Zeev): I don't think it's problematic, we only use variables
6489 * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
6490 * string offsets or overloaded objects
6491 */
6492 zval_dtor(free_op2.var);
6493
6494 ZEND_VM_NEXT_OPCODE();
6495 }
6496
ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6497 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6498 {
6499 zend_op *opline = EX(opline);
6500 zval *function_name;
6501 char *function_name_strval;
6502 int function_name_strlen;
6503 zend_free_op free_op1, free_op2;
6504
6505 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
6506
6507 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
6508
6509 if (Z_TYPE_P(function_name)!=IS_STRING) {
6510 zend_error_noreturn(E_ERROR, "Method name must be a string");
6511 }
6512
6513 function_name_strval = Z_STRVAL_P(function_name);
6514 function_name_strlen = Z_STRLEN_P(function_name);
6515
6516 EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6517
6518 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
6519 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
6520 zend_error_noreturn(E_ERROR, "Object does not support method calls");
6521 }
6522
6523 /* First, locate the function. */
6524 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
6525 if (!EX(fbc)) {
6526 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
6527 }
6528
6529 EX(called_scope) = Z_OBJCE_P(EX(object));
6530 } else {
6531 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
6532 }
6533
6534 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
6535 EX(object) = NULL;
6536 } else {
6537 if (!PZVAL_IS_REF(EX(object))) {
6538 Z_ADDREF_P(EX(object)); /* For $this pointer */
6539 } else {
6540 zval *this_ptr;
6541 ALLOC_ZVAL(this_ptr);
6542 INIT_PZVAL_COPY(this_ptr, EX(object));
6543 zval_copy_ctor(this_ptr);
6544 EX(object) = this_ptr;
6545 }
6546 }
6547
6548 zval_dtor(free_op2.var);
6549
6550 ZEND_VM_NEXT_OPCODE();
6551 }
6552
ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6553 static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6554 {
6555 zend_op *opline = EX(opline);
6556 int switch_expr_is_overloaded=0;
6557 zend_free_op free_op1, free_op2;
6558
6559 if (IS_TMP_VAR==IS_VAR) {
6560 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
6561 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
6562 } else {
6563 switch_expr_is_overloaded = 1;
6564 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
6565 }
6566 }
6567 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
6568 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6569 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6570
6571 zval_dtor(free_op2.var);
6572 if (switch_expr_is_overloaded) {
6573 /* We only free op1 if this is a string offset,
6574 * Since if it is a TMP_VAR, it'll be reused by
6575 * other CASE opcodes (whereas string offsets
6576 * are allocated at each get_zval_ptr())
6577 */
6578 zval_dtor(free_op1.var);
6579 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
6580 EX_T(opline->op1.u.var).var.ptr = NULL;
6581 }
6582 ZEND_VM_NEXT_OPCODE();
6583 }
6584
ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6585 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6586 {
6587 zend_op *opline = EX(opline);
6588 zend_free_op free_op1, free_op2;
6589 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
6590 zval *expr_ptr;
6591 zval *offset=_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
6592
6593 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
6594 zval **expr_ptr_ptr = NULL;
6595
6596 if (opline->extended_value) {
6597 expr_ptr_ptr=NULL;
6598 expr_ptr = *expr_ptr_ptr;
6599 } else {
6600 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6601 }
6602 #else
6603 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6604 #endif
6605
6606 if (1) { /* temporary variable */
6607 zval *new_expr;
6608
6609 ALLOC_ZVAL(new_expr);
6610 INIT_PZVAL_COPY(new_expr, expr_ptr);
6611 expr_ptr = new_expr;
6612 } else {
6613 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
6614 if (opline->extended_value) {
6615 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
6616 expr_ptr = *expr_ptr_ptr;
6617 Z_ADDREF_P(expr_ptr);
6618 } else
6619 #endif
6620 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
6621 zval *new_expr;
6622
6623 ALLOC_ZVAL(new_expr);
6624 INIT_PZVAL_COPY(new_expr, expr_ptr);
6625 expr_ptr = new_expr;
6626 zendi_zval_copy_ctor(*expr_ptr);
6627 } else {
6628 Z_ADDREF_P(expr_ptr);
6629 }
6630 }
6631 if (offset) {
6632 switch (Z_TYPE_P(offset)) {
6633 case IS_DOUBLE:
6634 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
6635 break;
6636 case IS_LONG:
6637 case IS_BOOL:
6638 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
6639 break;
6640 case IS_STRING:
6641 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
6642 break;
6643 case IS_NULL:
6644 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
6645 break;
6646 default:
6647 zend_error(E_WARNING, "Illegal offset type");
6648 zval_ptr_dtor(&expr_ptr);
6649 /* do nothing */
6650 break;
6651 }
6652 zval_dtor(free_op2.var);
6653 } else {
6654 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
6655 }
6656 if (opline->extended_value) {
6657
6658 } else {
6659
6660 }
6661 ZEND_VM_NEXT_OPCODE();
6662 }
6663
ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6664 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6665 {
6666 zend_op *opline = EX(opline);
6667
6668 array_init(&EX_T(opline->result.u.var).tmp_var);
6669 if (IS_TMP_VAR == IS_UNUSED) {
6670 ZEND_VM_NEXT_OPCODE();
6671 #if 0 || IS_TMP_VAR != IS_UNUSED
6672 } else {
6673 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
6674 #endif
6675 }
6676 }
6677
ZEND_ADD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6678 static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6679 {
6680 zend_op *opline = EX(opline);
6681 zend_free_op free_op1, free_op2;
6682
6683 add_function(&EX_T(opline->result.u.var).tmp_var,
6684 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6685 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6686 zval_dtor(free_op1.var);
6687 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6688 ZEND_VM_NEXT_OPCODE();
6689 }
6690
ZEND_SUB_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6691 static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6692 {
6693 zend_op *opline = EX(opline);
6694 zend_free_op free_op1, free_op2;
6695
6696 sub_function(&EX_T(opline->result.u.var).tmp_var,
6697 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6698 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6699 zval_dtor(free_op1.var);
6700 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6701 ZEND_VM_NEXT_OPCODE();
6702 }
6703
ZEND_MUL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6704 static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6705 {
6706 zend_op *opline = EX(opline);
6707 zend_free_op free_op1, free_op2;
6708
6709 mul_function(&EX_T(opline->result.u.var).tmp_var,
6710 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6711 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6712 zval_dtor(free_op1.var);
6713 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6714 ZEND_VM_NEXT_OPCODE();
6715 }
6716
ZEND_DIV_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6717 static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6718 {
6719 zend_op *opline = EX(opline);
6720 zend_free_op free_op1, free_op2;
6721
6722 div_function(&EX_T(opline->result.u.var).tmp_var,
6723 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6724 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6725 zval_dtor(free_op1.var);
6726 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6727 ZEND_VM_NEXT_OPCODE();
6728 }
6729
ZEND_MOD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6730 static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6731 {
6732 zend_op *opline = EX(opline);
6733 zend_free_op free_op1, free_op2;
6734
6735 mod_function(&EX_T(opline->result.u.var).tmp_var,
6736 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6737 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6738 zval_dtor(free_op1.var);
6739 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6740 ZEND_VM_NEXT_OPCODE();
6741 }
6742
ZEND_SL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6743 static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6744 {
6745 zend_op *opline = EX(opline);
6746 zend_free_op free_op1, free_op2;
6747
6748 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
6749 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6750 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6751 zval_dtor(free_op1.var);
6752 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6753 ZEND_VM_NEXT_OPCODE();
6754 }
6755
ZEND_SR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6756 static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6757 {
6758 zend_op *opline = EX(opline);
6759 zend_free_op free_op1, free_op2;
6760
6761 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
6762 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6763 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6764 zval_dtor(free_op1.var);
6765 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6766 ZEND_VM_NEXT_OPCODE();
6767 }
6768
ZEND_CONCAT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6769 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6770 {
6771 zend_op *opline = EX(opline);
6772 zend_free_op free_op1, free_op2;
6773
6774 concat_function(&EX_T(opline->result.u.var).tmp_var,
6775 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6776 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6777 zval_dtor(free_op1.var);
6778 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6779 ZEND_VM_NEXT_OPCODE();
6780 }
6781
ZEND_IS_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6782 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6783 {
6784 zend_op *opline = EX(opline);
6785 zend_free_op free_op1, free_op2;
6786
6787 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
6788 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6789 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6790 zval_dtor(free_op1.var);
6791 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6792 ZEND_VM_NEXT_OPCODE();
6793 }
6794
ZEND_IS_NOT_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6795 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6796 {
6797 zend_op *opline = EX(opline);
6798 zend_free_op free_op1, free_op2;
6799 zval *result = &EX_T(opline->result.u.var).tmp_var;
6800
6801 is_identical_function(result,
6802 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6803 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6804 Z_LVAL_P(result) = !Z_LVAL_P(result);
6805 zval_dtor(free_op1.var);
6806 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6807 ZEND_VM_NEXT_OPCODE();
6808 }
6809
ZEND_IS_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6810 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6811 {
6812 zend_op *opline = EX(opline);
6813 zend_free_op free_op1, free_op2;
6814 zval *result = &EX_T(opline->result.u.var).tmp_var;
6815
6816 compare_function(result,
6817 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6818 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6819 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
6820 zval_dtor(free_op1.var);
6821 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6822 ZEND_VM_NEXT_OPCODE();
6823 }
6824
ZEND_IS_NOT_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6825 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6826 {
6827 zend_op *opline = EX(opline);
6828 zend_free_op free_op1, free_op2;
6829 zval *result = &EX_T(opline->result.u.var).tmp_var;
6830
6831 compare_function(result,
6832 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6833 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6834 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
6835 zval_dtor(free_op1.var);
6836 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6837 ZEND_VM_NEXT_OPCODE();
6838 }
6839
ZEND_IS_SMALLER_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6840 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6841 {
6842 zend_op *opline = EX(opline);
6843 zend_free_op free_op1, free_op2;
6844 zval *result = &EX_T(opline->result.u.var).tmp_var;
6845
6846 compare_function(result,
6847 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6848 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6849 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
6850 zval_dtor(free_op1.var);
6851 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6852 ZEND_VM_NEXT_OPCODE();
6853 }
6854
ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6855 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6856 {
6857 zend_op *opline = EX(opline);
6858 zend_free_op free_op1, free_op2;
6859 zval *result = &EX_T(opline->result.u.var).tmp_var;
6860
6861 compare_function(result,
6862 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6863 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6864 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
6865 zval_dtor(free_op1.var);
6866 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6867 ZEND_VM_NEXT_OPCODE();
6868 }
6869
ZEND_BW_OR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6870 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6871 {
6872 zend_op *opline = EX(opline);
6873 zend_free_op free_op1, free_op2;
6874
6875 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
6876 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6877 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6878 zval_dtor(free_op1.var);
6879 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6880 ZEND_VM_NEXT_OPCODE();
6881 }
6882
ZEND_BW_AND_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6883 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6884 {
6885 zend_op *opline = EX(opline);
6886 zend_free_op free_op1, free_op2;
6887
6888 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
6889 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6890 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6891 zval_dtor(free_op1.var);
6892 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6893 ZEND_VM_NEXT_OPCODE();
6894 }
6895
ZEND_BW_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6896 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6897 {
6898 zend_op *opline = EX(opline);
6899 zend_free_op free_op1, free_op2;
6900
6901 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
6902 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6903 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6904 zval_dtor(free_op1.var);
6905 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6906 ZEND_VM_NEXT_OPCODE();
6907 }
6908
ZEND_BOOL_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6909 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6910 {
6911 zend_op *opline = EX(opline);
6912 zend_free_op free_op1, free_op2;
6913
6914 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
6915 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
6916 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
6917 zval_dtor(free_op1.var);
6918 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6919 ZEND_VM_NEXT_OPCODE();
6920 }
6921
ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6922 static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6923 {
6924 zend_op *opline = EX(opline);
6925 zend_free_op free_op2;
6926 zval *str = &EX_T(opline->result.u.var).tmp_var;
6927 zval *var = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
6928 zval var_copy;
6929 int use_copy = 0;
6930
6931 if (IS_TMP_VAR == IS_UNUSED) {
6932 /* Initialize for erealloc in add_string_to_string */
6933 Z_STRVAL_P(str) = NULL;
6934 Z_STRLEN_P(str) = 0;
6935 Z_TYPE_P(str) = IS_STRING;
6936
6937 INIT_PZVAL(str);
6938 }
6939
6940 if (Z_TYPE_P(var) != IS_STRING) {
6941 zend_make_printable_zval(var, &var_copy, &use_copy);
6942
6943 if (use_copy) {
6944 var = &var_copy;
6945 }
6946 }
6947 add_string_to_string(str, str, var);
6948
6949 if (use_copy) {
6950 zval_dtor(var);
6951 }
6952 /* original comment, possibly problematic:
6953 * FREE_OP is missing intentionally here - we're always working on the same temporary variable
6954 * (Zeev): I don't think it's problematic, we only use variables
6955 * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
6956 * string offsets or overloaded objects
6957 */
6958 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
6959
6960 ZEND_VM_NEXT_OPCODE();
6961 }
6962
ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)6963 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
6964 {
6965 zend_op *opline = EX(opline);
6966 zval *function_name;
6967 char *function_name_strval;
6968 int function_name_strlen;
6969 zend_free_op free_op1, free_op2;
6970
6971 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
6972
6973 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
6974
6975 if (Z_TYPE_P(function_name)!=IS_STRING) {
6976 zend_error_noreturn(E_ERROR, "Method name must be a string");
6977 }
6978
6979 function_name_strval = Z_STRVAL_P(function_name);
6980 function_name_strlen = Z_STRLEN_P(function_name);
6981
6982 EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
6983
6984 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
6985 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
6986 zend_error_noreturn(E_ERROR, "Object does not support method calls");
6987 }
6988
6989 /* First, locate the function. */
6990 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
6991 if (!EX(fbc)) {
6992 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
6993 }
6994
6995 EX(called_scope) = Z_OBJCE_P(EX(object));
6996 } else {
6997 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
6998 }
6999
7000 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
7001 EX(object) = NULL;
7002 } else {
7003 if (!PZVAL_IS_REF(EX(object))) {
7004 Z_ADDREF_P(EX(object)); /* For $this pointer */
7005 } else {
7006 zval *this_ptr;
7007 ALLOC_ZVAL(this_ptr);
7008 INIT_PZVAL_COPY(this_ptr, EX(object));
7009 zval_copy_ctor(this_ptr);
7010 EX(object) = this_ptr;
7011 }
7012 }
7013
7014 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
7015
7016 ZEND_VM_NEXT_OPCODE();
7017 }
7018
ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7019 static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7020 {
7021 zend_op *opline = EX(opline);
7022 int switch_expr_is_overloaded=0;
7023 zend_free_op free_op1, free_op2;
7024
7025 if (IS_TMP_VAR==IS_VAR) {
7026 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
7027 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
7028 } else {
7029 switch_expr_is_overloaded = 1;
7030 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
7031 }
7032 }
7033 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
7034 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7035 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
7036
7037 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
7038 if (switch_expr_is_overloaded) {
7039 /* We only free op1 if this is a string offset,
7040 * Since if it is a TMP_VAR, it'll be reused by
7041 * other CASE opcodes (whereas string offsets
7042 * are allocated at each get_zval_ptr())
7043 */
7044 zval_dtor(free_op1.var);
7045 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
7046 EX_T(opline->op1.u.var).var.ptr = NULL;
7047 }
7048 ZEND_VM_NEXT_OPCODE();
7049 }
7050
ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7051 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7052 {
7053 zend_op *opline = EX(opline);
7054 zend_free_op free_op1, free_op2;
7055 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
7056 zval *expr_ptr;
7057 zval *offset=_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
7058
7059 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
7060 zval **expr_ptr_ptr = NULL;
7061
7062 if (opline->extended_value) {
7063 expr_ptr_ptr=NULL;
7064 expr_ptr = *expr_ptr_ptr;
7065 } else {
7066 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7067 }
7068 #else
7069 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7070 #endif
7071
7072 if (1) { /* temporary variable */
7073 zval *new_expr;
7074
7075 ALLOC_ZVAL(new_expr);
7076 INIT_PZVAL_COPY(new_expr, expr_ptr);
7077 expr_ptr = new_expr;
7078 } else {
7079 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
7080 if (opline->extended_value) {
7081 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
7082 expr_ptr = *expr_ptr_ptr;
7083 Z_ADDREF_P(expr_ptr);
7084 } else
7085 #endif
7086 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
7087 zval *new_expr;
7088
7089 ALLOC_ZVAL(new_expr);
7090 INIT_PZVAL_COPY(new_expr, expr_ptr);
7091 expr_ptr = new_expr;
7092 zendi_zval_copy_ctor(*expr_ptr);
7093 } else {
7094 Z_ADDREF_P(expr_ptr);
7095 }
7096 }
7097 if (offset) {
7098 switch (Z_TYPE_P(offset)) {
7099 case IS_DOUBLE:
7100 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
7101 break;
7102 case IS_LONG:
7103 case IS_BOOL:
7104 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
7105 break;
7106 case IS_STRING:
7107 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
7108 break;
7109 case IS_NULL:
7110 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
7111 break;
7112 default:
7113 zend_error(E_WARNING, "Illegal offset type");
7114 zval_ptr_dtor(&expr_ptr);
7115 /* do nothing */
7116 break;
7117 }
7118 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
7119 } else {
7120 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
7121 }
7122 if (opline->extended_value) {
7123
7124 } else {
7125
7126 }
7127 ZEND_VM_NEXT_OPCODE();
7128 }
7129
ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7130 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7131 {
7132 zend_op *opline = EX(opline);
7133
7134 array_init(&EX_T(opline->result.u.var).tmp_var);
7135 if (IS_TMP_VAR == IS_UNUSED) {
7136 ZEND_VM_NEXT_OPCODE();
7137 #if 0 || IS_TMP_VAR != IS_UNUSED
7138 } else {
7139 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
7140 #endif
7141 }
7142 }
7143
ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7144 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7145 {
7146 zend_op *opline = EX(opline);
7147 zend_free_op free_op1;
7148 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
7149 zval *expr_ptr;
7150 zval *offset=NULL;
7151
7152 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
7153 zval **expr_ptr_ptr = NULL;
7154
7155 if (opline->extended_value) {
7156 expr_ptr_ptr=NULL;
7157 expr_ptr = *expr_ptr_ptr;
7158 } else {
7159 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7160 }
7161 #else
7162 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7163 #endif
7164
7165 if (1) { /* temporary variable */
7166 zval *new_expr;
7167
7168 ALLOC_ZVAL(new_expr);
7169 INIT_PZVAL_COPY(new_expr, expr_ptr);
7170 expr_ptr = new_expr;
7171 } else {
7172 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
7173 if (opline->extended_value) {
7174 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
7175 expr_ptr = *expr_ptr_ptr;
7176 Z_ADDREF_P(expr_ptr);
7177 } else
7178 #endif
7179 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
7180 zval *new_expr;
7181
7182 ALLOC_ZVAL(new_expr);
7183 INIT_PZVAL_COPY(new_expr, expr_ptr);
7184 expr_ptr = new_expr;
7185 zendi_zval_copy_ctor(*expr_ptr);
7186 } else {
7187 Z_ADDREF_P(expr_ptr);
7188 }
7189 }
7190 if (offset) {
7191 switch (Z_TYPE_P(offset)) {
7192 case IS_DOUBLE:
7193 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
7194 break;
7195 case IS_LONG:
7196 case IS_BOOL:
7197 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
7198 break;
7199 case IS_STRING:
7200 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
7201 break;
7202 case IS_NULL:
7203 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
7204 break;
7205 default:
7206 zend_error(E_WARNING, "Illegal offset type");
7207 zval_ptr_dtor(&expr_ptr);
7208 /* do nothing */
7209 break;
7210 }
7211
7212 } else {
7213 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
7214 }
7215 if (opline->extended_value) {
7216
7217 } else {
7218
7219 }
7220 ZEND_VM_NEXT_OPCODE();
7221 }
7222
ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7223 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7224 {
7225 zend_op *opline = EX(opline);
7226
7227 array_init(&EX_T(opline->result.u.var).tmp_var);
7228 if (IS_TMP_VAR == IS_UNUSED) {
7229 ZEND_VM_NEXT_OPCODE();
7230 #if 0 || IS_TMP_VAR != IS_UNUSED
7231 } else {
7232 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
7233 #endif
7234 }
7235 }
7236
ZEND_ADD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7237 static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7238 {
7239 zend_op *opline = EX(opline);
7240 zend_free_op free_op1;
7241
7242 add_function(&EX_T(opline->result.u.var).tmp_var,
7243 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7244 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7245 zval_dtor(free_op1.var);
7246
7247 ZEND_VM_NEXT_OPCODE();
7248 }
7249
ZEND_SUB_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7250 static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7251 {
7252 zend_op *opline = EX(opline);
7253 zend_free_op free_op1;
7254
7255 sub_function(&EX_T(opline->result.u.var).tmp_var,
7256 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7257 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7258 zval_dtor(free_op1.var);
7259
7260 ZEND_VM_NEXT_OPCODE();
7261 }
7262
ZEND_MUL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7263 static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7264 {
7265 zend_op *opline = EX(opline);
7266 zend_free_op free_op1;
7267
7268 mul_function(&EX_T(opline->result.u.var).tmp_var,
7269 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7270 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7271 zval_dtor(free_op1.var);
7272
7273 ZEND_VM_NEXT_OPCODE();
7274 }
7275
ZEND_DIV_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7276 static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7277 {
7278 zend_op *opline = EX(opline);
7279 zend_free_op free_op1;
7280
7281 div_function(&EX_T(opline->result.u.var).tmp_var,
7282 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7283 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7284 zval_dtor(free_op1.var);
7285
7286 ZEND_VM_NEXT_OPCODE();
7287 }
7288
ZEND_MOD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7289 static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7290 {
7291 zend_op *opline = EX(opline);
7292 zend_free_op free_op1;
7293
7294 mod_function(&EX_T(opline->result.u.var).tmp_var,
7295 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7296 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7297 zval_dtor(free_op1.var);
7298
7299 ZEND_VM_NEXT_OPCODE();
7300 }
7301
ZEND_SL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7302 static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7303 {
7304 zend_op *opline = EX(opline);
7305 zend_free_op free_op1;
7306
7307 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
7308 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7309 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7310 zval_dtor(free_op1.var);
7311
7312 ZEND_VM_NEXT_OPCODE();
7313 }
7314
ZEND_SR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7315 static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7316 {
7317 zend_op *opline = EX(opline);
7318 zend_free_op free_op1;
7319
7320 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
7321 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7322 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7323 zval_dtor(free_op1.var);
7324
7325 ZEND_VM_NEXT_OPCODE();
7326 }
7327
ZEND_CONCAT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7328 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7329 {
7330 zend_op *opline = EX(opline);
7331 zend_free_op free_op1;
7332
7333 concat_function(&EX_T(opline->result.u.var).tmp_var,
7334 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7335 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7336 zval_dtor(free_op1.var);
7337
7338 ZEND_VM_NEXT_OPCODE();
7339 }
7340
ZEND_IS_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7341 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7342 {
7343 zend_op *opline = EX(opline);
7344 zend_free_op free_op1;
7345
7346 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
7347 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7348 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7349 zval_dtor(free_op1.var);
7350
7351 ZEND_VM_NEXT_OPCODE();
7352 }
7353
ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7354 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7355 {
7356 zend_op *opline = EX(opline);
7357 zend_free_op free_op1;
7358 zval *result = &EX_T(opline->result.u.var).tmp_var;
7359
7360 is_identical_function(result,
7361 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7362 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7363 Z_LVAL_P(result) = !Z_LVAL_P(result);
7364 zval_dtor(free_op1.var);
7365
7366 ZEND_VM_NEXT_OPCODE();
7367 }
7368
ZEND_IS_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7369 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7370 {
7371 zend_op *opline = EX(opline);
7372 zend_free_op free_op1;
7373 zval *result = &EX_T(opline->result.u.var).tmp_var;
7374
7375 compare_function(result,
7376 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7377 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7378 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
7379 zval_dtor(free_op1.var);
7380
7381 ZEND_VM_NEXT_OPCODE();
7382 }
7383
ZEND_IS_NOT_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7384 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7385 {
7386 zend_op *opline = EX(opline);
7387 zend_free_op free_op1;
7388 zval *result = &EX_T(opline->result.u.var).tmp_var;
7389
7390 compare_function(result,
7391 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7392 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7393 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
7394 zval_dtor(free_op1.var);
7395
7396 ZEND_VM_NEXT_OPCODE();
7397 }
7398
ZEND_IS_SMALLER_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7399 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7400 {
7401 zend_op *opline = EX(opline);
7402 zend_free_op free_op1;
7403 zval *result = &EX_T(opline->result.u.var).tmp_var;
7404
7405 compare_function(result,
7406 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7407 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7408 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
7409 zval_dtor(free_op1.var);
7410
7411 ZEND_VM_NEXT_OPCODE();
7412 }
7413
ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7414 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7415 {
7416 zend_op *opline = EX(opline);
7417 zend_free_op free_op1;
7418 zval *result = &EX_T(opline->result.u.var).tmp_var;
7419
7420 compare_function(result,
7421 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7422 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7423 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
7424 zval_dtor(free_op1.var);
7425
7426 ZEND_VM_NEXT_OPCODE();
7427 }
7428
ZEND_BW_OR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7429 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7430 {
7431 zend_op *opline = EX(opline);
7432 zend_free_op free_op1;
7433
7434 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
7435 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7436 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7437 zval_dtor(free_op1.var);
7438
7439 ZEND_VM_NEXT_OPCODE();
7440 }
7441
ZEND_BW_AND_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7442 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7443 {
7444 zend_op *opline = EX(opline);
7445 zend_free_op free_op1;
7446
7447 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
7448 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7449 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7450 zval_dtor(free_op1.var);
7451
7452 ZEND_VM_NEXT_OPCODE();
7453 }
7454
ZEND_BW_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7455 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7456 {
7457 zend_op *opline = EX(opline);
7458 zend_free_op free_op1;
7459
7460 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
7461 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7462 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7463 zval_dtor(free_op1.var);
7464
7465 ZEND_VM_NEXT_OPCODE();
7466 }
7467
ZEND_BOOL_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7468 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7469 {
7470 zend_op *opline = EX(opline);
7471 zend_free_op free_op1;
7472
7473 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
7474 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7475 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7476 zval_dtor(free_op1.var);
7477
7478 ZEND_VM_NEXT_OPCODE();
7479 }
7480
ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7481 static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7482 {
7483 zend_op *opline = EX(opline);
7484
7485 zval *str = &EX_T(opline->result.u.var).tmp_var;
7486 zval *var = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
7487 zval var_copy;
7488 int use_copy = 0;
7489
7490 if (IS_TMP_VAR == IS_UNUSED) {
7491 /* Initialize for erealloc in add_string_to_string */
7492 Z_STRVAL_P(str) = NULL;
7493 Z_STRLEN_P(str) = 0;
7494 Z_TYPE_P(str) = IS_STRING;
7495
7496 INIT_PZVAL(str);
7497 }
7498
7499 if (Z_TYPE_P(var) != IS_STRING) {
7500 zend_make_printable_zval(var, &var_copy, &use_copy);
7501
7502 if (use_copy) {
7503 var = &var_copy;
7504 }
7505 }
7506 add_string_to_string(str, str, var);
7507
7508 if (use_copy) {
7509 zval_dtor(var);
7510 }
7511 /* original comment, possibly problematic:
7512 * FREE_OP is missing intentionally here - we're always working on the same temporary variable
7513 * (Zeev): I don't think it's problematic, we only use variables
7514 * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
7515 * string offsets or overloaded objects
7516 */
7517
7518 ZEND_VM_NEXT_OPCODE();
7519 }
7520
ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7521 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7522 {
7523 zend_op *opline = EX(opline);
7524 zval *function_name;
7525 char *function_name_strval;
7526 int function_name_strlen;
7527 zend_free_op free_op1;
7528
7529 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
7530
7531 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
7532
7533 if (Z_TYPE_P(function_name)!=IS_STRING) {
7534 zend_error_noreturn(E_ERROR, "Method name must be a string");
7535 }
7536
7537 function_name_strval = Z_STRVAL_P(function_name);
7538 function_name_strlen = Z_STRLEN_P(function_name);
7539
7540 EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7541
7542 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
7543 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
7544 zend_error_noreturn(E_ERROR, "Object does not support method calls");
7545 }
7546
7547 /* First, locate the function. */
7548 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
7549 if (!EX(fbc)) {
7550 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
7551 }
7552
7553 EX(called_scope) = Z_OBJCE_P(EX(object));
7554 } else {
7555 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
7556 }
7557
7558 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
7559 EX(object) = NULL;
7560 } else {
7561 if (!PZVAL_IS_REF(EX(object))) {
7562 Z_ADDREF_P(EX(object)); /* For $this pointer */
7563 } else {
7564 zval *this_ptr;
7565 ALLOC_ZVAL(this_ptr);
7566 INIT_PZVAL_COPY(this_ptr, EX(object));
7567 zval_copy_ctor(this_ptr);
7568 EX(object) = this_ptr;
7569 }
7570 }
7571
7572
7573 ZEND_VM_NEXT_OPCODE();
7574 }
7575
ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7576 static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7577 {
7578 zend_op *opline = EX(opline);
7579 int switch_expr_is_overloaded=0;
7580 zend_free_op free_op1;
7581
7582 if (IS_TMP_VAR==IS_VAR) {
7583 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
7584 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
7585 } else {
7586 switch_expr_is_overloaded = 1;
7587 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
7588 }
7589 }
7590 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
7591 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
7592 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
7593
7594 if (switch_expr_is_overloaded) {
7595 /* We only free op1 if this is a string offset,
7596 * Since if it is a TMP_VAR, it'll be reused by
7597 * other CASE opcodes (whereas string offsets
7598 * are allocated at each get_zval_ptr())
7599 */
7600 zval_dtor(free_op1.var);
7601 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
7602 EX_T(opline->op1.u.var).var.ptr = NULL;
7603 }
7604 ZEND_VM_NEXT_OPCODE();
7605 }
7606
ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7607 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7608 {
7609 zend_op *opline = EX(opline);
7610 zend_free_op free_op1;
7611 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
7612 zval *expr_ptr;
7613 zval *offset=_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
7614
7615 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
7616 zval **expr_ptr_ptr = NULL;
7617
7618 if (opline->extended_value) {
7619 expr_ptr_ptr=NULL;
7620 expr_ptr = *expr_ptr_ptr;
7621 } else {
7622 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7623 }
7624 #else
7625 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7626 #endif
7627
7628 if (1) { /* temporary variable */
7629 zval *new_expr;
7630
7631 ALLOC_ZVAL(new_expr);
7632 INIT_PZVAL_COPY(new_expr, expr_ptr);
7633 expr_ptr = new_expr;
7634 } else {
7635 #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
7636 if (opline->extended_value) {
7637 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
7638 expr_ptr = *expr_ptr_ptr;
7639 Z_ADDREF_P(expr_ptr);
7640 } else
7641 #endif
7642 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
7643 zval *new_expr;
7644
7645 ALLOC_ZVAL(new_expr);
7646 INIT_PZVAL_COPY(new_expr, expr_ptr);
7647 expr_ptr = new_expr;
7648 zendi_zval_copy_ctor(*expr_ptr);
7649 } else {
7650 Z_ADDREF_P(expr_ptr);
7651 }
7652 }
7653 if (offset) {
7654 switch (Z_TYPE_P(offset)) {
7655 case IS_DOUBLE:
7656 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
7657 break;
7658 case IS_LONG:
7659 case IS_BOOL:
7660 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
7661 break;
7662 case IS_STRING:
7663 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
7664 break;
7665 case IS_NULL:
7666 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
7667 break;
7668 default:
7669 zend_error(E_WARNING, "Illegal offset type");
7670 zval_ptr_dtor(&expr_ptr);
7671 /* do nothing */
7672 break;
7673 }
7674
7675 } else {
7676 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
7677 }
7678 if (opline->extended_value) {
7679
7680 } else {
7681
7682 }
7683 ZEND_VM_NEXT_OPCODE();
7684 }
7685
ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7686 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7687 {
7688 zend_op *opline = EX(opline);
7689
7690 array_init(&EX_T(opline->result.u.var).tmp_var);
7691 if (IS_TMP_VAR == IS_UNUSED) {
7692 ZEND_VM_NEXT_OPCODE();
7693 #if 0 || IS_TMP_VAR != IS_UNUSED
7694 } else {
7695 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
7696 #endif
7697 }
7698 }
7699
ZEND_BW_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7700 static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7701 {
7702 zend_op *opline = EX(opline);
7703 zend_free_op free_op1;
7704
7705 bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
7706 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
7707 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7708 ZEND_VM_NEXT_OPCODE();
7709 }
7710
ZEND_BOOL_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7711 static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7712 {
7713 zend_op *opline = EX(opline);
7714 zend_free_op free_op1;
7715
7716 boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
7717 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
7718 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7719 ZEND_VM_NEXT_OPCODE();
7720 }
7721
ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7722 static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7723 {
7724 zend_op *opline = EX(opline);
7725 zend_free_op free_op1;
7726 zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7727
7728 if (IS_VAR == IS_VAR && !var_ptr) {
7729 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
7730 }
7731 if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
7732 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7733 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
7734 PZVAL_LOCK(EG(uninitialized_zval_ptr));
7735 }
7736 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7737 ZEND_VM_NEXT_OPCODE();
7738 }
7739
7740 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
7741
7742 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
7743 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
7744 /* proxy object */
7745 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
7746 Z_ADDREF_P(val);
7747 increment_function(val);
7748 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
7749 zval_ptr_dtor(&val);
7750 } else {
7751 increment_function(*var_ptr);
7752 }
7753
7754 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7755 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
7756 PZVAL_LOCK(*var_ptr);
7757 }
7758
7759 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7760 ZEND_VM_NEXT_OPCODE();
7761 }
7762
ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7763 static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7764 {
7765 zend_op *opline = EX(opline);
7766 zend_free_op free_op1;
7767 zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7768
7769 if (IS_VAR == IS_VAR && !var_ptr) {
7770 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
7771 }
7772 if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
7773 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7774 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
7775 PZVAL_LOCK(EG(uninitialized_zval_ptr));
7776 }
7777 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7778 ZEND_VM_NEXT_OPCODE();
7779 }
7780
7781 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
7782
7783 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
7784 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
7785 /* proxy object */
7786 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
7787 Z_ADDREF_P(val);
7788 decrement_function(val);
7789 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
7790 zval_ptr_dtor(&val);
7791 } else {
7792 decrement_function(*var_ptr);
7793 }
7794
7795 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7796 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
7797 PZVAL_LOCK(*var_ptr);
7798 }
7799
7800 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7801 ZEND_VM_NEXT_OPCODE();
7802 }
7803
ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7804 static int ZEND_FASTCALL ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7805 {
7806 zend_op *opline = EX(opline);
7807 zend_free_op free_op1;
7808 zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7809
7810 if (IS_VAR == IS_VAR && !var_ptr) {
7811 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
7812 }
7813 if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
7814 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7815 EX_T(opline->result.u.var).tmp_var = *EG(uninitialized_zval_ptr);
7816 }
7817 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7818 ZEND_VM_NEXT_OPCODE();
7819 }
7820
7821 EX_T(opline->result.u.var).tmp_var = **var_ptr;
7822 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
7823
7824 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
7825
7826 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
7827 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
7828 /* proxy object */
7829 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
7830 Z_ADDREF_P(val);
7831 increment_function(val);
7832 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
7833 zval_ptr_dtor(&val);
7834 } else {
7835 increment_function(*var_ptr);
7836 }
7837
7838 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7839 ZEND_VM_NEXT_OPCODE();
7840 }
7841
ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7842 static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7843 {
7844 zend_op *opline = EX(opline);
7845 zend_free_op free_op1;
7846 zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7847
7848 if (IS_VAR == IS_VAR && !var_ptr) {
7849 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
7850 }
7851 if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
7852 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7853 EX_T(opline->result.u.var).tmp_var = *EG(uninitialized_zval_ptr);
7854 }
7855 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7856 ZEND_VM_NEXT_OPCODE();
7857 }
7858
7859 EX_T(opline->result.u.var).tmp_var = **var_ptr;
7860 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
7861
7862 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
7863
7864 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
7865 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
7866 /* proxy object */
7867 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
7868 Z_ADDREF_P(val);
7869 decrement_function(val);
7870 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
7871 zval_ptr_dtor(&val);
7872 } else {
7873 decrement_function(*var_ptr);
7874 }
7875
7876 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7877 ZEND_VM_NEXT_OPCODE();
7878 }
7879
ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7880 static int ZEND_FASTCALL ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7881 {
7882 zend_op *opline = EX(opline);
7883 zend_free_op free_op1;
7884 zval *z = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7885
7886 if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
7887 INIT_PZVAL(z);
7888 }
7889 zend_print_variable(z);
7890
7891 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7892 ZEND_VM_NEXT_OPCODE();
7893 }
7894
ZEND_PRINT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)7895 static int ZEND_FASTCALL ZEND_PRINT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
7896 {
7897 zend_op *opline = EX(opline);
7898
7899 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
7900 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
7901
7902 return ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
7903 }
7904
zend_fetch_var_address_helper_SPEC_VAR(int type,ZEND_OPCODE_HANDLER_ARGS)7905 static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_OPCODE_HANDLER_ARGS)
7906 {
7907 zend_op *opline = EX(opline);
7908 zend_free_op free_op1;
7909 zval *varname = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
7910 zval **retval;
7911 zval tmp_varname;
7912 HashTable *target_symbol_table;
7913
7914 if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
7915 tmp_varname = *varname;
7916 zval_copy_ctor(&tmp_varname);
7917 convert_to_string(&tmp_varname);
7918 varname = &tmp_varname;
7919 }
7920
7921 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
7922 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
7923 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7924 } else {
7925 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
7926 /*
7927 if (!target_symbol_table) {
7928 ZEND_VM_NEXT_OPCODE();
7929 }
7930 */
7931 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
7932 switch (type) {
7933 case BP_VAR_R:
7934 case BP_VAR_UNSET:
7935 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
7936 /* break missing intentionally */
7937 case BP_VAR_IS:
7938 retval = &EG(uninitialized_zval_ptr);
7939 break;
7940 case BP_VAR_RW:
7941 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
7942 /* break missing intentionally */
7943 case BP_VAR_W: {
7944 zval *new_zval = &EG(uninitialized_zval);
7945
7946 Z_ADDREF_P(new_zval);
7947 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
7948 }
7949 break;
7950 EMPTY_SWITCH_DEFAULT_CASE()
7951 }
7952 }
7953 switch (opline->op2.u.EA.type) {
7954 case ZEND_FETCH_GLOBAL:
7955 if (IS_VAR != IS_TMP_VAR) {
7956 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7957 }
7958 break;
7959 case ZEND_FETCH_LOCAL:
7960 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
7961 break;
7962 case ZEND_FETCH_STATIC:
7963 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
7964 break;
7965 case ZEND_FETCH_GLOBAL_LOCK:
7966 if (IS_VAR == IS_VAR && !free_op1.var) {
7967 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
7968 }
7969 break;
7970 }
7971 }
7972
7973
7974 if (IS_VAR != IS_CONST && varname == &tmp_varname) {
7975 zval_dtor(varname);
7976 }
7977 if (!RETURN_VALUE_UNUSED(&opline->result)) {
7978 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
7979 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
7980 }
7981 PZVAL_LOCK(*retval);
7982 switch (type) {
7983 case BP_VAR_R:
7984 case BP_VAR_IS:
7985 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
7986 break;
7987 case BP_VAR_UNSET: {
7988 zend_free_op free_res;
7989
7990 EX_T(opline->result.u.var).var.ptr_ptr = retval;
7991 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
7992 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
7993 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
7994 }
7995 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
7996 FREE_OP_VAR_PTR(free_res);
7997 break;
7998 default:
7999 EX_T(opline->result.u.var).var.ptr_ptr = retval;
8000 break;
8001 }
8002 }
8003 }
8004 ZEND_VM_NEXT_OPCODE();
8005 }
8006
ZEND_FETCH_R_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8007 static int ZEND_FASTCALL ZEND_FETCH_R_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8008 {
8009 return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8010 }
8011
ZEND_FETCH_W_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8012 static int ZEND_FASTCALL ZEND_FETCH_W_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8013 {
8014 return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8015 }
8016
ZEND_FETCH_RW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8017 static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8018 {
8019 return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8020 }
8021
ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8022 static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8023 {
8024 return zend_fetch_var_address_helper_SPEC_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8025 }
8026
ZEND_FETCH_UNSET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8027 static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8028 {
8029 return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8030 }
8031
ZEND_FETCH_IS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8032 static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8033 {
8034 return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8035 }
8036
ZEND_JMPZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8037 static int ZEND_FASTCALL ZEND_JMPZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8038 {
8039 zend_op *opline = EX(opline);
8040 zend_free_op free_op1;
8041 zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8042 int ret;
8043
8044 if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
8045 ret = Z_LVAL_P(val);
8046 } else {
8047 ret = i_zend_is_true(val);
8048 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8049 if (UNEXPECTED(EG(exception) != NULL)) {
8050 ZEND_VM_CONTINUE();
8051 }
8052 }
8053 if (!ret) {
8054 #if DEBUG_ZEND>=2
8055 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
8056 #endif
8057 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
8058 ZEND_VM_CONTINUE();
8059 }
8060
8061 ZEND_VM_NEXT_OPCODE();
8062 }
8063
ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8064 static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8065 {
8066 zend_op *opline = EX(opline);
8067 zend_free_op free_op1;
8068 zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8069 int ret;
8070
8071 if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
8072 ret = Z_LVAL_P(val);
8073 } else {
8074 ret = i_zend_is_true(val);
8075 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8076 if (UNEXPECTED(EG(exception) != NULL)) {
8077 ZEND_VM_CONTINUE();
8078 }
8079 }
8080 if (ret) {
8081 #if DEBUG_ZEND>=2
8082 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
8083 #endif
8084 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
8085 ZEND_VM_CONTINUE();
8086 }
8087
8088 ZEND_VM_NEXT_OPCODE();
8089 }
8090
ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8091 static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8092 {
8093 zend_op *opline = EX(opline);
8094 zend_free_op free_op1;
8095 zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8096 int retval;
8097
8098 if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
8099 retval = Z_LVAL_P(val);
8100 } else {
8101 retval = i_zend_is_true(val);
8102 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8103 if (UNEXPECTED(EG(exception) != NULL)) {
8104 ZEND_VM_CONTINUE();
8105 }
8106 }
8107 if (EXPECTED(retval != 0)) {
8108 #if DEBUG_ZEND>=2
8109 printf("Conditional jmp on true to %d\n", opline->extended_value);
8110 #endif
8111 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
8112 ZEND_VM_CONTINUE(); /* CHECK_ME */
8113 } else {
8114 #if DEBUG_ZEND>=2
8115 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
8116 #endif
8117 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
8118 ZEND_VM_CONTINUE(); /* CHECK_ME */
8119 }
8120 }
8121
ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8122 static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8123 {
8124 zend_op *opline = EX(opline);
8125 zend_free_op free_op1;
8126 zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8127 int retval;
8128
8129 if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
8130 retval = Z_LVAL_P(val);
8131 } else {
8132 retval = i_zend_is_true(val);
8133 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8134 if (UNEXPECTED(EG(exception) != NULL)) {
8135 ZEND_VM_CONTINUE();
8136 }
8137 }
8138 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
8139 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
8140 if (!retval) {
8141 #if DEBUG_ZEND>=2
8142 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
8143 #endif
8144 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
8145 ZEND_VM_CONTINUE();
8146 }
8147 ZEND_VM_NEXT_OPCODE();
8148 }
8149
ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8150 static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8151 {
8152 zend_op *opline = EX(opline);
8153 zend_free_op free_op1;
8154 zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8155 int retval;
8156
8157 if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
8158 retval = Z_LVAL_P(val);
8159 } else {
8160 retval = i_zend_is_true(val);
8161 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8162 if (UNEXPECTED(EG(exception) != NULL)) {
8163 ZEND_VM_CONTINUE();
8164 }
8165 }
8166 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
8167 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
8168 if (retval) {
8169 #if DEBUG_ZEND>=2
8170 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
8171 #endif
8172 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
8173 ZEND_VM_CONTINUE();
8174 }
8175 ZEND_VM_NEXT_OPCODE();
8176 }
8177
ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8178 static int ZEND_FASTCALL ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8179 {
8180 zend_op *opline = EX(opline);
8181 zval *retval_ptr;
8182 zval **retval_ptr_ptr;
8183 zend_free_op free_op1;
8184
8185 if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
8186
8187 if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) {
8188 /* Not supposed to happen, but we'll allow it */
8189 zend_error(E_NOTICE, "Only variable references should be returned by reference");
8190 goto return_by_value;
8191 }
8192
8193 retval_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8194
8195 if (IS_VAR == IS_VAR && !retval_ptr_ptr) {
8196 zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
8197 }
8198
8199 if (IS_VAR == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
8200 if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
8201 EX_T(opline->op1.u.var).var.fcall_returned_reference) {
8202 } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
8203 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
8204 PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
8205 }
8206 zend_error(E_NOTICE, "Only variable references should be returned by reference");
8207 goto return_by_value;
8208 }
8209 }
8210
8211 if (EG(return_value_ptr_ptr)) {
8212 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
8213 Z_ADDREF_PP(retval_ptr_ptr);
8214
8215 (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
8216 }
8217 } else {
8218 return_by_value:
8219
8220 retval_ptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8221
8222 if (!EG(return_value_ptr_ptr)) {
8223 if (IS_VAR == IS_TMP_VAR) {
8224 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8225 }
8226 } else if (!0) { /* Not a temp var */
8227 if (IS_VAR == IS_CONST ||
8228 EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
8229 (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
8230 zval *ret;
8231
8232 ALLOC_ZVAL(ret);
8233 INIT_PZVAL_COPY(ret, retval_ptr);
8234 zval_copy_ctor(ret);
8235 *EG(return_value_ptr_ptr) = ret;
8236 } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) &&
8237 retval_ptr == &EG(uninitialized_zval)) {
8238 zval *ret;
8239
8240 ALLOC_INIT_ZVAL(ret);
8241 *EG(return_value_ptr_ptr) = ret;
8242 } else {
8243 *EG(return_value_ptr_ptr) = retval_ptr;
8244 Z_ADDREF_P(retval_ptr);
8245 }
8246 } else {
8247 zval *ret;
8248
8249 ALLOC_ZVAL(ret);
8250 INIT_PZVAL_COPY(ret, retval_ptr);
8251 *EG(return_value_ptr_ptr) = ret;
8252 }
8253 }
8254 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8255 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8256 }
8257
ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8258 static int ZEND_FASTCALL ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8259 {
8260 zend_op *opline = EX(opline);
8261 zval *value;
8262 zval *exception;
8263 zend_free_op free_op1;
8264
8265 value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8266
8267 if (IS_VAR == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
8268 zend_error_noreturn(E_ERROR, "Can only throw objects");
8269 }
8270 zend_exception_save(TSRMLS_C);
8271 /* Not sure if a complete copy is what we want here */
8272 ALLOC_ZVAL(exception);
8273 INIT_PZVAL_COPY(exception, value);
8274 if (!0) {
8275 zval_copy_ctor(exception);
8276 }
8277
8278 zend_throw_exception_object(exception TSRMLS_CC);
8279 zend_exception_restore(TSRMLS_C);
8280 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8281 ZEND_VM_NEXT_OPCODE();
8282 }
8283
ZEND_SEND_VAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8284 static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8285 {
8286 zend_op *opline = EX(opline);
8287 if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
8288 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
8289 zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
8290 }
8291 {
8292 zval *valptr;
8293 zval *value;
8294 zend_free_op free_op1;
8295
8296 value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8297
8298 ALLOC_ZVAL(valptr);
8299 INIT_PZVAL_COPY(valptr, value);
8300 if (!0) {
8301 zval_copy_ctor(valptr);
8302 }
8303 zend_vm_stack_push(valptr TSRMLS_CC);
8304 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8305 }
8306 ZEND_VM_NEXT_OPCODE();
8307 }
8308
zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS)8309 static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS)
8310 {
8311 zend_op *opline = EX(opline);
8312 zval *varptr;
8313 zend_free_op free_op1;
8314 varptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8315
8316 if (varptr == &EG(uninitialized_zval)) {
8317 ALLOC_ZVAL(varptr);
8318 INIT_ZVAL(*varptr);
8319 Z_SET_REFCOUNT_P(varptr, 0);
8320 } else if (PZVAL_IS_REF(varptr)) {
8321 zval *original_var = varptr;
8322
8323 ALLOC_ZVAL(varptr);
8324 *varptr = *original_var;
8325 Z_UNSET_ISREF_P(varptr);
8326 Z_SET_REFCOUNT_P(varptr, 0);
8327 zval_copy_ctor(varptr);
8328 }
8329 Z_ADDREF_P(varptr);
8330 zend_vm_stack_push(varptr TSRMLS_CC);
8331 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* for string offsets */
8332
8333 ZEND_VM_NEXT_OPCODE();
8334 }
8335
ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8336 static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8337 {
8338 zend_op *opline = EX(opline);
8339 zend_free_op free_op1;
8340 zval *varptr;
8341
8342 if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */
8343 if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) {
8344 return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8345 }
8346 } else if (!ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
8347 return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8348 }
8349
8350 if (IS_VAR == IS_VAR &&
8351 (opline->extended_value & ZEND_ARG_SEND_FUNCTION) &&
8352 EX_T(opline->op1.u.var).var.fcall_returned_reference &&
8353 EX_T(opline->op1.u.var).var.ptr) {
8354 varptr = EX_T(opline->op1.u.var).var.ptr;
8355 PZVAL_UNLOCK_EX(varptr, &free_op1, 0);
8356 } else {
8357 varptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8358 }
8359 if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) ||
8360 EX_T(opline->op1.u.var).var.fcall_returned_reference) &&
8361 varptr != &EG(uninitialized_zval) &&
8362 (PZVAL_IS_REF(varptr) ||
8363 (Z_REFCOUNT_P(varptr) == 1 && (IS_VAR == IS_CV || free_op1.var)))) {
8364 Z_SET_ISREF_P(varptr);
8365 Z_ADDREF_P(varptr);
8366 zend_vm_stack_push(varptr TSRMLS_CC);
8367 } else {
8368 zval *valptr;
8369
8370 if ((opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) ?
8371 !(opline->extended_value & ZEND_ARG_SEND_SILENT) :
8372 !ARG_MAY_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
8373 zend_error(E_STRICT, "Only variables should be passed by reference");
8374 }
8375 ALLOC_ZVAL(valptr);
8376 INIT_PZVAL_COPY(valptr, varptr);
8377 if (!0) {
8378 zval_copy_ctor(valptr);
8379 }
8380 zend_vm_stack_push(valptr TSRMLS_CC);
8381 }
8382 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8383 ZEND_VM_NEXT_OPCODE();
8384 }
8385
ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8386 static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8387 {
8388 zend_op *opline = EX(opline);
8389 zend_free_op free_op1;
8390 zval **varptr_ptr;
8391 zval *varptr;
8392 varptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8393
8394 if (IS_VAR == IS_VAR && !varptr_ptr) {
8395 zend_error_noreturn(E_ERROR, "Only variables can be passed by reference");
8396 }
8397
8398 if (IS_VAR == IS_VAR && *varptr_ptr == EG(error_zval_ptr)) {
8399 ALLOC_INIT_ZVAL(varptr);
8400 zend_vm_stack_push(varptr TSRMLS_CC);
8401 ZEND_VM_NEXT_OPCODE();
8402 }
8403
8404 if (opline->extended_value == ZEND_DO_FCALL_BY_NAME &&
8405 EX(function_state).function->type == ZEND_INTERNAL_FUNCTION &&
8406 !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
8407 return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8408 }
8409
8410 SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr);
8411 varptr = *varptr_ptr;
8412 Z_ADDREF_P(varptr);
8413 zend_vm_stack_push(varptr TSRMLS_CC);
8414
8415 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8416 ZEND_VM_NEXT_OPCODE();
8417 }
8418
ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8419 static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8420 {
8421 zend_op *opline = EX(opline);
8422
8423 if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME)
8424 && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
8425 return ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8426 }
8427 return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
8428 }
8429
ZEND_BOOL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8430 static int ZEND_FASTCALL ZEND_BOOL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8431 {
8432 zend_op *opline = EX(opline);
8433 zend_free_op free_op1;
8434
8435 /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
8436 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC));
8437 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
8438 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8439
8440 ZEND_VM_NEXT_OPCODE();
8441 }
8442
ZEND_SWITCH_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8443 static int ZEND_FASTCALL ZEND_SWITCH_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8444 {
8445 zend_op *opline = EX(opline);
8446
8447 zend_switch_free(&EX_T(opline->op1.u.var), opline->extended_value TSRMLS_CC);
8448 ZEND_VM_NEXT_OPCODE();
8449 }
8450
ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8451 static int ZEND_FASTCALL ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8452 {
8453 zend_op *opline = EX(opline);
8454 zend_free_op free_op1;
8455 zval *obj = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8456 zend_class_entry *ce;
8457 zend_function *clone;
8458 zend_object_clone_obj_t clone_call;
8459
8460 if (IS_VAR == IS_CONST ||
8461 (IS_VAR == IS_VAR && !obj) ||
8462 Z_TYPE_P(obj) != IS_OBJECT) {
8463 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
8464 }
8465
8466 ce = Z_OBJCE_P(obj);
8467 clone = ce ? ce->clone : NULL;
8468 clone_call = Z_OBJ_HT_P(obj)->clone_obj;
8469 if (!clone_call) {
8470 if (ce) {
8471 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
8472 } else {
8473 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
8474 }
8475 }
8476
8477 if (ce && clone) {
8478 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
8479 /* Ensure that if we're calling a private function, we're allowed to do so.
8480 */
8481 if (ce != EG(scope)) {
8482 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
8483 }
8484 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
8485 /* Ensure that if we're calling a protected function, we're allowed to do so.
8486 */
8487 if (!zend_check_protected(clone->common.scope, EG(scope))) {
8488 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
8489 }
8490 }
8491 }
8492
8493 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
8494 if (!EG(exception)) {
8495 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
8496 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
8497 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
8498 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
8499 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
8500 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
8501 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
8502 }
8503 }
8504 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8505 ZEND_VM_NEXT_OPCODE();
8506 }
8507
ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8508 static int ZEND_FASTCALL ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8509 {
8510 zend_op *opline = EX(opline);
8511 zend_free_op free_op1;
8512 zval *expr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8513 zval *result = &EX_T(opline->result.u.var).tmp_var;
8514
8515 if (opline->extended_value != IS_STRING) {
8516 *result = *expr;
8517 if (!0) {
8518 zendi_zval_copy_ctor(*result);
8519 }
8520 }
8521 switch (opline->extended_value) {
8522 case IS_NULL:
8523 convert_to_null(result);
8524 break;
8525 case IS_BOOL:
8526 convert_to_boolean(result);
8527 break;
8528 case IS_LONG:
8529 convert_to_long(result);
8530 break;
8531 case IS_DOUBLE:
8532 convert_to_double(result);
8533 break;
8534 case IS_STRING: {
8535 zval var_copy;
8536 int use_copy;
8537
8538 zend_make_printable_zval(expr, &var_copy, &use_copy);
8539 if (use_copy) {
8540 *result = var_copy;
8541 if (0) {
8542 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8543 }
8544 } else {
8545 *result = *expr;
8546 if (!0) {
8547 zendi_zval_copy_ctor(*result);
8548 }
8549 }
8550 break;
8551 }
8552 case IS_ARRAY:
8553 convert_to_array(result);
8554 break;
8555 case IS_OBJECT:
8556 convert_to_object(result);
8557 break;
8558 }
8559 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8560 ZEND_VM_NEXT_OPCODE();
8561 }
8562
ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8563 static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8564 {
8565 zend_op *opline = EX(opline);
8566 zend_op_array *new_op_array=NULL;
8567 int return_value_used;
8568 zend_free_op free_op1;
8569 zval *inc_filename = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8570 zval *tmp_inc_filename = NULL;
8571 zend_bool failure_retval=0;
8572
8573 if (inc_filename->type!=IS_STRING) {
8574 MAKE_STD_ZVAL(tmp_inc_filename);
8575 *tmp_inc_filename = *inc_filename;
8576 zval_copy_ctor(tmp_inc_filename);
8577 convert_to_string(tmp_inc_filename);
8578 inc_filename = tmp_inc_filename;
8579 }
8580
8581 return_value_used = RETURN_VALUE_USED(opline);
8582
8583 if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
8584 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
8585 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
8586 } else {
8587 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
8588 }
8589 } else {
8590 switch (Z_LVAL(opline->op2.u.constant)) {
8591 case ZEND_INCLUDE_ONCE:
8592 case ZEND_REQUIRE_ONCE: {
8593 zend_file_handle file_handle;
8594 char *resolved_path;
8595
8596 resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
8597 if (resolved_path) {
8598 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
8599 } else {
8600 resolved_path = Z_STRVAL_P(inc_filename);
8601 }
8602
8603 if (failure_retval) {
8604 /* do nothing, file already included */
8605 } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
8606
8607 if (!file_handle.opened_path) {
8608 file_handle.opened_path = estrdup(resolved_path);
8609 }
8610
8611 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
8612 new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
8613 zend_destroy_file_handle(&file_handle TSRMLS_CC);
8614 } else {
8615 zend_file_handle_dtor(&file_handle TSRMLS_CC);
8616 failure_retval=1;
8617 }
8618 } else {
8619 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
8620 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
8621 } else {
8622 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
8623 }
8624 }
8625 if (resolved_path != Z_STRVAL_P(inc_filename)) {
8626 efree(resolved_path);
8627 }
8628 }
8629 break;
8630 case ZEND_INCLUDE:
8631 case ZEND_REQUIRE:
8632 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
8633 break;
8634 case ZEND_EVAL: {
8635 char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
8636
8637 new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
8638 efree(eval_desc);
8639 }
8640 break;
8641 EMPTY_SWITCH_DEFAULT_CASE()
8642 }
8643 }
8644 if (tmp_inc_filename) {
8645 zval_ptr_dtor(&tmp_inc_filename);
8646 }
8647 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8648 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
8649 if (new_op_array && !EG(exception)) {
8650 EX(original_return_value) = EG(return_value_ptr_ptr);
8651 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
8652 EG(active_op_array) = new_op_array;
8653 EX_T(opline->result.u.var).var.ptr = NULL;
8654
8655 EX(current_object) = EX(object);
8656
8657 EX(function_state).function = (zend_function *) new_op_array;
8658 EX(object) = NULL;
8659
8660 if (!EG(active_symbol_table)) {
8661 zend_rebuild_symbol_table(TSRMLS_C);
8662 }
8663
8664 if (zend_execute == execute) {
8665 EX(call_opline) = opline;
8666 ZEND_VM_ENTER();
8667 } else {
8668 zend_execute(new_op_array TSRMLS_CC);
8669 }
8670
8671 EX(function_state).function = (zend_function *) EX(op_array);
8672 EX(object) = EX(current_object);
8673
8674 if (return_value_used) {
8675 if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
8676 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
8677 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
8678 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
8679 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
8680 }
8681 }
8682
8683 EG(opline_ptr) = &EX(opline);
8684 EG(active_op_array) = EX(op_array);
8685 EG(return_value_ptr_ptr) = EX(original_return_value);
8686 destroy_op_array(new_op_array TSRMLS_CC);
8687 efree(new_op_array);
8688 if (EG(exception)) {
8689 zend_throw_exception_internal(NULL TSRMLS_CC);
8690 }
8691 } else {
8692 if (return_value_used) {
8693 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
8694 INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
8695 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
8696 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
8697 }
8698 }
8699 ZEND_VM_NEXT_OPCODE();
8700 }
8701
ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8702 static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8703 {
8704 zend_op *opline = EX(opline);
8705 zval tmp, *varname;
8706 HashTable *target_symbol_table;
8707 zend_free_op free_op1;
8708
8709 if (IS_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
8710 if (EG(active_symbol_table)) {
8711 zend_execute_data *ex = EX(prev_execute_data);
8712 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
8713
8714 if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
8715 while (ex && ex->symbol_table == EG(active_symbol_table)) {
8716 int i;
8717
8718 if (ex->op_array) {
8719 for (i = 0; i < ex->op_array->last_var; i++) {
8720 if (ex->op_array->vars[i].hash_value == cv->hash_value &&
8721 ex->op_array->vars[i].name_len == cv->name_len &&
8722 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
8723 ex->CVs[i] = NULL;
8724 break;
8725 }
8726 }
8727 }
8728 ex = ex->prev_execute_data;
8729 }
8730 }
8731 EX(CVs)[opline->op1.u.var] = NULL;
8732 } else if (EX(CVs)[opline->op1.u.var]) {
8733 zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
8734 EX(CVs)[opline->op1.u.var] = NULL;
8735 }
8736 ZEND_VM_NEXT_OPCODE();
8737 }
8738
8739 varname = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8740
8741 if (Z_TYPE_P(varname) != IS_STRING) {
8742 tmp = *varname;
8743 zval_copy_ctor(&tmp);
8744 convert_to_string(&tmp);
8745 varname = &tmp;
8746 } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) {
8747 Z_ADDREF_P(varname);
8748 }
8749
8750 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
8751 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
8752 } else {
8753 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
8754
8755 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
8756 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
8757 zend_execute_data *ex = execute_data;
8758
8759 do {
8760 int i;
8761
8762 if (ex->op_array) {
8763 for (i = 0; i < ex->op_array->last_var; i++) {
8764 if (ex->op_array->vars[i].hash_value == hash_value &&
8765 ex->op_array->vars[i].name_len == varname->value.str.len &&
8766 !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
8767 ex->CVs[i] = NULL;
8768 break;
8769 }
8770 }
8771 }
8772 ex = ex->prev_execute_data;
8773 } while (ex && ex->symbol_table == target_symbol_table);
8774 }
8775 }
8776
8777 if (varname == &tmp) {
8778 zval_dtor(&tmp);
8779 } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) {
8780 zval_ptr_dtor(&varname);
8781 }
8782 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8783 ZEND_VM_NEXT_OPCODE();
8784 }
8785
ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8786 static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8787 {
8788 zend_op *opline = EX(opline);
8789 zend_free_op free_op1;
8790 zval *array_ptr, **array_ptr_ptr;
8791 HashTable *fe_ht;
8792 zend_object_iterator *iter = NULL;
8793 zend_class_entry *ce = NULL;
8794 zend_bool is_empty = 0;
8795
8796 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
8797 array_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8798 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
8799 ALLOC_INIT_ZVAL(array_ptr);
8800 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
8801 if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
8802 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
8803 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
8804 }
8805
8806 ce = Z_OBJCE_PP(array_ptr_ptr);
8807 if (!ce || ce->get_iterator == NULL) {
8808 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
8809 Z_ADDREF_PP(array_ptr_ptr);
8810 }
8811 array_ptr = *array_ptr_ptr;
8812 } else {
8813 if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
8814 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
8815 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
8816 Z_SET_ISREF_PP(array_ptr_ptr);
8817 }
8818 }
8819 array_ptr = *array_ptr_ptr;
8820 Z_ADDREF_P(array_ptr);
8821 }
8822 } else {
8823 array_ptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
8824 if (0) { /* IS_TMP_VAR */
8825 zval *tmp;
8826
8827 ALLOC_ZVAL(tmp);
8828 INIT_PZVAL_COPY(tmp, array_ptr);
8829 array_ptr = tmp;
8830 if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
8831 ce = Z_OBJCE_P(array_ptr);
8832 if (ce && ce->get_iterator) {
8833 Z_DELREF_P(array_ptr);
8834 }
8835 }
8836 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
8837 ce = Z_OBJCE_P(array_ptr);
8838 if (!ce || !ce->get_iterator) {
8839 Z_ADDREF_P(array_ptr);
8840 }
8841 } else if (IS_VAR == IS_CONST ||
8842 ((IS_VAR == IS_CV || IS_VAR == IS_VAR) &&
8843 !Z_ISREF_P(array_ptr) &&
8844 Z_REFCOUNT_P(array_ptr) > 1)) {
8845 zval *tmp;
8846
8847 ALLOC_ZVAL(tmp);
8848 INIT_PZVAL_COPY(tmp, array_ptr);
8849 zval_copy_ctor(tmp);
8850 array_ptr = tmp;
8851 } else {
8852 Z_ADDREF_P(array_ptr);
8853 }
8854 }
8855
8856 if (ce && ce->get_iterator) {
8857 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
8858
8859 if (iter && !EG(exception)) {
8860 array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
8861 } else {
8862 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
8863 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8864 } else {
8865 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8866 }
8867 if (!EG(exception)) {
8868 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
8869 }
8870 zend_throw_exception_internal(NULL TSRMLS_CC);
8871 ZEND_VM_NEXT_OPCODE();
8872 }
8873 }
8874
8875 AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
8876 PZVAL_LOCK(array_ptr);
8877
8878 if (iter) {
8879 iter->index = 0;
8880 if (iter->funcs->rewind) {
8881 iter->funcs->rewind(iter TSRMLS_CC);
8882 if (EG(exception)) {
8883 Z_DELREF_P(array_ptr);
8884 zval_ptr_dtor(&array_ptr);
8885 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
8886 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8887 } else {
8888 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8889 }
8890 ZEND_VM_NEXT_OPCODE();
8891 }
8892 }
8893 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
8894 if (EG(exception)) {
8895 Z_DELREF_P(array_ptr);
8896 zval_ptr_dtor(&array_ptr);
8897 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
8898 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8899 } else {
8900 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8901 }
8902 ZEND_VM_NEXT_OPCODE();
8903 }
8904 iter->index = -1; /* will be set to 0 before using next handler */
8905 } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
8906 zend_hash_internal_pointer_reset(fe_ht);
8907 if (ce) {
8908 zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
8909 while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
8910 char *str_key;
8911 uint str_key_len;
8912 ulong int_key;
8913 zend_uchar key_type;
8914
8915 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
8916 if (key_type != HASH_KEY_NON_EXISTANT &&
8917 (key_type == HASH_KEY_IS_LONG ||
8918 zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
8919 break;
8920 }
8921 zend_hash_move_forward(fe_ht);
8922 }
8923 }
8924 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
8925 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
8926 } else {
8927 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
8928 is_empty = 1;
8929 }
8930
8931 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
8932 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8933 } else {
8934 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
8935 }
8936 if (is_empty) {
8937 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
8938 } else {
8939 ZEND_VM_NEXT_OPCODE();
8940 }
8941 }
8942
ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)8943 static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
8944 {
8945 zend_op *opline = EX(opline);
8946
8947 zval *array = EX_T(opline->op1.u.var).var.ptr;
8948 zval **value;
8949 char *str_key;
8950 uint str_key_len;
8951 ulong int_key;
8952 HashTable *fe_ht;
8953 zend_object_iterator *iter = NULL;
8954 int key_type = 0;
8955 zend_bool use_key = (zend_bool)(opline->extended_value & ZEND_FE_FETCH_WITH_KEY);
8956
8957 switch (zend_iterator_unwrap(array, &iter TSRMLS_CC)) {
8958 default:
8959 case ZEND_ITER_INVALID:
8960 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
8961 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
8962
8963 case ZEND_ITER_PLAIN_OBJECT: {
8964 char *class_name, *prop_name;
8965 zend_object *zobj = zend_objects_get_address(array TSRMLS_CC);
8966
8967 fe_ht = HASH_OF(array);
8968 zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
8969 do {
8970 if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) {
8971 /* reached end of iteration */
8972 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
8973 }
8974 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
8975
8976 zend_hash_move_forward(fe_ht);
8977 } while (key_type == HASH_KEY_NON_EXISTANT ||
8978 (key_type != HASH_KEY_IS_LONG &&
8979 zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) != SUCCESS));
8980 zend_hash_get_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
8981 if (use_key && key_type != HASH_KEY_IS_LONG) {
8982 zend_unmangle_property_name(str_key, str_key_len-1, &class_name, &prop_name);
8983 str_key_len = strlen(prop_name);
8984 str_key = estrndup(prop_name, str_key_len);
8985 str_key_len++;
8986 }
8987 break;
8988 }
8989
8990 case ZEND_ITER_PLAIN_ARRAY:
8991 fe_ht = HASH_OF(array);
8992 zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
8993 if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) {
8994 /* reached end of iteration */
8995 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
8996 }
8997 if (use_key) {
8998 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 1, NULL);
8999 }
9000 zend_hash_move_forward(fe_ht);
9001 zend_hash_get_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
9002 break;
9003
9004 case ZEND_ITER_OBJECT:
9005 /* !iter happens from exception */
9006 if (iter && ++iter->index > 0) {
9007 /* This could cause an endless loop if index becomes zero again.
9008 * In case that ever happens we need an additional flag. */
9009 iter->funcs->move_forward(iter TSRMLS_CC);
9010 if (EG(exception)) {
9011 Z_DELREF_P(array);
9012 zval_ptr_dtor(&array);
9013 ZEND_VM_NEXT_OPCODE();
9014 }
9015 }
9016 /* If index is zero we come from FE_RESET and checked valid() already. */
9017 if (!iter || (iter->index > 0 && iter->funcs->valid(iter TSRMLS_CC) == FAILURE)) {
9018 /* reached end of iteration */
9019 if (EG(exception)) {
9020 Z_DELREF_P(array);
9021 zval_ptr_dtor(&array);
9022 ZEND_VM_NEXT_OPCODE();
9023 }
9024 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
9025 }
9026 iter->funcs->get_current_data(iter, &value TSRMLS_CC);
9027 if (EG(exception)) {
9028 Z_DELREF_P(array);
9029 zval_ptr_dtor(&array);
9030 ZEND_VM_NEXT_OPCODE();
9031 }
9032 if (!value) {
9033 /* failure in get_current_data */
9034 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
9035 }
9036 if (use_key) {
9037 if (iter->funcs->get_current_key) {
9038 key_type = iter->funcs->get_current_key(iter, &str_key, &str_key_len, &int_key TSRMLS_CC);
9039 if (EG(exception)) {
9040 Z_DELREF_P(array);
9041 zval_ptr_dtor(&array);
9042 ZEND_VM_NEXT_OPCODE();
9043 }
9044 } else {
9045 key_type = HASH_KEY_IS_LONG;
9046 int_key = iter->index;
9047 }
9048 }
9049 break;
9050 }
9051
9052 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
9053 SEPARATE_ZVAL_IF_NOT_REF(value);
9054 Z_SET_ISREF_PP(value);
9055 EX_T(opline->result.u.var).var.ptr_ptr = value;
9056 Z_ADDREF_PP(value);
9057 } else {
9058 AI_SET_PTR(EX_T(opline->result.u.var).var, *value);
9059 PZVAL_LOCK(*value);
9060 }
9061
9062 if (use_key) {
9063 zend_op *op_data = opline+1;
9064 zval *key = &EX_T(op_data->result.u.var).tmp_var;
9065
9066 switch (key_type) {
9067 case HASH_KEY_IS_STRING:
9068 Z_STRVAL_P(key) = str_key;
9069 Z_STRLEN_P(key) = str_key_len-1;
9070 Z_TYPE_P(key) = IS_STRING;
9071 break;
9072 case HASH_KEY_IS_LONG:
9073 Z_LVAL_P(key) = int_key;
9074 Z_TYPE_P(key) = IS_LONG;
9075 break;
9076 default:
9077 case HASH_KEY_NON_EXISTANT:
9078 ZVAL_NULL(key);
9079 break;
9080 }
9081 }
9082
9083 ZEND_VM_INC_OPCODE();
9084 ZEND_VM_NEXT_OPCODE();
9085 }
9086
ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9087 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9088 {
9089 zend_op *opline = EX(opline);
9090 zval **value;
9091 zend_bool isset = 1;
9092
9093 if (IS_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
9094 if (EX(CVs)[opline->op1.u.var]) {
9095 value = EX(CVs)[opline->op1.u.var];
9096 } else if (EG(active_symbol_table)) {
9097 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
9098
9099 if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
9100 isset = 0;
9101 }
9102 } else {
9103 isset = 0;
9104 }
9105 } else {
9106 HashTable *target_symbol_table;
9107 zend_free_op free_op1;
9108 zval tmp, *varname = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9109
9110 if (Z_TYPE_P(varname) != IS_STRING) {
9111 tmp = *varname;
9112 zval_copy_ctor(&tmp);
9113 convert_to_string(&tmp);
9114 varname = &tmp;
9115 }
9116
9117 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
9118 value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
9119 if (!value) {
9120 isset = 0;
9121 }
9122 } else {
9123 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
9124 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
9125 isset = 0;
9126 }
9127 }
9128
9129 if (varname == &tmp) {
9130 zval_dtor(&tmp);
9131 }
9132 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9133 }
9134
9135 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
9136
9137 switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
9138 case ZEND_ISSET:
9139 if (isset && Z_TYPE_PP(value) == IS_NULL) {
9140 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
9141 } else {
9142 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
9143 }
9144 break;
9145 case ZEND_ISEMPTY:
9146 if (!isset || !i_zend_is_true(*value)) {
9147 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
9148 } else {
9149 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
9150 }
9151 break;
9152 }
9153
9154 ZEND_VM_NEXT_OPCODE();
9155 }
9156
ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9157 static int ZEND_FASTCALL ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9158 {
9159 #if 0 || (IS_VAR != IS_UNUSED)
9160 zend_op *opline = EX(opline);
9161 if (IS_VAR != IS_UNUSED) {
9162 zend_free_op free_op1;
9163 zval *ptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9164
9165 if (Z_TYPE_P(ptr) == IS_LONG) {
9166 EG(exit_status) = Z_LVAL_P(ptr);
9167 } else {
9168 zend_print_variable(ptr);
9169 }
9170 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9171 }
9172 #endif
9173 zend_bailout();
9174 ZEND_VM_NEXT_OPCODE();
9175 }
9176
ZEND_JMP_SET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9177 static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9178 {
9179 zend_op *opline = EX(opline);
9180 zend_free_op free_op1;
9181 zval *value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9182
9183 if (i_zend_is_true(value)) {
9184 EX_T(opline->result.u.var).tmp_var = *value;
9185 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
9186 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9187 #if DEBUG_ZEND>=2
9188 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
9189 #endif
9190 ZEND_VM_JMP(opline->op2.u.jmp_addr);
9191 }
9192
9193 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9194 ZEND_VM_NEXT_OPCODE();
9195 }
9196
ZEND_QM_ASSIGN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9197 static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9198 {
9199 zend_op *opline = EX(opline);
9200 zend_free_op free_op1;
9201 zval *value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9202
9203 EX_T(opline->result.u.var).tmp_var = *value;
9204 if (!0) {
9205 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
9206 }
9207 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9208 ZEND_VM_NEXT_OPCODE();
9209 }
9210
ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9211 static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9212 {
9213 zend_op *opline = EX(opline);
9214 zend_free_op free_op1;
9215 zval *expr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9216 zend_bool result;
9217
9218 if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) {
9219 result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.u.var).class_entry TSRMLS_CC);
9220 } else {
9221 result = 0;
9222 }
9223 ZVAL_BOOL(&EX_T(opline->result.u.var).tmp_var, result);
9224 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9225 ZEND_VM_NEXT_OPCODE();
9226 }
9227
ZEND_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9228 static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9229 {
9230 zend_op *opline = EX(opline);
9231 zend_free_op free_op1;
9232
9233 add_function(&EX_T(opline->result.u.var).tmp_var,
9234 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9235 &opline->op2.u.constant TSRMLS_CC);
9236 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9237
9238 ZEND_VM_NEXT_OPCODE();
9239 }
9240
ZEND_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9241 static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9242 {
9243 zend_op *opline = EX(opline);
9244 zend_free_op free_op1;
9245
9246 sub_function(&EX_T(opline->result.u.var).tmp_var,
9247 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9248 &opline->op2.u.constant TSRMLS_CC);
9249 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9250
9251 ZEND_VM_NEXT_OPCODE();
9252 }
9253
ZEND_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9254 static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9255 {
9256 zend_op *opline = EX(opline);
9257 zend_free_op free_op1;
9258
9259 mul_function(&EX_T(opline->result.u.var).tmp_var,
9260 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9261 &opline->op2.u.constant TSRMLS_CC);
9262 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9263
9264 ZEND_VM_NEXT_OPCODE();
9265 }
9266
ZEND_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9267 static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9268 {
9269 zend_op *opline = EX(opline);
9270 zend_free_op free_op1;
9271
9272 div_function(&EX_T(opline->result.u.var).tmp_var,
9273 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9274 &opline->op2.u.constant TSRMLS_CC);
9275 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9276
9277 ZEND_VM_NEXT_OPCODE();
9278 }
9279
ZEND_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9280 static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9281 {
9282 zend_op *opline = EX(opline);
9283 zend_free_op free_op1;
9284
9285 mod_function(&EX_T(opline->result.u.var).tmp_var,
9286 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9287 &opline->op2.u.constant TSRMLS_CC);
9288 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9289
9290 ZEND_VM_NEXT_OPCODE();
9291 }
9292
ZEND_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9293 static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9294 {
9295 zend_op *opline = EX(opline);
9296 zend_free_op free_op1;
9297
9298 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
9299 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9300 &opline->op2.u.constant TSRMLS_CC);
9301 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9302
9303 ZEND_VM_NEXT_OPCODE();
9304 }
9305
ZEND_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9306 static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9307 {
9308 zend_op *opline = EX(opline);
9309 zend_free_op free_op1;
9310
9311 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
9312 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9313 &opline->op2.u.constant TSRMLS_CC);
9314 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9315
9316 ZEND_VM_NEXT_OPCODE();
9317 }
9318
ZEND_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9319 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9320 {
9321 zend_op *opline = EX(opline);
9322 zend_free_op free_op1;
9323
9324 concat_function(&EX_T(opline->result.u.var).tmp_var,
9325 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9326 &opline->op2.u.constant TSRMLS_CC);
9327 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9328
9329 ZEND_VM_NEXT_OPCODE();
9330 }
9331
ZEND_IS_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9332 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9333 {
9334 zend_op *opline = EX(opline);
9335 zend_free_op free_op1;
9336
9337 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
9338 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9339 &opline->op2.u.constant TSRMLS_CC);
9340 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9341
9342 ZEND_VM_NEXT_OPCODE();
9343 }
9344
ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9345 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9346 {
9347 zend_op *opline = EX(opline);
9348 zend_free_op free_op1;
9349 zval *result = &EX_T(opline->result.u.var).tmp_var;
9350
9351 is_identical_function(result,
9352 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9353 &opline->op2.u.constant TSRMLS_CC);
9354 Z_LVAL_P(result) = !Z_LVAL_P(result);
9355 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9356
9357 ZEND_VM_NEXT_OPCODE();
9358 }
9359
ZEND_IS_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9360 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9361 {
9362 zend_op *opline = EX(opline);
9363 zend_free_op free_op1;
9364 zval *result = &EX_T(opline->result.u.var).tmp_var;
9365
9366 compare_function(result,
9367 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9368 &opline->op2.u.constant TSRMLS_CC);
9369 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
9370 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9371
9372 ZEND_VM_NEXT_OPCODE();
9373 }
9374
ZEND_IS_NOT_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9375 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9376 {
9377 zend_op *opline = EX(opline);
9378 zend_free_op free_op1;
9379 zval *result = &EX_T(opline->result.u.var).tmp_var;
9380
9381 compare_function(result,
9382 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9383 &opline->op2.u.constant TSRMLS_CC);
9384 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
9385 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9386
9387 ZEND_VM_NEXT_OPCODE();
9388 }
9389
ZEND_IS_SMALLER_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9390 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9391 {
9392 zend_op *opline = EX(opline);
9393 zend_free_op free_op1;
9394 zval *result = &EX_T(opline->result.u.var).tmp_var;
9395
9396 compare_function(result,
9397 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9398 &opline->op2.u.constant TSRMLS_CC);
9399 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
9400 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9401
9402 ZEND_VM_NEXT_OPCODE();
9403 }
9404
ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9405 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9406 {
9407 zend_op *opline = EX(opline);
9408 zend_free_op free_op1;
9409 zval *result = &EX_T(opline->result.u.var).tmp_var;
9410
9411 compare_function(result,
9412 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9413 &opline->op2.u.constant TSRMLS_CC);
9414 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
9415 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9416
9417 ZEND_VM_NEXT_OPCODE();
9418 }
9419
ZEND_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9420 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9421 {
9422 zend_op *opline = EX(opline);
9423 zend_free_op free_op1;
9424
9425 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
9426 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9427 &opline->op2.u.constant TSRMLS_CC);
9428 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9429
9430 ZEND_VM_NEXT_OPCODE();
9431 }
9432
ZEND_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9433 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9434 {
9435 zend_op *opline = EX(opline);
9436 zend_free_op free_op1;
9437
9438 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
9439 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9440 &opline->op2.u.constant TSRMLS_CC);
9441 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9442
9443 ZEND_VM_NEXT_OPCODE();
9444 }
9445
ZEND_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9446 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9447 {
9448 zend_op *opline = EX(opline);
9449 zend_free_op free_op1;
9450
9451 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
9452 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9453 &opline->op2.u.constant TSRMLS_CC);
9454 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9455
9456 ZEND_VM_NEXT_OPCODE();
9457 }
9458
ZEND_BOOL_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9459 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9460 {
9461 zend_op *opline = EX(opline);
9462 zend_free_op free_op1;
9463
9464 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
9465 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
9466 &opline->op2.u.constant TSRMLS_CC);
9467 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9468
9469 ZEND_VM_NEXT_OPCODE();
9470 }
9471
zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)9472 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
9473 {
9474 zend_op *opline = EX(opline);
9475 zend_op *op_data = opline+1;
9476 zend_free_op free_op1, free_op_data1;
9477 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9478 zval *object;
9479 zval *property = &opline->op2.u.constant;
9480 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
9481 znode *result = &opline->result;
9482 int have_get_ptr = 0;
9483
9484 if (IS_VAR == IS_VAR && !object_ptr) {
9485 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
9486 }
9487
9488 EX_T(result->u.var).var.ptr_ptr = NULL;
9489 make_real_object(object_ptr TSRMLS_CC);
9490 object = *object_ptr;
9491
9492 if (Z_TYPE_P(object) != IS_OBJECT) {
9493 zend_error(E_WARNING, "Attempt to assign property of non-object");
9494
9495 FREE_OP(free_op_data1);
9496
9497 if (!RETURN_VALUE_UNUSED(result)) {
9498 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
9499 EX_T(result->u.var).var.ptr_ptr = NULL;
9500 PZVAL_LOCK(EG(uninitialized_zval_ptr));
9501 }
9502 } else {
9503 /* here we are sure we are dealing with an object */
9504 if (0) {
9505 MAKE_REAL_ZVAL_PTR(property);
9506 }
9507
9508 /* here property is a string */
9509 if (opline->extended_value == ZEND_ASSIGN_OBJ
9510 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
9511 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
9512 if (zptr != NULL) { /* NULL means no success in getting PTR */
9513 SEPARATE_ZVAL_IF_NOT_REF(zptr);
9514
9515 have_get_ptr = 1;
9516 binary_op(*zptr, *zptr, value TSRMLS_CC);
9517 if (!RETURN_VALUE_UNUSED(result)) {
9518 EX_T(result->u.var).var.ptr = *zptr;
9519 EX_T(result->u.var).var.ptr_ptr = NULL;
9520 PZVAL_LOCK(*zptr);
9521 }
9522 }
9523 }
9524
9525 if (!have_get_ptr) {
9526 zval *z = NULL;
9527
9528 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
9529 if (Z_OBJ_HT_P(object)->read_property) {
9530 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
9531 }
9532 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
9533 if (Z_OBJ_HT_P(object)->read_dimension) {
9534 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
9535 }
9536 }
9537 if (z) {
9538 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
9539 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
9540
9541 if (Z_REFCOUNT_P(z) == 0) {
9542 GC_REMOVE_ZVAL_FROM_BUFFER(z);
9543 zval_dtor(z);
9544 FREE_ZVAL(z);
9545 }
9546 z = value;
9547 }
9548 Z_ADDREF_P(z);
9549 SEPARATE_ZVAL_IF_NOT_REF(&z);
9550 binary_op(z, z, value TSRMLS_CC);
9551 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
9552 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
9553 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
9554 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
9555 }
9556 if (!RETURN_VALUE_UNUSED(result)) {
9557 EX_T(result->u.var).var.ptr = z;
9558 EX_T(result->u.var).var.ptr_ptr = NULL;
9559 PZVAL_LOCK(z);
9560 }
9561 zval_ptr_dtor(&z);
9562 } else {
9563 zend_error(E_WARNING, "Attempt to assign property of non-object");
9564 if (!RETURN_VALUE_UNUSED(result)) {
9565 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
9566 EX_T(result->u.var).var.ptr_ptr = NULL;
9567 PZVAL_LOCK(EG(uninitialized_zval_ptr));
9568 }
9569 }
9570 }
9571
9572 if (0) {
9573 zval_ptr_dtor(&property);
9574 } else {
9575
9576 }
9577 FREE_OP(free_op_data1);
9578 }
9579
9580 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9581 /* assign_obj has two opcodes! */
9582 ZEND_VM_INC_OPCODE();
9583 ZEND_VM_NEXT_OPCODE();
9584 }
9585
zend_binary_assign_op_helper_SPEC_VAR_CONST(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)9586 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
9587 {
9588 zend_op *opline = EX(opline);
9589 zend_free_op free_op1, free_op_data2, free_op_data1;
9590 zval **var_ptr;
9591 zval *value;
9592
9593 switch (opline->extended_value) {
9594 case ZEND_ASSIGN_OBJ:
9595 return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9596 break;
9597 case ZEND_ASSIGN_DIM: {
9598 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9599
9600 if (IS_VAR == IS_VAR && !container) {
9601 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
9602 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
9603 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
9604 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
9605 }
9606 return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9607 } else {
9608 zend_op *op_data = opline+1;
9609 zval *dim = &opline->op2.u.constant;
9610
9611 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
9612 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
9613 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
9614 ZEND_VM_INC_OPCODE();
9615 }
9616 }
9617 break;
9618 default:
9619 value = &opline->op2.u.constant;
9620 var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9621 /* do nothing */
9622 break;
9623 }
9624
9625 if (!var_ptr) {
9626 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
9627 }
9628
9629 if (*var_ptr == EG(error_zval_ptr)) {
9630 if (!RETURN_VALUE_UNUSED(&opline->result)) {
9631 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
9632 PZVAL_LOCK(EG(uninitialized_zval_ptr));
9633 }
9634
9635 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9636 ZEND_VM_NEXT_OPCODE();
9637 }
9638
9639 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
9640
9641 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
9642 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
9643 /* proxy object */
9644 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
9645 Z_ADDREF_P(objval);
9646 binary_op(objval, objval, value TSRMLS_CC);
9647 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
9648 zval_ptr_dtor(&objval);
9649 } else {
9650 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
9651 }
9652
9653 if (!RETURN_VALUE_UNUSED(&opline->result)) {
9654 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
9655 PZVAL_LOCK(*var_ptr);
9656 }
9657
9658 if (opline->extended_value == ZEND_ASSIGN_DIM) {
9659 FREE_OP(free_op_data1);
9660 FREE_OP_VAR_PTR(free_op_data2);
9661 }
9662 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9663 ZEND_VM_NEXT_OPCODE();
9664 }
9665
ZEND_ASSIGN_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9666 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9667 {
9668 return zend_binary_assign_op_helper_SPEC_VAR_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9669 }
9670
ZEND_ASSIGN_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9671 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9672 {
9673 return zend_binary_assign_op_helper_SPEC_VAR_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9674 }
9675
ZEND_ASSIGN_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9676 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9677 {
9678 return zend_binary_assign_op_helper_SPEC_VAR_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9679 }
9680
ZEND_ASSIGN_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9681 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9682 {
9683 return zend_binary_assign_op_helper_SPEC_VAR_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9684 }
9685
ZEND_ASSIGN_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9686 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9687 {
9688 return zend_binary_assign_op_helper_SPEC_VAR_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9689 }
9690
ZEND_ASSIGN_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9691 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9692 {
9693 return zend_binary_assign_op_helper_SPEC_VAR_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9694 }
9695
ZEND_ASSIGN_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9696 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9697 {
9698 return zend_binary_assign_op_helper_SPEC_VAR_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9699 }
9700
ZEND_ASSIGN_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9701 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9702 {
9703 return zend_binary_assign_op_helper_SPEC_VAR_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9704 }
9705
ZEND_ASSIGN_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9706 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9707 {
9708 return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9709 }
9710
ZEND_ASSIGN_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9711 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9712 {
9713 return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9714 }
9715
ZEND_ASSIGN_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9716 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9717 {
9718 return zend_binary_assign_op_helper_SPEC_VAR_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9719 }
9720
zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)9721 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
9722 {
9723 zend_op *opline = EX(opline);
9724 zend_free_op free_op1;
9725 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9726 zval *object;
9727 zval *property = &opline->op2.u.constant;
9728 zval **retval = &EX_T(opline->result.u.var).var.ptr;
9729 int have_get_ptr = 0;
9730
9731 if (IS_VAR == IS_VAR && !object_ptr) {
9732 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
9733 }
9734
9735 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
9736 object = *object_ptr;
9737
9738 if (Z_TYPE_P(object) != IS_OBJECT) {
9739 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
9740
9741 if (!RETURN_VALUE_UNUSED(&opline->result)) {
9742 *retval = EG(uninitialized_zval_ptr);
9743 PZVAL_LOCK(*retval);
9744 }
9745 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9746 ZEND_VM_NEXT_OPCODE();
9747 }
9748
9749 /* here we are sure we are dealing with an object */
9750
9751 if (0) {
9752 MAKE_REAL_ZVAL_PTR(property);
9753 }
9754
9755 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
9756 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
9757 if (zptr != NULL) { /* NULL means no success in getting PTR */
9758 SEPARATE_ZVAL_IF_NOT_REF(zptr);
9759
9760 have_get_ptr = 1;
9761 incdec_op(*zptr);
9762 if (!RETURN_VALUE_UNUSED(&opline->result)) {
9763 *retval = *zptr;
9764 PZVAL_LOCK(*retval);
9765 }
9766 }
9767 }
9768
9769 if (!have_get_ptr) {
9770 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
9771 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
9772
9773 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
9774 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
9775
9776 if (Z_REFCOUNT_P(z) == 0) {
9777 GC_REMOVE_ZVAL_FROM_BUFFER(z);
9778 zval_dtor(z);
9779 FREE_ZVAL(z);
9780 }
9781 z = value;
9782 }
9783 Z_ADDREF_P(z);
9784 SEPARATE_ZVAL_IF_NOT_REF(&z);
9785 incdec_op(z);
9786 *retval = z;
9787 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
9788 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
9789 zval_ptr_dtor(&z);
9790 } else {
9791 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
9792 if (!RETURN_VALUE_UNUSED(&opline->result)) {
9793 *retval = EG(uninitialized_zval_ptr);
9794 PZVAL_LOCK(*retval);
9795 }
9796 }
9797 }
9798
9799 if (0) {
9800 zval_ptr_dtor(&property);
9801 } else {
9802
9803 }
9804 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9805 ZEND_VM_NEXT_OPCODE();
9806 }
9807
ZEND_PRE_INC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9808 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9809 {
9810 return zend_pre_incdec_property_helper_SPEC_VAR_CONST(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9811 }
9812
ZEND_PRE_DEC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9813 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9814 {
9815 return zend_pre_incdec_property_helper_SPEC_VAR_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9816 }
9817
zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)9818 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
9819 {
9820 zend_op *opline = EX(opline);
9821 zend_free_op free_op1;
9822 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9823 zval *object;
9824 zval *property = &opline->op2.u.constant;
9825 zval *retval = &EX_T(opline->result.u.var).tmp_var;
9826 int have_get_ptr = 0;
9827
9828 if (IS_VAR == IS_VAR && !object_ptr) {
9829 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
9830 }
9831
9832 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
9833 object = *object_ptr;
9834
9835 if (Z_TYPE_P(object) != IS_OBJECT) {
9836 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
9837
9838 *retval = *EG(uninitialized_zval_ptr);
9839 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9840 ZEND_VM_NEXT_OPCODE();
9841 }
9842
9843 /* here we are sure we are dealing with an object */
9844
9845 if (0) {
9846 MAKE_REAL_ZVAL_PTR(property);
9847 }
9848
9849 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
9850 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
9851 if (zptr != NULL) { /* NULL means no success in getting PTR */
9852 have_get_ptr = 1;
9853 SEPARATE_ZVAL_IF_NOT_REF(zptr);
9854
9855 *retval = **zptr;
9856 zendi_zval_copy_ctor(*retval);
9857
9858 incdec_op(*zptr);
9859
9860 }
9861 }
9862
9863 if (!have_get_ptr) {
9864 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
9865 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
9866 zval *z_copy;
9867
9868 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
9869 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
9870
9871 if (Z_REFCOUNT_P(z) == 0) {
9872 GC_REMOVE_ZVAL_FROM_BUFFER(z);
9873 zval_dtor(z);
9874 FREE_ZVAL(z);
9875 }
9876 z = value;
9877 }
9878 *retval = *z;
9879 zendi_zval_copy_ctor(*retval);
9880 ALLOC_ZVAL(z_copy);
9881 *z_copy = *z;
9882 zendi_zval_copy_ctor(*z_copy);
9883 INIT_PZVAL(z_copy);
9884 incdec_op(z_copy);
9885 Z_ADDREF_P(z);
9886 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
9887 zval_ptr_dtor(&z_copy);
9888 zval_ptr_dtor(&z);
9889 } else {
9890 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
9891 *retval = *EG(uninitialized_zval_ptr);
9892 }
9893 }
9894
9895 if (0) {
9896 zval_ptr_dtor(&property);
9897 } else {
9898
9899 }
9900 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9901 ZEND_VM_NEXT_OPCODE();
9902 }
9903
ZEND_POST_INC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9904 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9905 {
9906 return zend_post_incdec_property_helper_SPEC_VAR_CONST(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9907 }
9908
ZEND_POST_DEC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9909 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9910 {
9911 return zend_post_incdec_property_helper_SPEC_VAR_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
9912 }
9913
ZEND_FETCH_DIM_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9914 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9915 {
9916 zend_op *opline = EX(opline);
9917 zend_free_op free_op1;
9918 zval *dim = &opline->op2.u.constant;
9919 zval **container;
9920
9921 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
9922 IS_VAR != IS_CV &&
9923 EX_T(opline->op1.u.var).var.ptr_ptr) {
9924 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
9925 }
9926 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9927 if (IS_VAR == IS_VAR && !container) {
9928 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
9929 }
9930 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
9931
9932 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9933 ZEND_VM_NEXT_OPCODE();
9934 }
9935
ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9936 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9937 {
9938 zend_op *opline = EX(opline);
9939 zend_free_op free_op1;
9940 zval *dim = &opline->op2.u.constant;
9941 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9942
9943 if (IS_VAR == IS_VAR && !container) {
9944 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
9945 }
9946 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
9947
9948 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
9949 READY_TO_DESTROY(free_op1.var)) {
9950 AI_USE_PTR(EX_T(opline->result.u.var).var);
9951 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
9952 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
9953 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
9954 }
9955 }
9956 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9957
9958 /* We are going to assign the result by reference */
9959 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
9960 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
9961 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
9962 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
9963 }
9964
9965 ZEND_VM_NEXT_OPCODE();
9966 }
9967
ZEND_FETCH_DIM_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9968 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9969 {
9970 zend_op *opline = EX(opline);
9971 zend_free_op free_op1;
9972 zval *dim = &opline->op2.u.constant;
9973 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9974
9975 if (IS_VAR == IS_VAR && !container) {
9976 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
9977 }
9978 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
9979
9980 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
9981 READY_TO_DESTROY(free_op1.var)) {
9982 AI_USE_PTR(EX_T(opline->result.u.var).var);
9983 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
9984 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
9985 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
9986 }
9987 }
9988 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
9989 ZEND_VM_NEXT_OPCODE();
9990 }
9991
ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)9992 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
9993 {
9994 zend_op *opline = EX(opline);
9995 zend_free_op free_op1;
9996 zval *dim = &opline->op2.u.constant;
9997 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
9998
9999 if (IS_VAR == IS_VAR && !container) {
10000 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
10001 }
10002 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_IS TSRMLS_CC);
10003
10004 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10005 ZEND_VM_NEXT_OPCODE();
10006 }
10007
ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10008 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10009 {
10010 zend_op *opline = EX(opline);
10011 zend_free_op free_op1;
10012 zval *dim = &opline->op2.u.constant;
10013 zval **container;
10014
10015 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
10016 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10017 if (IS_VAR == IS_VAR && !container) {
10018 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
10019 }
10020 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
10021 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
10022 READY_TO_DESTROY(free_op1.var)) {
10023 AI_USE_PTR(EX_T(opline->result.u.var).var);
10024 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
10025 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
10026 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
10027 }
10028 }
10029 } else {
10030 if (IS_CONST == IS_UNUSED) {
10031 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
10032 }
10033 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10034 if (IS_VAR == IS_VAR && !container) {
10035 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
10036 }
10037 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
10038 }
10039
10040 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10041 ZEND_VM_NEXT_OPCODE();
10042 }
10043
ZEND_FETCH_DIM_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10044 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10045 {
10046 zend_op *opline = EX(opline);
10047 zend_free_op free_op1;
10048 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10049 zval *dim = &opline->op2.u.constant;
10050
10051 /* Not needed in DIM_UNSET
10052 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
10053 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
10054 }
10055 */
10056 if (IS_VAR == IS_CV) {
10057 if (container != &EG(uninitialized_zval_ptr)) {
10058 SEPARATE_ZVAL_IF_NOT_REF(container);
10059 }
10060 }
10061 if (IS_VAR == IS_VAR && !container) {
10062 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
10063 }
10064 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_UNSET TSRMLS_CC);
10065
10066 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
10067 READY_TO_DESTROY(free_op1.var)) {
10068 AI_USE_PTR(EX_T(opline->result.u.var).var);
10069 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
10070 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
10071 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
10072 }
10073 }
10074 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10075 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
10076 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
10077 } else {
10078 zend_free_op free_res;
10079
10080 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
10081 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
10082 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
10083 }
10084 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
10085 FREE_OP_VAR_PTR(free_res);
10086 }
10087 ZEND_VM_NEXT_OPCODE();
10088 }
10089
zend_fetch_property_address_read_helper_SPEC_VAR_CONST(int type,ZEND_OPCODE_HANDLER_ARGS)10090 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST(int type, ZEND_OPCODE_HANDLER_ARGS)
10091 {
10092 zend_op *opline = EX(opline);
10093 zend_free_op free_op1;
10094 zval *container = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10095
10096 zval *offset = &opline->op2.u.constant;
10097
10098 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
10099 if (type != BP_VAR_IS) {
10100 zend_error(E_NOTICE, "Trying to get property of non-object");
10101 }
10102 if (!RETURN_VALUE_UNUSED(&opline->result)) {
10103 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
10104 PZVAL_LOCK(EG(uninitialized_zval_ptr));
10105 }
10106
10107 } else {
10108 zval *retval;
10109
10110 if (0) {
10111 MAKE_REAL_ZVAL_PTR(offset);
10112 }
10113
10114 /* here we are sure we are dealing with an object */
10115 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
10116
10117 if (RETURN_VALUE_UNUSED(&opline->result)) {
10118 if (Z_REFCOUNT_P(retval) == 0) {
10119 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
10120 zval_dtor(retval);
10121 FREE_ZVAL(retval);
10122 }
10123 } else {
10124 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
10125 PZVAL_LOCK(retval);
10126 }
10127
10128 if (0) {
10129 zval_ptr_dtor(&offset);
10130 } else {
10131
10132 }
10133 }
10134
10135 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10136 ZEND_VM_NEXT_OPCODE();
10137 }
10138
ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10139 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10140 {
10141 return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
10142 }
10143
ZEND_FETCH_OBJ_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10144 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10145 {
10146 zend_op *opline = EX(opline);
10147 zend_free_op free_op1;
10148 zval *property = &opline->op2.u.constant;
10149 zval **container;
10150
10151 if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
10152 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
10153 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
10154 }
10155
10156 if (0) {
10157 MAKE_REAL_ZVAL_PTR(property);
10158 }
10159 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10160 if (IS_VAR == IS_VAR && !container) {
10161 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
10162 }
10163 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
10164 if (0) {
10165 zval_ptr_dtor(&property);
10166 } else {
10167
10168 }
10169 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
10170 READY_TO_DESTROY(free_op1.var)) {
10171 AI_USE_PTR(EX_T(opline->result.u.var).var);
10172 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
10173 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
10174 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
10175 }
10176 }
10177 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10178
10179 /* We are going to assign the result by reference */
10180 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
10181 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
10182 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
10183 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
10184 }
10185
10186 ZEND_VM_NEXT_OPCODE();
10187 }
10188
ZEND_FETCH_OBJ_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10189 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10190 {
10191 zend_op *opline = EX(opline);
10192 zend_free_op free_op1;
10193 zval *property = &opline->op2.u.constant;
10194 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10195
10196 if (0) {
10197 MAKE_REAL_ZVAL_PTR(property);
10198 }
10199 if (IS_VAR == IS_VAR && !container) {
10200 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
10201 }
10202 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
10203 if (0) {
10204 zval_ptr_dtor(&property);
10205 } else {
10206
10207 }
10208 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
10209 READY_TO_DESTROY(free_op1.var)) {
10210 AI_USE_PTR(EX_T(opline->result.u.var).var);
10211 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
10212 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
10213 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
10214 }
10215 }
10216 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10217 ZEND_VM_NEXT_OPCODE();
10218 }
10219
ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10220 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10221 {
10222 return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
10223 }
10224
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10225 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10226 {
10227 zend_op *opline = EX(opline);
10228
10229 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
10230 /* Behave like FETCH_OBJ_W */
10231 zend_free_op free_op1;
10232 zval *property = &opline->op2.u.constant;
10233 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10234
10235 if (0) {
10236 MAKE_REAL_ZVAL_PTR(property);
10237 }
10238 if (IS_VAR == IS_VAR && !container) {
10239 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
10240 }
10241 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
10242 if (0) {
10243 zval_ptr_dtor(&property);
10244 } else {
10245
10246 }
10247 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
10248 READY_TO_DESTROY(free_op1.var)) {
10249 AI_USE_PTR(EX_T(opline->result.u.var).var);
10250 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
10251 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
10252 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
10253 }
10254 }
10255 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10256 ZEND_VM_NEXT_OPCODE();
10257 } else {
10258 return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
10259 }
10260 }
10261
ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10262 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10263 {
10264 zend_op *opline = EX(opline);
10265 zend_free_op free_op1, free_res;
10266 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10267 zval *property = &opline->op2.u.constant;
10268
10269 if (IS_VAR == IS_CV) {
10270 if (container != &EG(uninitialized_zval_ptr)) {
10271 SEPARATE_ZVAL_IF_NOT_REF(container);
10272 }
10273 }
10274 if (0) {
10275 MAKE_REAL_ZVAL_PTR(property);
10276 }
10277 if (IS_VAR == IS_VAR && !container) {
10278 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
10279 }
10280 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
10281 if (0) {
10282 zval_ptr_dtor(&property);
10283 } else {
10284
10285 }
10286 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
10287 READY_TO_DESTROY(free_op1.var)) {
10288 AI_USE_PTR(EX_T(opline->result.u.var).var);
10289 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
10290 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
10291 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
10292 }
10293 }
10294 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10295
10296 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
10297 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
10298 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
10299 }
10300 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
10301 FREE_OP_VAR_PTR(free_res);
10302 ZEND_VM_NEXT_OPCODE();
10303 }
10304
ZEND_ASSIGN_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10305 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10306 {
10307 zend_op *opline = EX(opline);
10308 zend_op *op_data = opline+1;
10309 zend_free_op free_op1;
10310 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10311 zval *property_name = &opline->op2.u.constant;
10312
10313 if (0) {
10314 MAKE_REAL_ZVAL_PTR(property_name);
10315 }
10316 if (IS_VAR == IS_VAR && !object_ptr) {
10317 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
10318 }
10319 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
10320 if (0) {
10321 zval_ptr_dtor(&property_name);
10322 } else {
10323
10324 }
10325 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10326 /* assign_obj has two opcodes! */
10327 ZEND_VM_INC_OPCODE();
10328 ZEND_VM_NEXT_OPCODE();
10329 }
10330
ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10331 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10332 {
10333 zend_op *opline = EX(opline);
10334 zend_op *op_data = opline+1;
10335 zend_free_op free_op1;
10336 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10337
10338 if (IS_VAR == IS_VAR && !object_ptr) {
10339 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
10340 }
10341 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
10342
10343 zval *property_name = &opline->op2.u.constant;
10344
10345 if (0) {
10346 MAKE_REAL_ZVAL_PTR(property_name);
10347 }
10348 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
10349 if (0) {
10350 zval_ptr_dtor(&property_name);
10351 } else {
10352
10353 }
10354 } else {
10355 zend_free_op free_op_data1, free_op_data2;
10356 zval *value;
10357 zval *dim = &opline->op2.u.constant;
10358 zval **variable_ptr_ptr;
10359
10360 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
10361
10362 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
10363 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
10364 if (!variable_ptr_ptr) {
10365 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
10366 if (!RETURN_VALUE_UNUSED(&opline->result)) {
10367 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
10368 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
10369 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
10370 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
10371 }
10372 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
10373 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
10374 PZVAL_LOCK(EG(uninitialized_zval_ptr));
10375 }
10376 } else {
10377 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
10378 if (!RETURN_VALUE_UNUSED(&opline->result)) {
10379 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
10380 PZVAL_LOCK(value);
10381 }
10382 }
10383 FREE_OP_VAR_PTR(free_op_data2);
10384 FREE_OP_IF_VAR(free_op_data1);
10385 }
10386 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10387 /* assign_dim has two opcodes! */
10388 ZEND_VM_INC_OPCODE();
10389 ZEND_VM_NEXT_OPCODE();
10390 }
10391
ZEND_ASSIGN_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10392 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10393 {
10394 zend_op *opline = EX(opline);
10395 zend_free_op free_op1;
10396 zval *value = &opline->op2.u.constant;
10397 zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10398
10399 if (IS_VAR == IS_VAR && !variable_ptr_ptr) {
10400 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_CONST TSRMLS_CC)) {
10401 if (!RETURN_VALUE_UNUSED(&opline->result)) {
10402 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
10403 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
10404 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
10405 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
10406 }
10407 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
10408 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
10409 PZVAL_LOCK(EG(uninitialized_zval_ptr));
10410 }
10411 } else {
10412 value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC);
10413 if (!RETURN_VALUE_UNUSED(&opline->result)) {
10414 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
10415 PZVAL_LOCK(value);
10416 }
10417 }
10418
10419 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10420
10421 /* zend_assign_to_variable() always takes care of op2, never free it! */
10422
10423 ZEND_VM_NEXT_OPCODE();
10424 }
10425
ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10426 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10427 {
10428 zend_op *opline = EX(opline);
10429 zval *function_name;
10430 char *function_name_strval;
10431 int function_name_strlen;
10432 zend_free_op free_op1;
10433
10434 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
10435
10436 function_name = &opline->op2.u.constant;
10437
10438 if (Z_TYPE_P(function_name)!=IS_STRING) {
10439 zend_error_noreturn(E_ERROR, "Method name must be a string");
10440 }
10441
10442 function_name_strval = Z_STRVAL_P(function_name);
10443 function_name_strlen = Z_STRLEN_P(function_name);
10444
10445 EX(object) = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10446
10447 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
10448 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
10449 zend_error_noreturn(E_ERROR, "Object does not support method calls");
10450 }
10451
10452 /* First, locate the function. */
10453 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
10454 if (!EX(fbc)) {
10455 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
10456 }
10457
10458 EX(called_scope) = Z_OBJCE_P(EX(object));
10459 } else {
10460 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
10461 }
10462
10463 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
10464 EX(object) = NULL;
10465 } else {
10466 if (!PZVAL_IS_REF(EX(object))) {
10467 Z_ADDREF_P(EX(object)); /* For $this pointer */
10468 } else {
10469 zval *this_ptr;
10470 ALLOC_ZVAL(this_ptr);
10471 INIT_PZVAL_COPY(this_ptr, EX(object));
10472 zval_copy_ctor(this_ptr);
10473 EX(object) = this_ptr;
10474 }
10475 }
10476
10477 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10478
10479 ZEND_VM_NEXT_OPCODE();
10480 }
10481
ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10482 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10483 {
10484 zend_op *opline = EX(opline);
10485 zval *function_name;
10486 zend_class_entry *ce;
10487
10488 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
10489
10490 if (IS_VAR == IS_CONST) {
10491 /* no function found. try a static method in class */
10492 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
10493 if (UNEXPECTED(EG(exception) != NULL)) {
10494 ZEND_VM_CONTINUE();
10495 }
10496 if (!ce) {
10497 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
10498 }
10499 EX(called_scope) = ce;
10500 } else {
10501 ce = EX_T(opline->op1.u.var).class_entry;
10502
10503 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
10504 EX(called_scope) = EG(called_scope);
10505 } else {
10506 EX(called_scope) = ce;
10507 }
10508 }
10509 if(IS_CONST != IS_UNUSED) {
10510 char *function_name_strval = NULL;
10511 int function_name_strlen = 0;
10512
10513
10514 if (IS_CONST == IS_CONST) {
10515 function_name_strval = Z_STRVAL(opline->op2.u.constant);
10516 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
10517 } else {
10518 function_name = &opline->op2.u.constant;
10519
10520 if (Z_TYPE_P(function_name) != IS_STRING) {
10521 zend_error_noreturn(E_ERROR, "Function name must be a string");
10522 } else {
10523 function_name_strval = Z_STRVAL_P(function_name);
10524 function_name_strlen = Z_STRLEN_P(function_name);
10525 }
10526 }
10527
10528 if (function_name_strval) {
10529 if (ce->get_static_method) {
10530 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
10531 } else {
10532 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
10533 }
10534 if (!EX(fbc)) {
10535 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
10536 }
10537 }
10538
10539 if (IS_CONST != IS_CONST) {
10540
10541 }
10542 } else {
10543 if(!ce->constructor) {
10544 zend_error_noreturn(E_ERROR, "Cannot call constructor");
10545 }
10546 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
10547 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
10548 }
10549 EX(fbc) = ce->constructor;
10550 }
10551
10552 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
10553 EX(object) = NULL;
10554 } else {
10555 if (EG(This) &&
10556 Z_OBJ_HT_P(EG(This))->get_class_entry &&
10557 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
10558 /* We are calling method of the other (incompatible) class,
10559 but passing $this. This is done for compatibility with php-4. */
10560 int severity;
10561 char *verb;
10562 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
10563 severity = E_STRICT;
10564 verb = "should not";
10565 } else {
10566 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
10567 severity = E_ERROR;
10568 verb = "cannot";
10569 }
10570 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
10571
10572 }
10573 if ((EX(object) = EG(This))) {
10574 Z_ADDREF_P(EX(object));
10575 EX(called_scope) = Z_OBJCE_P(EX(object));
10576 }
10577 }
10578
10579 ZEND_VM_NEXT_OPCODE();
10580 }
10581
ZEND_CASE_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10582 static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10583 {
10584 zend_op *opline = EX(opline);
10585 int switch_expr_is_overloaded=0;
10586 zend_free_op free_op1;
10587
10588 if (IS_VAR==IS_VAR) {
10589 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
10590 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
10591 } else {
10592 switch_expr_is_overloaded = 1;
10593 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
10594 }
10595 }
10596 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
10597 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
10598 &opline->op2.u.constant TSRMLS_CC);
10599
10600 if (switch_expr_is_overloaded) {
10601 /* We only free op1 if this is a string offset,
10602 * Since if it is a TMP_VAR, it'll be reused by
10603 * other CASE opcodes (whereas string offsets
10604 * are allocated at each get_zval_ptr())
10605 */
10606 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10607 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
10608 EX_T(opline->op1.u.var).var.ptr = NULL;
10609 }
10610 ZEND_VM_NEXT_OPCODE();
10611 }
10612
ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10613 static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10614 {
10615 zend_op *opline = EX(opline);
10616
10617 if (IS_VAR == IS_UNUSED) {
10618 /* namespaced constant */
10619 if (!zend_get_constant_ex(Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant), &EX_T(opline->result.u.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) {
10620 if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) {
10621 char *actual = (char *)zend_memrchr(Z_STRVAL(opline->op2.u.constant), '\\', Z_STRLEN(opline->op2.u.constant));
10622 if(!actual) {
10623 actual = Z_STRVAL(opline->op2.u.constant);
10624 } else {
10625 actual++;
10626 }
10627 /* non-qualified constant - allow text substitution */
10628 zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual);
10629 ZVAL_STRINGL(&EX_T(opline->result.u.var).tmp_var, actual, Z_STRLEN(opline->op2.u.constant)-(actual - Z_STRVAL(opline->op2.u.constant)), 1);
10630 } else {
10631 zend_error_noreturn(E_ERROR, "Undefined constant '%s'",
10632 Z_STRVAL(opline->op2.u.constant), Z_STRVAL(opline->op2.u.constant));
10633 }
10634 }
10635 ZEND_VM_NEXT_OPCODE();
10636 } else {
10637 /* class constant */
10638 zend_class_entry *ce;
10639 zval **value;
10640
10641 if (IS_VAR == IS_CONST) {
10642
10643 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
10644 if (UNEXPECTED(EG(exception) != NULL)) {
10645 ZEND_VM_CONTINUE();
10646 }
10647 if (!ce) {
10648 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
10649 }
10650 } else {
10651 ce = EX_T(opline->op1.u.var).class_entry;
10652 }
10653
10654 if (zend_hash_find(&ce->constants_table, Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant)+1, (void **) &value) == SUCCESS) {
10655 if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY ||
10656 (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) {
10657 zend_class_entry *old_scope = EG(scope);
10658
10659 EG(scope) = ce;
10660 zval_update_constant(value, (void *) 1 TSRMLS_CC);
10661 EG(scope) = old_scope;
10662 }
10663 EX_T(opline->result.u.var).tmp_var = **value;
10664 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
10665 } else {
10666 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
10667 }
10668
10669 ZEND_VM_NEXT_OPCODE();
10670 }
10671 }
10672
ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10673 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10674 {
10675 zend_op *opline = EX(opline);
10676 zend_free_op free_op1;
10677 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
10678 zval *expr_ptr;
10679 zval *offset=&opline->op2.u.constant;
10680
10681 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
10682 zval **expr_ptr_ptr = NULL;
10683
10684 if (opline->extended_value) {
10685 expr_ptr_ptr=_get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10686 expr_ptr = *expr_ptr_ptr;
10687 } else {
10688 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10689 }
10690 #else
10691 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10692 #endif
10693
10694 if (0) { /* temporary variable */
10695 zval *new_expr;
10696
10697 ALLOC_ZVAL(new_expr);
10698 INIT_PZVAL_COPY(new_expr, expr_ptr);
10699 expr_ptr = new_expr;
10700 } else {
10701 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
10702 if (opline->extended_value) {
10703 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
10704 expr_ptr = *expr_ptr_ptr;
10705 Z_ADDREF_P(expr_ptr);
10706 } else
10707 #endif
10708 if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
10709 zval *new_expr;
10710
10711 ALLOC_ZVAL(new_expr);
10712 INIT_PZVAL_COPY(new_expr, expr_ptr);
10713 expr_ptr = new_expr;
10714 zendi_zval_copy_ctor(*expr_ptr);
10715 } else {
10716 Z_ADDREF_P(expr_ptr);
10717 }
10718 }
10719 if (offset) {
10720 switch (Z_TYPE_P(offset)) {
10721 case IS_DOUBLE:
10722 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
10723 break;
10724 case IS_LONG:
10725 case IS_BOOL:
10726 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
10727 break;
10728 case IS_STRING:
10729 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
10730 break;
10731 case IS_NULL:
10732 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
10733 break;
10734 default:
10735 zend_error(E_WARNING, "Illegal offset type");
10736 zval_ptr_dtor(&expr_ptr);
10737 /* do nothing */
10738 break;
10739 }
10740
10741 } else {
10742 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
10743 }
10744 if (opline->extended_value) {
10745 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10746 } else {
10747 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10748 }
10749 ZEND_VM_NEXT_OPCODE();
10750 }
10751
ZEND_INIT_ARRAY_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10752 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10753 {
10754 zend_op *opline = EX(opline);
10755
10756 array_init(&EX_T(opline->result.u.var).tmp_var);
10757 if (IS_VAR == IS_UNUSED) {
10758 ZEND_VM_NEXT_OPCODE();
10759 #if 0 || IS_VAR != IS_UNUSED
10760 } else {
10761 return ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
10762 #endif
10763 }
10764 }
10765
ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10766 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10767 {
10768 zend_op *opline = EX(opline);
10769 zend_free_op free_op1;
10770 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10771 zval *offset;
10772
10773 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
10774 SEPARATE_ZVAL_IF_NOT_REF(container);
10775 }
10776 offset = &opline->op2.u.constant;
10777
10778 if (IS_VAR != IS_VAR || container) {
10779 switch (Z_TYPE_PP(container)) {
10780 case IS_ARRAY: {
10781 HashTable *ht = Z_ARRVAL_PP(container);
10782
10783 switch (Z_TYPE_P(offset)) {
10784 case IS_DOUBLE:
10785 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
10786 break;
10787 case IS_RESOURCE:
10788 case IS_BOOL:
10789 case IS_LONG:
10790 zend_hash_index_del(ht, Z_LVAL_P(offset));
10791 break;
10792 case IS_STRING:
10793 if (IS_CONST == IS_CV || IS_CONST == IS_VAR) {
10794 Z_ADDREF_P(offset);
10795 }
10796 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
10797 ht == &EG(symbol_table)) {
10798 zend_execute_data *ex;
10799 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
10800
10801 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
10802 if (ex->op_array && ex->symbol_table == ht) {
10803 int i;
10804
10805 for (i = 0; i < ex->op_array->last_var; i++) {
10806 if (ex->op_array->vars[i].hash_value == hash_value &&
10807 ex->op_array->vars[i].name_len == offset->value.str.len &&
10808 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
10809 ex->CVs[i] = NULL;
10810 break;
10811 }
10812 }
10813 }
10814 }
10815 }
10816 if (IS_CONST == IS_CV || IS_CONST == IS_VAR) {
10817 zval_ptr_dtor(&offset);
10818 }
10819 break;
10820 case IS_NULL:
10821 zend_hash_del(ht, "", sizeof(""));
10822 break;
10823 default:
10824 zend_error(E_WARNING, "Illegal offset type in unset");
10825 break;
10826 }
10827
10828 break;
10829 }
10830 case IS_OBJECT:
10831 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
10832 zend_error_noreturn(E_ERROR, "Cannot use object as array");
10833 }
10834 if (0) {
10835 MAKE_REAL_ZVAL_PTR(offset);
10836 }
10837 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
10838 if (0) {
10839 zval_ptr_dtor(&offset);
10840 } else {
10841
10842 }
10843 break;
10844 case IS_STRING:
10845 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
10846 ZEND_VM_CONTINUE(); /* bailed out before */
10847 default:
10848
10849 break;
10850 }
10851 } else {
10852
10853 }
10854 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10855
10856 ZEND_VM_NEXT_OPCODE();
10857 }
10858
ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)10859 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
10860 {
10861 zend_op *opline = EX(opline);
10862 zend_free_op free_op1;
10863 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10864 zval *offset = &opline->op2.u.constant;
10865
10866 if (IS_VAR != IS_VAR || container) {
10867 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
10868 SEPARATE_ZVAL_IF_NOT_REF(container);
10869 }
10870 if (Z_TYPE_PP(container) == IS_OBJECT) {
10871 if (0) {
10872 MAKE_REAL_ZVAL_PTR(offset);
10873 }
10874 if (Z_OBJ_HT_P(*container)->unset_property) {
10875 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
10876 } else {
10877 zend_error(E_NOTICE, "Trying to unset property of non-object");
10878 }
10879 if (0) {
10880 zval_ptr_dtor(&offset);
10881 } else {
10882
10883 }
10884 } else {
10885
10886 }
10887 } else {
10888
10889 }
10890 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
10891
10892 ZEND_VM_NEXT_OPCODE();
10893 }
10894
zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)10895 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
10896 {
10897 zend_op *opline = EX(opline);
10898 zend_free_op free_op1;
10899 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
10900 zval **value = NULL;
10901 int result = 0;
10902
10903 if (IS_VAR != IS_VAR || container) {
10904
10905 zval *offset = &opline->op2.u.constant;
10906
10907 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
10908 HashTable *ht;
10909 int isset = 0;
10910
10911 ht = Z_ARRVAL_PP(container);
10912
10913 switch (Z_TYPE_P(offset)) {
10914 case IS_DOUBLE:
10915 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
10916 isset = 1;
10917 }
10918 break;
10919 case IS_RESOURCE:
10920 case IS_BOOL:
10921 case IS_LONG:
10922 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
10923 isset = 1;
10924 }
10925 break;
10926 case IS_STRING:
10927 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
10928 isset = 1;
10929 }
10930 break;
10931 case IS_NULL:
10932 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
10933 isset = 1;
10934 }
10935 break;
10936 default:
10937 zend_error(E_WARNING, "Illegal offset type in isset or empty");
10938
10939 break;
10940 }
10941
10942 switch (opline->extended_value) {
10943 case ZEND_ISSET:
10944 if (isset && Z_TYPE_PP(value) == IS_NULL) {
10945 result = 0;
10946 } else {
10947 result = isset;
10948 }
10949 break;
10950 case ZEND_ISEMPTY:
10951 if (!isset || !i_zend_is_true(*value)) {
10952 result = 0;
10953 } else {
10954 result = 1;
10955 }
10956 break;
10957 }
10958
10959 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
10960 if (0) {
10961 MAKE_REAL_ZVAL_PTR(offset);
10962 }
10963 if (prop_dim) {
10964 if (Z_OBJ_HT_P(*container)->has_property) {
10965 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
10966 } else {
10967 zend_error(E_NOTICE, "Trying to check property of non-object");
10968 result = 0;
10969 }
10970 } else {
10971 if (Z_OBJ_HT_P(*container)->has_dimension) {
10972 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
10973 } else {
10974 zend_error(E_NOTICE, "Trying to check element of non-array");
10975 result = 0;
10976 }
10977 }
10978 if (0) {
10979 zval_ptr_dtor(&offset);
10980 } else {
10981
10982 }
10983 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
10984 zval tmp;
10985
10986 if (Z_TYPE_P(offset) != IS_LONG) {
10987 tmp = *offset;
10988 zval_copy_ctor(&tmp);
10989 convert_to_long(&tmp);
10990 offset = &tmp;
10991 }
10992 if (Z_TYPE_P(offset) == IS_LONG) {
10993 switch (opline->extended_value) {
10994 case ZEND_ISSET:
10995 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
10996 result = 1;
10997 }
10998 break;
10999 case ZEND_ISEMPTY:
11000 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
11001 result = 1;
11002 }
11003 break;
11004 }
11005 }
11006
11007 } else {
11008
11009 }
11010 }
11011
11012 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
11013
11014 switch (opline->extended_value) {
11015 case ZEND_ISSET:
11016 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
11017 break;
11018 case ZEND_ISEMPTY:
11019 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
11020 break;
11021 }
11022
11023 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11024
11025 ZEND_VM_NEXT_OPCODE();
11026 }
11027
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11028 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11029 {
11030 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11031 }
11032
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11033 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11034 {
11035 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11036 }
11037
ZEND_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11038 static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11039 {
11040 zend_op *opline = EX(opline);
11041 zend_free_op free_op1, free_op2;
11042
11043 add_function(&EX_T(opline->result.u.var).tmp_var,
11044 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11045 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11046 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11047 zval_dtor(free_op2.var);
11048 ZEND_VM_NEXT_OPCODE();
11049 }
11050
ZEND_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11051 static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11052 {
11053 zend_op *opline = EX(opline);
11054 zend_free_op free_op1, free_op2;
11055
11056 sub_function(&EX_T(opline->result.u.var).tmp_var,
11057 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11058 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11059 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11060 zval_dtor(free_op2.var);
11061 ZEND_VM_NEXT_OPCODE();
11062 }
11063
ZEND_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11064 static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11065 {
11066 zend_op *opline = EX(opline);
11067 zend_free_op free_op1, free_op2;
11068
11069 mul_function(&EX_T(opline->result.u.var).tmp_var,
11070 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11071 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11072 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11073 zval_dtor(free_op2.var);
11074 ZEND_VM_NEXT_OPCODE();
11075 }
11076
ZEND_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11077 static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11078 {
11079 zend_op *opline = EX(opline);
11080 zend_free_op free_op1, free_op2;
11081
11082 div_function(&EX_T(opline->result.u.var).tmp_var,
11083 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11084 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11085 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11086 zval_dtor(free_op2.var);
11087 ZEND_VM_NEXT_OPCODE();
11088 }
11089
ZEND_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11090 static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11091 {
11092 zend_op *opline = EX(opline);
11093 zend_free_op free_op1, free_op2;
11094
11095 mod_function(&EX_T(opline->result.u.var).tmp_var,
11096 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11097 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11098 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11099 zval_dtor(free_op2.var);
11100 ZEND_VM_NEXT_OPCODE();
11101 }
11102
ZEND_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11103 static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11104 {
11105 zend_op *opline = EX(opline);
11106 zend_free_op free_op1, free_op2;
11107
11108 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
11109 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11110 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11111 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11112 zval_dtor(free_op2.var);
11113 ZEND_VM_NEXT_OPCODE();
11114 }
11115
ZEND_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11116 static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11117 {
11118 zend_op *opline = EX(opline);
11119 zend_free_op free_op1, free_op2;
11120
11121 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
11122 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11123 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11124 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11125 zval_dtor(free_op2.var);
11126 ZEND_VM_NEXT_OPCODE();
11127 }
11128
ZEND_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11129 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11130 {
11131 zend_op *opline = EX(opline);
11132 zend_free_op free_op1, free_op2;
11133
11134 concat_function(&EX_T(opline->result.u.var).tmp_var,
11135 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11136 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11137 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11138 zval_dtor(free_op2.var);
11139 ZEND_VM_NEXT_OPCODE();
11140 }
11141
ZEND_IS_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11142 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11143 {
11144 zend_op *opline = EX(opline);
11145 zend_free_op free_op1, free_op2;
11146
11147 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
11148 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11149 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11150 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11151 zval_dtor(free_op2.var);
11152 ZEND_VM_NEXT_OPCODE();
11153 }
11154
ZEND_IS_NOT_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11155 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11156 {
11157 zend_op *opline = EX(opline);
11158 zend_free_op free_op1, free_op2;
11159 zval *result = &EX_T(opline->result.u.var).tmp_var;
11160
11161 is_identical_function(result,
11162 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11163 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11164 Z_LVAL_P(result) = !Z_LVAL_P(result);
11165 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11166 zval_dtor(free_op2.var);
11167 ZEND_VM_NEXT_OPCODE();
11168 }
11169
ZEND_IS_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11170 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11171 {
11172 zend_op *opline = EX(opline);
11173 zend_free_op free_op1, free_op2;
11174 zval *result = &EX_T(opline->result.u.var).tmp_var;
11175
11176 compare_function(result,
11177 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11178 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11179 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
11180 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11181 zval_dtor(free_op2.var);
11182 ZEND_VM_NEXT_OPCODE();
11183 }
11184
ZEND_IS_NOT_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11185 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11186 {
11187 zend_op *opline = EX(opline);
11188 zend_free_op free_op1, free_op2;
11189 zval *result = &EX_T(opline->result.u.var).tmp_var;
11190
11191 compare_function(result,
11192 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11193 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11194 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
11195 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11196 zval_dtor(free_op2.var);
11197 ZEND_VM_NEXT_OPCODE();
11198 }
11199
ZEND_IS_SMALLER_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11200 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11201 {
11202 zend_op *opline = EX(opline);
11203 zend_free_op free_op1, free_op2;
11204 zval *result = &EX_T(opline->result.u.var).tmp_var;
11205
11206 compare_function(result,
11207 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11208 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11209 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
11210 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11211 zval_dtor(free_op2.var);
11212 ZEND_VM_NEXT_OPCODE();
11213 }
11214
ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11215 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11216 {
11217 zend_op *opline = EX(opline);
11218 zend_free_op free_op1, free_op2;
11219 zval *result = &EX_T(opline->result.u.var).tmp_var;
11220
11221 compare_function(result,
11222 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11223 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11224 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
11225 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11226 zval_dtor(free_op2.var);
11227 ZEND_VM_NEXT_OPCODE();
11228 }
11229
ZEND_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11230 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11231 {
11232 zend_op *opline = EX(opline);
11233 zend_free_op free_op1, free_op2;
11234
11235 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
11236 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11237 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11238 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11239 zval_dtor(free_op2.var);
11240 ZEND_VM_NEXT_OPCODE();
11241 }
11242
ZEND_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11243 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11244 {
11245 zend_op *opline = EX(opline);
11246 zend_free_op free_op1, free_op2;
11247
11248 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
11249 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11250 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11251 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11252 zval_dtor(free_op2.var);
11253 ZEND_VM_NEXT_OPCODE();
11254 }
11255
ZEND_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11256 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11257 {
11258 zend_op *opline = EX(opline);
11259 zend_free_op free_op1, free_op2;
11260
11261 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
11262 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11263 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11264 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11265 zval_dtor(free_op2.var);
11266 ZEND_VM_NEXT_OPCODE();
11267 }
11268
ZEND_BOOL_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11269 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11270 {
11271 zend_op *opline = EX(opline);
11272 zend_free_op free_op1, free_op2;
11273
11274 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
11275 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
11276 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
11277 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11278 zval_dtor(free_op2.var);
11279 ZEND_VM_NEXT_OPCODE();
11280 }
11281
zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)11282 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
11283 {
11284 zend_op *opline = EX(opline);
11285 zend_op *op_data = opline+1;
11286 zend_free_op free_op1, free_op2, free_op_data1;
11287 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11288 zval *object;
11289 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11290 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
11291 znode *result = &opline->result;
11292 int have_get_ptr = 0;
11293
11294 if (IS_VAR == IS_VAR && !object_ptr) {
11295 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
11296 }
11297
11298 EX_T(result->u.var).var.ptr_ptr = NULL;
11299 make_real_object(object_ptr TSRMLS_CC);
11300 object = *object_ptr;
11301
11302 if (Z_TYPE_P(object) != IS_OBJECT) {
11303 zend_error(E_WARNING, "Attempt to assign property of non-object");
11304 zval_dtor(free_op2.var);
11305 FREE_OP(free_op_data1);
11306
11307 if (!RETURN_VALUE_UNUSED(result)) {
11308 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
11309 EX_T(result->u.var).var.ptr_ptr = NULL;
11310 PZVAL_LOCK(EG(uninitialized_zval_ptr));
11311 }
11312 } else {
11313 /* here we are sure we are dealing with an object */
11314 if (1) {
11315 MAKE_REAL_ZVAL_PTR(property);
11316 }
11317
11318 /* here property is a string */
11319 if (opline->extended_value == ZEND_ASSIGN_OBJ
11320 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
11321 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
11322 if (zptr != NULL) { /* NULL means no success in getting PTR */
11323 SEPARATE_ZVAL_IF_NOT_REF(zptr);
11324
11325 have_get_ptr = 1;
11326 binary_op(*zptr, *zptr, value TSRMLS_CC);
11327 if (!RETURN_VALUE_UNUSED(result)) {
11328 EX_T(result->u.var).var.ptr = *zptr;
11329 EX_T(result->u.var).var.ptr_ptr = NULL;
11330 PZVAL_LOCK(*zptr);
11331 }
11332 }
11333 }
11334
11335 if (!have_get_ptr) {
11336 zval *z = NULL;
11337
11338 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
11339 if (Z_OBJ_HT_P(object)->read_property) {
11340 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
11341 }
11342 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
11343 if (Z_OBJ_HT_P(object)->read_dimension) {
11344 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
11345 }
11346 }
11347 if (z) {
11348 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
11349 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
11350
11351 if (Z_REFCOUNT_P(z) == 0) {
11352 GC_REMOVE_ZVAL_FROM_BUFFER(z);
11353 zval_dtor(z);
11354 FREE_ZVAL(z);
11355 }
11356 z = value;
11357 }
11358 Z_ADDREF_P(z);
11359 SEPARATE_ZVAL_IF_NOT_REF(&z);
11360 binary_op(z, z, value TSRMLS_CC);
11361 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
11362 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
11363 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
11364 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
11365 }
11366 if (!RETURN_VALUE_UNUSED(result)) {
11367 EX_T(result->u.var).var.ptr = z;
11368 EX_T(result->u.var).var.ptr_ptr = NULL;
11369 PZVAL_LOCK(z);
11370 }
11371 zval_ptr_dtor(&z);
11372 } else {
11373 zend_error(E_WARNING, "Attempt to assign property of non-object");
11374 if (!RETURN_VALUE_UNUSED(result)) {
11375 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
11376 EX_T(result->u.var).var.ptr_ptr = NULL;
11377 PZVAL_LOCK(EG(uninitialized_zval_ptr));
11378 }
11379 }
11380 }
11381
11382 if (1) {
11383 zval_ptr_dtor(&property);
11384 } else {
11385 zval_dtor(free_op2.var);
11386 }
11387 FREE_OP(free_op_data1);
11388 }
11389
11390 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11391 /* assign_obj has two opcodes! */
11392 ZEND_VM_INC_OPCODE();
11393 ZEND_VM_NEXT_OPCODE();
11394 }
11395
zend_binary_assign_op_helper_SPEC_VAR_TMP(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)11396 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
11397 {
11398 zend_op *opline = EX(opline);
11399 zend_free_op free_op1, free_op2, free_op_data2, free_op_data1;
11400 zval **var_ptr;
11401 zval *value;
11402
11403 switch (opline->extended_value) {
11404 case ZEND_ASSIGN_OBJ:
11405 return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11406 break;
11407 case ZEND_ASSIGN_DIM: {
11408 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11409
11410 if (IS_VAR == IS_VAR && !container) {
11411 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11412 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
11413 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
11414 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
11415 }
11416 return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11417 } else {
11418 zend_op *op_data = opline+1;
11419 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11420
11421 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 1, BP_VAR_RW TSRMLS_CC);
11422 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
11423 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
11424 ZEND_VM_INC_OPCODE();
11425 }
11426 }
11427 break;
11428 default:
11429 value = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11430 var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11431 /* do nothing */
11432 break;
11433 }
11434
11435 if (!var_ptr) {
11436 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
11437 }
11438
11439 if (*var_ptr == EG(error_zval_ptr)) {
11440 if (!RETURN_VALUE_UNUSED(&opline->result)) {
11441 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
11442 PZVAL_LOCK(EG(uninitialized_zval_ptr));
11443 }
11444 zval_dtor(free_op2.var);
11445 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11446 ZEND_VM_NEXT_OPCODE();
11447 }
11448
11449 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
11450
11451 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
11452 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
11453 /* proxy object */
11454 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
11455 Z_ADDREF_P(objval);
11456 binary_op(objval, objval, value TSRMLS_CC);
11457 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
11458 zval_ptr_dtor(&objval);
11459 } else {
11460 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
11461 }
11462
11463 if (!RETURN_VALUE_UNUSED(&opline->result)) {
11464 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
11465 PZVAL_LOCK(*var_ptr);
11466 }
11467 zval_dtor(free_op2.var);
11468
11469 if (opline->extended_value == ZEND_ASSIGN_DIM) {
11470 FREE_OP(free_op_data1);
11471 FREE_OP_VAR_PTR(free_op_data2);
11472 }
11473 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11474 ZEND_VM_NEXT_OPCODE();
11475 }
11476
ZEND_ASSIGN_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11477 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11478 {
11479 return zend_binary_assign_op_helper_SPEC_VAR_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11480 }
11481
ZEND_ASSIGN_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11482 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11483 {
11484 return zend_binary_assign_op_helper_SPEC_VAR_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11485 }
11486
ZEND_ASSIGN_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11487 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11488 {
11489 return zend_binary_assign_op_helper_SPEC_VAR_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11490 }
11491
ZEND_ASSIGN_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11492 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11493 {
11494 return zend_binary_assign_op_helper_SPEC_VAR_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11495 }
11496
ZEND_ASSIGN_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11497 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11498 {
11499 return zend_binary_assign_op_helper_SPEC_VAR_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11500 }
11501
ZEND_ASSIGN_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11502 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11503 {
11504 return zend_binary_assign_op_helper_SPEC_VAR_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11505 }
11506
ZEND_ASSIGN_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11507 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11508 {
11509 return zend_binary_assign_op_helper_SPEC_VAR_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11510 }
11511
ZEND_ASSIGN_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11512 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11513 {
11514 return zend_binary_assign_op_helper_SPEC_VAR_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11515 }
11516
ZEND_ASSIGN_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11517 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11518 {
11519 return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11520 }
11521
ZEND_ASSIGN_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11522 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11523 {
11524 return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11525 }
11526
ZEND_ASSIGN_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11527 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11528 {
11529 return zend_binary_assign_op_helper_SPEC_VAR_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11530 }
11531
zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)11532 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
11533 {
11534 zend_op *opline = EX(opline);
11535 zend_free_op free_op1, free_op2;
11536 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11537 zval *object;
11538 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11539 zval **retval = &EX_T(opline->result.u.var).var.ptr;
11540 int have_get_ptr = 0;
11541
11542 if (IS_VAR == IS_VAR && !object_ptr) {
11543 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
11544 }
11545
11546 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
11547 object = *object_ptr;
11548
11549 if (Z_TYPE_P(object) != IS_OBJECT) {
11550 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
11551 zval_dtor(free_op2.var);
11552 if (!RETURN_VALUE_UNUSED(&opline->result)) {
11553 *retval = EG(uninitialized_zval_ptr);
11554 PZVAL_LOCK(*retval);
11555 }
11556 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11557 ZEND_VM_NEXT_OPCODE();
11558 }
11559
11560 /* here we are sure we are dealing with an object */
11561
11562 if (1) {
11563 MAKE_REAL_ZVAL_PTR(property);
11564 }
11565
11566 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
11567 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
11568 if (zptr != NULL) { /* NULL means no success in getting PTR */
11569 SEPARATE_ZVAL_IF_NOT_REF(zptr);
11570
11571 have_get_ptr = 1;
11572 incdec_op(*zptr);
11573 if (!RETURN_VALUE_UNUSED(&opline->result)) {
11574 *retval = *zptr;
11575 PZVAL_LOCK(*retval);
11576 }
11577 }
11578 }
11579
11580 if (!have_get_ptr) {
11581 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
11582 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
11583
11584 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
11585 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
11586
11587 if (Z_REFCOUNT_P(z) == 0) {
11588 GC_REMOVE_ZVAL_FROM_BUFFER(z);
11589 zval_dtor(z);
11590 FREE_ZVAL(z);
11591 }
11592 z = value;
11593 }
11594 Z_ADDREF_P(z);
11595 SEPARATE_ZVAL_IF_NOT_REF(&z);
11596 incdec_op(z);
11597 *retval = z;
11598 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
11599 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
11600 zval_ptr_dtor(&z);
11601 } else {
11602 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
11603 if (!RETURN_VALUE_UNUSED(&opline->result)) {
11604 *retval = EG(uninitialized_zval_ptr);
11605 PZVAL_LOCK(*retval);
11606 }
11607 }
11608 }
11609
11610 if (1) {
11611 zval_ptr_dtor(&property);
11612 } else {
11613 zval_dtor(free_op2.var);
11614 }
11615 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11616 ZEND_VM_NEXT_OPCODE();
11617 }
11618
ZEND_PRE_INC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11619 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11620 {
11621 return zend_pre_incdec_property_helper_SPEC_VAR_TMP(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11622 }
11623
ZEND_PRE_DEC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11624 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11625 {
11626 return zend_pre_incdec_property_helper_SPEC_VAR_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11627 }
11628
zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)11629 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
11630 {
11631 zend_op *opline = EX(opline);
11632 zend_free_op free_op1, free_op2;
11633 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11634 zval *object;
11635 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11636 zval *retval = &EX_T(opline->result.u.var).tmp_var;
11637 int have_get_ptr = 0;
11638
11639 if (IS_VAR == IS_VAR && !object_ptr) {
11640 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
11641 }
11642
11643 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
11644 object = *object_ptr;
11645
11646 if (Z_TYPE_P(object) != IS_OBJECT) {
11647 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
11648 zval_dtor(free_op2.var);
11649 *retval = *EG(uninitialized_zval_ptr);
11650 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11651 ZEND_VM_NEXT_OPCODE();
11652 }
11653
11654 /* here we are sure we are dealing with an object */
11655
11656 if (1) {
11657 MAKE_REAL_ZVAL_PTR(property);
11658 }
11659
11660 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
11661 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
11662 if (zptr != NULL) { /* NULL means no success in getting PTR */
11663 have_get_ptr = 1;
11664 SEPARATE_ZVAL_IF_NOT_REF(zptr);
11665
11666 *retval = **zptr;
11667 zendi_zval_copy_ctor(*retval);
11668
11669 incdec_op(*zptr);
11670
11671 }
11672 }
11673
11674 if (!have_get_ptr) {
11675 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
11676 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
11677 zval *z_copy;
11678
11679 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
11680 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
11681
11682 if (Z_REFCOUNT_P(z) == 0) {
11683 GC_REMOVE_ZVAL_FROM_BUFFER(z);
11684 zval_dtor(z);
11685 FREE_ZVAL(z);
11686 }
11687 z = value;
11688 }
11689 *retval = *z;
11690 zendi_zval_copy_ctor(*retval);
11691 ALLOC_ZVAL(z_copy);
11692 *z_copy = *z;
11693 zendi_zval_copy_ctor(*z_copy);
11694 INIT_PZVAL(z_copy);
11695 incdec_op(z_copy);
11696 Z_ADDREF_P(z);
11697 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
11698 zval_ptr_dtor(&z_copy);
11699 zval_ptr_dtor(&z);
11700 } else {
11701 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
11702 *retval = *EG(uninitialized_zval_ptr);
11703 }
11704 }
11705
11706 if (1) {
11707 zval_ptr_dtor(&property);
11708 } else {
11709 zval_dtor(free_op2.var);
11710 }
11711 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11712 ZEND_VM_NEXT_OPCODE();
11713 }
11714
ZEND_POST_INC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11715 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11716 {
11717 return zend_post_incdec_property_helper_SPEC_VAR_TMP(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11718 }
11719
ZEND_POST_DEC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11720 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11721 {
11722 return zend_post_incdec_property_helper_SPEC_VAR_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11723 }
11724
ZEND_FETCH_DIM_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11725 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11726 {
11727 zend_op *opline = EX(opline);
11728 zend_free_op free_op1, free_op2;
11729 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11730 zval **container;
11731
11732 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
11733 IS_VAR != IS_CV &&
11734 EX_T(opline->op1.u.var).var.ptr_ptr) {
11735 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
11736 }
11737 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11738 if (IS_VAR == IS_VAR && !container) {
11739 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11740 }
11741 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_R TSRMLS_CC);
11742 zval_dtor(free_op2.var);
11743 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11744 ZEND_VM_NEXT_OPCODE();
11745 }
11746
ZEND_FETCH_DIM_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11747 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11748 {
11749 zend_op *opline = EX(opline);
11750 zend_free_op free_op1, free_op2;
11751 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11752 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11753
11754 if (IS_VAR == IS_VAR && !container) {
11755 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11756 }
11757 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_W TSRMLS_CC);
11758 zval_dtor(free_op2.var);
11759 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
11760 READY_TO_DESTROY(free_op1.var)) {
11761 AI_USE_PTR(EX_T(opline->result.u.var).var);
11762 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
11763 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
11764 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
11765 }
11766 }
11767 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11768
11769 /* We are going to assign the result by reference */
11770 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
11771 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
11772 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
11773 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
11774 }
11775
11776 ZEND_VM_NEXT_OPCODE();
11777 }
11778
ZEND_FETCH_DIM_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11779 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11780 {
11781 zend_op *opline = EX(opline);
11782 zend_free_op free_op1, free_op2;
11783 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11784 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11785
11786 if (IS_VAR == IS_VAR && !container) {
11787 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11788 }
11789 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_RW TSRMLS_CC);
11790 zval_dtor(free_op2.var);
11791 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
11792 READY_TO_DESTROY(free_op1.var)) {
11793 AI_USE_PTR(EX_T(opline->result.u.var).var);
11794 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
11795 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
11796 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
11797 }
11798 }
11799 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11800 ZEND_VM_NEXT_OPCODE();
11801 }
11802
ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11803 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11804 {
11805 zend_op *opline = EX(opline);
11806 zend_free_op free_op1, free_op2;
11807 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11808 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11809
11810 if (IS_VAR == IS_VAR && !container) {
11811 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11812 }
11813 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_IS TSRMLS_CC);
11814 zval_dtor(free_op2.var);
11815 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11816 ZEND_VM_NEXT_OPCODE();
11817 }
11818
ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11819 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11820 {
11821 zend_op *opline = EX(opline);
11822 zend_free_op free_op1, free_op2;
11823 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11824 zval **container;
11825
11826 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
11827 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11828 if (IS_VAR == IS_VAR && !container) {
11829 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11830 }
11831 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_W TSRMLS_CC);
11832 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
11833 READY_TO_DESTROY(free_op1.var)) {
11834 AI_USE_PTR(EX_T(opline->result.u.var).var);
11835 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
11836 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
11837 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
11838 }
11839 }
11840 } else {
11841 if (IS_TMP_VAR == IS_UNUSED) {
11842 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
11843 }
11844 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11845 if (IS_VAR == IS_VAR && !container) {
11846 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11847 }
11848 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_R TSRMLS_CC);
11849 }
11850 zval_dtor(free_op2.var);
11851 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11852 ZEND_VM_NEXT_OPCODE();
11853 }
11854
ZEND_FETCH_DIM_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11855 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11856 {
11857 zend_op *opline = EX(opline);
11858 zend_free_op free_op1, free_op2;
11859 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11860 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11861
11862 /* Not needed in DIM_UNSET
11863 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
11864 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
11865 }
11866 */
11867 if (IS_VAR == IS_CV) {
11868 if (container != &EG(uninitialized_zval_ptr)) {
11869 SEPARATE_ZVAL_IF_NOT_REF(container);
11870 }
11871 }
11872 if (IS_VAR == IS_VAR && !container) {
11873 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
11874 }
11875 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_UNSET TSRMLS_CC);
11876 zval_dtor(free_op2.var);
11877 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
11878 READY_TO_DESTROY(free_op1.var)) {
11879 AI_USE_PTR(EX_T(opline->result.u.var).var);
11880 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
11881 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
11882 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
11883 }
11884 }
11885 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11886 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
11887 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
11888 } else {
11889 zend_free_op free_res;
11890
11891 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
11892 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
11893 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
11894 }
11895 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
11896 FREE_OP_VAR_PTR(free_res);
11897 }
11898 ZEND_VM_NEXT_OPCODE();
11899 }
11900
zend_fetch_property_address_read_helper_SPEC_VAR_TMP(int type,ZEND_OPCODE_HANDLER_ARGS)11901 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(int type, ZEND_OPCODE_HANDLER_ARGS)
11902 {
11903 zend_op *opline = EX(opline);
11904 zend_free_op free_op1;
11905 zval *container = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11906 zend_free_op free_op2;
11907 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11908
11909 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
11910 if (type != BP_VAR_IS) {
11911 zend_error(E_NOTICE, "Trying to get property of non-object");
11912 }
11913 if (!RETURN_VALUE_UNUSED(&opline->result)) {
11914 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
11915 PZVAL_LOCK(EG(uninitialized_zval_ptr));
11916 }
11917 zval_dtor(free_op2.var);
11918 } else {
11919 zval *retval;
11920
11921 if (1) {
11922 MAKE_REAL_ZVAL_PTR(offset);
11923 }
11924
11925 /* here we are sure we are dealing with an object */
11926 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
11927
11928 if (RETURN_VALUE_UNUSED(&opline->result)) {
11929 if (Z_REFCOUNT_P(retval) == 0) {
11930 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
11931 zval_dtor(retval);
11932 FREE_ZVAL(retval);
11933 }
11934 } else {
11935 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
11936 PZVAL_LOCK(retval);
11937 }
11938
11939 if (1) {
11940 zval_ptr_dtor(&offset);
11941 } else {
11942 zval_dtor(free_op2.var);
11943 }
11944 }
11945
11946 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11947 ZEND_VM_NEXT_OPCODE();
11948 }
11949
ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11950 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11951 {
11952 return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
11953 }
11954
ZEND_FETCH_OBJ_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)11955 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
11956 {
11957 zend_op *opline = EX(opline);
11958 zend_free_op free_op1, free_op2;
11959 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
11960 zval **container;
11961
11962 if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
11963 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
11964 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
11965 }
11966
11967 if (1) {
11968 MAKE_REAL_ZVAL_PTR(property);
11969 }
11970 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
11971 if (IS_VAR == IS_VAR && !container) {
11972 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
11973 }
11974 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
11975 if (1) {
11976 zval_ptr_dtor(&property);
11977 } else {
11978 zval_dtor(free_op2.var);
11979 }
11980 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
11981 READY_TO_DESTROY(free_op1.var)) {
11982 AI_USE_PTR(EX_T(opline->result.u.var).var);
11983 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
11984 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
11985 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
11986 }
11987 }
11988 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
11989
11990 /* We are going to assign the result by reference */
11991 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
11992 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
11993 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
11994 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
11995 }
11996
11997 ZEND_VM_NEXT_OPCODE();
11998 }
11999
ZEND_FETCH_OBJ_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12000 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12001 {
12002 zend_op *opline = EX(opline);
12003 zend_free_op free_op1, free_op2;
12004 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12005 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12006
12007 if (1) {
12008 MAKE_REAL_ZVAL_PTR(property);
12009 }
12010 if (IS_VAR == IS_VAR && !container) {
12011 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
12012 }
12013 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
12014 if (1) {
12015 zval_ptr_dtor(&property);
12016 } else {
12017 zval_dtor(free_op2.var);
12018 }
12019 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
12020 READY_TO_DESTROY(free_op1.var)) {
12021 AI_USE_PTR(EX_T(opline->result.u.var).var);
12022 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
12023 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
12024 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
12025 }
12026 }
12027 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12028 ZEND_VM_NEXT_OPCODE();
12029 }
12030
ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12031 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12032 {
12033 return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
12034 }
12035
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12036 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12037 {
12038 zend_op *opline = EX(opline);
12039
12040 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
12041 /* Behave like FETCH_OBJ_W */
12042 zend_free_op free_op1, free_op2;
12043 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12044 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12045
12046 if (1) {
12047 MAKE_REAL_ZVAL_PTR(property);
12048 }
12049 if (IS_VAR == IS_VAR && !container) {
12050 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
12051 }
12052 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
12053 if (1) {
12054 zval_ptr_dtor(&property);
12055 } else {
12056 zval_dtor(free_op2.var);
12057 }
12058 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
12059 READY_TO_DESTROY(free_op1.var)) {
12060 AI_USE_PTR(EX_T(opline->result.u.var).var);
12061 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
12062 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
12063 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
12064 }
12065 }
12066 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12067 ZEND_VM_NEXT_OPCODE();
12068 } else {
12069 return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
12070 }
12071 }
12072
ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12073 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12074 {
12075 zend_op *opline = EX(opline);
12076 zend_free_op free_op1, free_op2, free_res;
12077 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12078 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12079
12080 if (IS_VAR == IS_CV) {
12081 if (container != &EG(uninitialized_zval_ptr)) {
12082 SEPARATE_ZVAL_IF_NOT_REF(container);
12083 }
12084 }
12085 if (1) {
12086 MAKE_REAL_ZVAL_PTR(property);
12087 }
12088 if (IS_VAR == IS_VAR && !container) {
12089 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
12090 }
12091 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
12092 if (1) {
12093 zval_ptr_dtor(&property);
12094 } else {
12095 zval_dtor(free_op2.var);
12096 }
12097 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
12098 READY_TO_DESTROY(free_op1.var)) {
12099 AI_USE_PTR(EX_T(opline->result.u.var).var);
12100 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
12101 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
12102 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
12103 }
12104 }
12105 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12106
12107 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
12108 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
12109 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
12110 }
12111 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
12112 FREE_OP_VAR_PTR(free_res);
12113 ZEND_VM_NEXT_OPCODE();
12114 }
12115
ZEND_ASSIGN_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12116 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12117 {
12118 zend_op *opline = EX(opline);
12119 zend_op *op_data = opline+1;
12120 zend_free_op free_op1, free_op2;
12121 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12122 zval *property_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12123
12124 if (1) {
12125 MAKE_REAL_ZVAL_PTR(property_name);
12126 }
12127 if (IS_VAR == IS_VAR && !object_ptr) {
12128 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
12129 }
12130 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
12131 if (1) {
12132 zval_ptr_dtor(&property_name);
12133 } else {
12134 zval_dtor(free_op2.var);
12135 }
12136 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12137 /* assign_obj has two opcodes! */
12138 ZEND_VM_INC_OPCODE();
12139 ZEND_VM_NEXT_OPCODE();
12140 }
12141
ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12142 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12143 {
12144 zend_op *opline = EX(opline);
12145 zend_op *op_data = opline+1;
12146 zend_free_op free_op1;
12147 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12148
12149 if (IS_VAR == IS_VAR && !object_ptr) {
12150 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
12151 }
12152 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
12153 zend_free_op free_op2;
12154 zval *property_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12155
12156 if (1) {
12157 MAKE_REAL_ZVAL_PTR(property_name);
12158 }
12159 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
12160 if (1) {
12161 zval_ptr_dtor(&property_name);
12162 } else {
12163 zval_dtor(free_op2.var);
12164 }
12165 } else {
12166 zend_free_op free_op2, free_op_data1, free_op_data2;
12167 zval *value;
12168 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12169 zval **variable_ptr_ptr;
12170
12171 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 1, BP_VAR_W TSRMLS_CC);
12172 zval_dtor(free_op2.var);
12173
12174 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
12175 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
12176 if (!variable_ptr_ptr) {
12177 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
12178 if (!RETURN_VALUE_UNUSED(&opline->result)) {
12179 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
12180 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
12181 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
12182 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
12183 }
12184 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
12185 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
12186 PZVAL_LOCK(EG(uninitialized_zval_ptr));
12187 }
12188 } else {
12189 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
12190 if (!RETURN_VALUE_UNUSED(&opline->result)) {
12191 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
12192 PZVAL_LOCK(value);
12193 }
12194 }
12195 FREE_OP_VAR_PTR(free_op_data2);
12196 FREE_OP_IF_VAR(free_op_data1);
12197 }
12198 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12199 /* assign_dim has two opcodes! */
12200 ZEND_VM_INC_OPCODE();
12201 ZEND_VM_NEXT_OPCODE();
12202 }
12203
ZEND_ASSIGN_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12204 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12205 {
12206 zend_op *opline = EX(opline);
12207 zend_free_op free_op1, free_op2;
12208 zval *value = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12209 zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12210
12211 if (IS_VAR == IS_VAR && !variable_ptr_ptr) {
12212 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_TMP_VAR TSRMLS_CC)) {
12213 if (!RETURN_VALUE_UNUSED(&opline->result)) {
12214 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
12215 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
12216 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
12217 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
12218 }
12219 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
12220 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
12221 PZVAL_LOCK(EG(uninitialized_zval_ptr));
12222 }
12223 } else {
12224 value = zend_assign_to_variable(variable_ptr_ptr, value, 1 TSRMLS_CC);
12225 if (!RETURN_VALUE_UNUSED(&opline->result)) {
12226 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
12227 PZVAL_LOCK(value);
12228 }
12229 }
12230
12231 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12232
12233 /* zend_assign_to_variable() always takes care of op2, never free it! */
12234
12235 ZEND_VM_NEXT_OPCODE();
12236 }
12237
ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12238 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12239 {
12240 zend_op *opline = EX(opline);
12241 zval *function_name;
12242 char *function_name_strval;
12243 int function_name_strlen;
12244 zend_free_op free_op1, free_op2;
12245
12246 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
12247
12248 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12249
12250 if (Z_TYPE_P(function_name)!=IS_STRING) {
12251 zend_error_noreturn(E_ERROR, "Method name must be a string");
12252 }
12253
12254 function_name_strval = Z_STRVAL_P(function_name);
12255 function_name_strlen = Z_STRLEN_P(function_name);
12256
12257 EX(object) = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12258
12259 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
12260 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
12261 zend_error_noreturn(E_ERROR, "Object does not support method calls");
12262 }
12263
12264 /* First, locate the function. */
12265 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
12266 if (!EX(fbc)) {
12267 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
12268 }
12269
12270 EX(called_scope) = Z_OBJCE_P(EX(object));
12271 } else {
12272 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
12273 }
12274
12275 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
12276 EX(object) = NULL;
12277 } else {
12278 if (!PZVAL_IS_REF(EX(object))) {
12279 Z_ADDREF_P(EX(object)); /* For $this pointer */
12280 } else {
12281 zval *this_ptr;
12282 ALLOC_ZVAL(this_ptr);
12283 INIT_PZVAL_COPY(this_ptr, EX(object));
12284 zval_copy_ctor(this_ptr);
12285 EX(object) = this_ptr;
12286 }
12287 }
12288
12289 zval_dtor(free_op2.var);
12290 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12291
12292 ZEND_VM_NEXT_OPCODE();
12293 }
12294
ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12295 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12296 {
12297 zend_op *opline = EX(opline);
12298 zval *function_name;
12299 zend_class_entry *ce;
12300
12301 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
12302
12303 if (IS_VAR == IS_CONST) {
12304 /* no function found. try a static method in class */
12305 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
12306 if (UNEXPECTED(EG(exception) != NULL)) {
12307 ZEND_VM_CONTINUE();
12308 }
12309 if (!ce) {
12310 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
12311 }
12312 EX(called_scope) = ce;
12313 } else {
12314 ce = EX_T(opline->op1.u.var).class_entry;
12315
12316 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
12317 EX(called_scope) = EG(called_scope);
12318 } else {
12319 EX(called_scope) = ce;
12320 }
12321 }
12322 if(IS_TMP_VAR != IS_UNUSED) {
12323 char *function_name_strval = NULL;
12324 int function_name_strlen = 0;
12325 zend_free_op free_op2;
12326
12327 if (IS_TMP_VAR == IS_CONST) {
12328 function_name_strval = Z_STRVAL(opline->op2.u.constant);
12329 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
12330 } else {
12331 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12332
12333 if (Z_TYPE_P(function_name) != IS_STRING) {
12334 zend_error_noreturn(E_ERROR, "Function name must be a string");
12335 } else {
12336 function_name_strval = Z_STRVAL_P(function_name);
12337 function_name_strlen = Z_STRLEN_P(function_name);
12338 }
12339 }
12340
12341 if (function_name_strval) {
12342 if (ce->get_static_method) {
12343 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
12344 } else {
12345 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
12346 }
12347 if (!EX(fbc)) {
12348 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
12349 }
12350 }
12351
12352 if (IS_TMP_VAR != IS_CONST) {
12353 zval_dtor(free_op2.var);
12354 }
12355 } else {
12356 if(!ce->constructor) {
12357 zend_error_noreturn(E_ERROR, "Cannot call constructor");
12358 }
12359 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
12360 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
12361 }
12362 EX(fbc) = ce->constructor;
12363 }
12364
12365 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
12366 EX(object) = NULL;
12367 } else {
12368 if (EG(This) &&
12369 Z_OBJ_HT_P(EG(This))->get_class_entry &&
12370 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
12371 /* We are calling method of the other (incompatible) class,
12372 but passing $this. This is done for compatibility with php-4. */
12373 int severity;
12374 char *verb;
12375 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
12376 severity = E_STRICT;
12377 verb = "should not";
12378 } else {
12379 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
12380 severity = E_ERROR;
12381 verb = "cannot";
12382 }
12383 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
12384
12385 }
12386 if ((EX(object) = EG(This))) {
12387 Z_ADDREF_P(EX(object));
12388 EX(called_scope) = Z_OBJCE_P(EX(object));
12389 }
12390 }
12391
12392 ZEND_VM_NEXT_OPCODE();
12393 }
12394
ZEND_CASE_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12395 static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12396 {
12397 zend_op *opline = EX(opline);
12398 int switch_expr_is_overloaded=0;
12399 zend_free_op free_op1, free_op2;
12400
12401 if (IS_VAR==IS_VAR) {
12402 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
12403 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
12404 } else {
12405 switch_expr_is_overloaded = 1;
12406 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
12407 }
12408 }
12409 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
12410 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12411 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12412
12413 zval_dtor(free_op2.var);
12414 if (switch_expr_is_overloaded) {
12415 /* We only free op1 if this is a string offset,
12416 * Since if it is a TMP_VAR, it'll be reused by
12417 * other CASE opcodes (whereas string offsets
12418 * are allocated at each get_zval_ptr())
12419 */
12420 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12421 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
12422 EX_T(opline->op1.u.var).var.ptr = NULL;
12423 }
12424 ZEND_VM_NEXT_OPCODE();
12425 }
12426
ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12427 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12428 {
12429 zend_op *opline = EX(opline);
12430 zend_free_op free_op1, free_op2;
12431 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
12432 zval *expr_ptr;
12433 zval *offset=_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12434
12435 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
12436 zval **expr_ptr_ptr = NULL;
12437
12438 if (opline->extended_value) {
12439 expr_ptr_ptr=_get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12440 expr_ptr = *expr_ptr_ptr;
12441 } else {
12442 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12443 }
12444 #else
12445 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12446 #endif
12447
12448 if (0) { /* temporary variable */
12449 zval *new_expr;
12450
12451 ALLOC_ZVAL(new_expr);
12452 INIT_PZVAL_COPY(new_expr, expr_ptr);
12453 expr_ptr = new_expr;
12454 } else {
12455 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
12456 if (opline->extended_value) {
12457 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
12458 expr_ptr = *expr_ptr_ptr;
12459 Z_ADDREF_P(expr_ptr);
12460 } else
12461 #endif
12462 if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
12463 zval *new_expr;
12464
12465 ALLOC_ZVAL(new_expr);
12466 INIT_PZVAL_COPY(new_expr, expr_ptr);
12467 expr_ptr = new_expr;
12468 zendi_zval_copy_ctor(*expr_ptr);
12469 } else {
12470 Z_ADDREF_P(expr_ptr);
12471 }
12472 }
12473 if (offset) {
12474 switch (Z_TYPE_P(offset)) {
12475 case IS_DOUBLE:
12476 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
12477 break;
12478 case IS_LONG:
12479 case IS_BOOL:
12480 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
12481 break;
12482 case IS_STRING:
12483 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
12484 break;
12485 case IS_NULL:
12486 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
12487 break;
12488 default:
12489 zend_error(E_WARNING, "Illegal offset type");
12490 zval_ptr_dtor(&expr_ptr);
12491 /* do nothing */
12492 break;
12493 }
12494 zval_dtor(free_op2.var);
12495 } else {
12496 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
12497 }
12498 if (opline->extended_value) {
12499 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12500 } else {
12501 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12502 }
12503 ZEND_VM_NEXT_OPCODE();
12504 }
12505
ZEND_INIT_ARRAY_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12506 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12507 {
12508 zend_op *opline = EX(opline);
12509
12510 array_init(&EX_T(opline->result.u.var).tmp_var);
12511 if (IS_VAR == IS_UNUSED) {
12512 ZEND_VM_NEXT_OPCODE();
12513 #if 0 || IS_VAR != IS_UNUSED
12514 } else {
12515 return ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
12516 #endif
12517 }
12518 }
12519
ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12520 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12521 {
12522 zend_op *opline = EX(opline);
12523 zend_free_op free_op1, free_op2;
12524 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12525 zval *offset;
12526
12527 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
12528 SEPARATE_ZVAL_IF_NOT_REF(container);
12529 }
12530 offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12531
12532 if (IS_VAR != IS_VAR || container) {
12533 switch (Z_TYPE_PP(container)) {
12534 case IS_ARRAY: {
12535 HashTable *ht = Z_ARRVAL_PP(container);
12536
12537 switch (Z_TYPE_P(offset)) {
12538 case IS_DOUBLE:
12539 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
12540 break;
12541 case IS_RESOURCE:
12542 case IS_BOOL:
12543 case IS_LONG:
12544 zend_hash_index_del(ht, Z_LVAL_P(offset));
12545 break;
12546 case IS_STRING:
12547 if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) {
12548 Z_ADDREF_P(offset);
12549 }
12550 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
12551 ht == &EG(symbol_table)) {
12552 zend_execute_data *ex;
12553 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
12554
12555 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
12556 if (ex->op_array && ex->symbol_table == ht) {
12557 int i;
12558
12559 for (i = 0; i < ex->op_array->last_var; i++) {
12560 if (ex->op_array->vars[i].hash_value == hash_value &&
12561 ex->op_array->vars[i].name_len == offset->value.str.len &&
12562 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
12563 ex->CVs[i] = NULL;
12564 break;
12565 }
12566 }
12567 }
12568 }
12569 }
12570 if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) {
12571 zval_ptr_dtor(&offset);
12572 }
12573 break;
12574 case IS_NULL:
12575 zend_hash_del(ht, "", sizeof(""));
12576 break;
12577 default:
12578 zend_error(E_WARNING, "Illegal offset type in unset");
12579 break;
12580 }
12581 zval_dtor(free_op2.var);
12582 break;
12583 }
12584 case IS_OBJECT:
12585 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
12586 zend_error_noreturn(E_ERROR, "Cannot use object as array");
12587 }
12588 if (1) {
12589 MAKE_REAL_ZVAL_PTR(offset);
12590 }
12591 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
12592 if (1) {
12593 zval_ptr_dtor(&offset);
12594 } else {
12595 zval_dtor(free_op2.var);
12596 }
12597 break;
12598 case IS_STRING:
12599 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
12600 ZEND_VM_CONTINUE(); /* bailed out before */
12601 default:
12602 zval_dtor(free_op2.var);
12603 break;
12604 }
12605 } else {
12606 zval_dtor(free_op2.var);
12607 }
12608 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12609
12610 ZEND_VM_NEXT_OPCODE();
12611 }
12612
ZEND_UNSET_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12613 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12614 {
12615 zend_op *opline = EX(opline);
12616 zend_free_op free_op1, free_op2;
12617 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12618 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12619
12620 if (IS_VAR != IS_VAR || container) {
12621 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
12622 SEPARATE_ZVAL_IF_NOT_REF(container);
12623 }
12624 if (Z_TYPE_PP(container) == IS_OBJECT) {
12625 if (1) {
12626 MAKE_REAL_ZVAL_PTR(offset);
12627 }
12628 if (Z_OBJ_HT_P(*container)->unset_property) {
12629 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
12630 } else {
12631 zend_error(E_NOTICE, "Trying to unset property of non-object");
12632 }
12633 if (1) {
12634 zval_ptr_dtor(&offset);
12635 } else {
12636 zval_dtor(free_op2.var);
12637 }
12638 } else {
12639 zval_dtor(free_op2.var);
12640 }
12641 } else {
12642 zval_dtor(free_op2.var);
12643 }
12644 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12645
12646 ZEND_VM_NEXT_OPCODE();
12647 }
12648
zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)12649 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
12650 {
12651 zend_op *opline = EX(opline);
12652 zend_free_op free_op1;
12653 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
12654 zval **value = NULL;
12655 int result = 0;
12656
12657 if (IS_VAR != IS_VAR || container) {
12658 zend_free_op free_op2;
12659 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
12660
12661 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
12662 HashTable *ht;
12663 int isset = 0;
12664
12665 ht = Z_ARRVAL_PP(container);
12666
12667 switch (Z_TYPE_P(offset)) {
12668 case IS_DOUBLE:
12669 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
12670 isset = 1;
12671 }
12672 break;
12673 case IS_RESOURCE:
12674 case IS_BOOL:
12675 case IS_LONG:
12676 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
12677 isset = 1;
12678 }
12679 break;
12680 case IS_STRING:
12681 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
12682 isset = 1;
12683 }
12684 break;
12685 case IS_NULL:
12686 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
12687 isset = 1;
12688 }
12689 break;
12690 default:
12691 zend_error(E_WARNING, "Illegal offset type in isset or empty");
12692
12693 break;
12694 }
12695
12696 switch (opline->extended_value) {
12697 case ZEND_ISSET:
12698 if (isset && Z_TYPE_PP(value) == IS_NULL) {
12699 result = 0;
12700 } else {
12701 result = isset;
12702 }
12703 break;
12704 case ZEND_ISEMPTY:
12705 if (!isset || !i_zend_is_true(*value)) {
12706 result = 0;
12707 } else {
12708 result = 1;
12709 }
12710 break;
12711 }
12712 zval_dtor(free_op2.var);
12713 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
12714 if (1) {
12715 MAKE_REAL_ZVAL_PTR(offset);
12716 }
12717 if (prop_dim) {
12718 if (Z_OBJ_HT_P(*container)->has_property) {
12719 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
12720 } else {
12721 zend_error(E_NOTICE, "Trying to check property of non-object");
12722 result = 0;
12723 }
12724 } else {
12725 if (Z_OBJ_HT_P(*container)->has_dimension) {
12726 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
12727 } else {
12728 zend_error(E_NOTICE, "Trying to check element of non-array");
12729 result = 0;
12730 }
12731 }
12732 if (1) {
12733 zval_ptr_dtor(&offset);
12734 } else {
12735 zval_dtor(free_op2.var);
12736 }
12737 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
12738 zval tmp;
12739
12740 if (Z_TYPE_P(offset) != IS_LONG) {
12741 tmp = *offset;
12742 zval_copy_ctor(&tmp);
12743 convert_to_long(&tmp);
12744 offset = &tmp;
12745 }
12746 if (Z_TYPE_P(offset) == IS_LONG) {
12747 switch (opline->extended_value) {
12748 case ZEND_ISSET:
12749 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
12750 result = 1;
12751 }
12752 break;
12753 case ZEND_ISEMPTY:
12754 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
12755 result = 1;
12756 }
12757 break;
12758 }
12759 }
12760 zval_dtor(free_op2.var);
12761 } else {
12762 zval_dtor(free_op2.var);
12763 }
12764 }
12765
12766 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
12767
12768 switch (opline->extended_value) {
12769 case ZEND_ISSET:
12770 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
12771 break;
12772 case ZEND_ISEMPTY:
12773 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
12774 break;
12775 }
12776
12777 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12778
12779 ZEND_VM_NEXT_OPCODE();
12780 }
12781
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12782 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12783 {
12784 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
12785 }
12786
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12787 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12788 {
12789 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
12790 }
12791
ZEND_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12792 static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12793 {
12794 zend_op *opline = EX(opline);
12795 zend_free_op free_op1, free_op2;
12796
12797 add_function(&EX_T(opline->result.u.var).tmp_var,
12798 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12799 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12800 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12801 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12802 ZEND_VM_NEXT_OPCODE();
12803 }
12804
ZEND_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12805 static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12806 {
12807 zend_op *opline = EX(opline);
12808 zend_free_op free_op1, free_op2;
12809
12810 sub_function(&EX_T(opline->result.u.var).tmp_var,
12811 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12812 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12813 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12814 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12815 ZEND_VM_NEXT_OPCODE();
12816 }
12817
ZEND_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12818 static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12819 {
12820 zend_op *opline = EX(opline);
12821 zend_free_op free_op1, free_op2;
12822
12823 mul_function(&EX_T(opline->result.u.var).tmp_var,
12824 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12825 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12826 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12827 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12828 ZEND_VM_NEXT_OPCODE();
12829 }
12830
ZEND_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12831 static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12832 {
12833 zend_op *opline = EX(opline);
12834 zend_free_op free_op1, free_op2;
12835
12836 div_function(&EX_T(opline->result.u.var).tmp_var,
12837 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12838 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12839 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12840 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12841 ZEND_VM_NEXT_OPCODE();
12842 }
12843
ZEND_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12844 static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12845 {
12846 zend_op *opline = EX(opline);
12847 zend_free_op free_op1, free_op2;
12848
12849 mod_function(&EX_T(opline->result.u.var).tmp_var,
12850 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12851 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12852 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12853 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12854 ZEND_VM_NEXT_OPCODE();
12855 }
12856
ZEND_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12857 static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12858 {
12859 zend_op *opline = EX(opline);
12860 zend_free_op free_op1, free_op2;
12861
12862 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
12863 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12864 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12865 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12866 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12867 ZEND_VM_NEXT_OPCODE();
12868 }
12869
ZEND_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12870 static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12871 {
12872 zend_op *opline = EX(opline);
12873 zend_free_op free_op1, free_op2;
12874
12875 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
12876 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12877 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12878 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12879 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12880 ZEND_VM_NEXT_OPCODE();
12881 }
12882
ZEND_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12883 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12884 {
12885 zend_op *opline = EX(opline);
12886 zend_free_op free_op1, free_op2;
12887
12888 concat_function(&EX_T(opline->result.u.var).tmp_var,
12889 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12890 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12891 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12892 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12893 ZEND_VM_NEXT_OPCODE();
12894 }
12895
ZEND_IS_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12896 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12897 {
12898 zend_op *opline = EX(opline);
12899 zend_free_op free_op1, free_op2;
12900
12901 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
12902 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12903 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12904 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12905 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12906 ZEND_VM_NEXT_OPCODE();
12907 }
12908
ZEND_IS_NOT_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12909 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12910 {
12911 zend_op *opline = EX(opline);
12912 zend_free_op free_op1, free_op2;
12913 zval *result = &EX_T(opline->result.u.var).tmp_var;
12914
12915 is_identical_function(result,
12916 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12917 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12918 Z_LVAL_P(result) = !Z_LVAL_P(result);
12919 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12920 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12921 ZEND_VM_NEXT_OPCODE();
12922 }
12923
ZEND_IS_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12924 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12925 {
12926 zend_op *opline = EX(opline);
12927 zend_free_op free_op1, free_op2;
12928 zval *result = &EX_T(opline->result.u.var).tmp_var;
12929
12930 compare_function(result,
12931 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12932 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12933 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
12934 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12935 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12936 ZEND_VM_NEXT_OPCODE();
12937 }
12938
ZEND_IS_NOT_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12939 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12940 {
12941 zend_op *opline = EX(opline);
12942 zend_free_op free_op1, free_op2;
12943 zval *result = &EX_T(opline->result.u.var).tmp_var;
12944
12945 compare_function(result,
12946 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12947 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12948 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
12949 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12950 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12951 ZEND_VM_NEXT_OPCODE();
12952 }
12953
ZEND_IS_SMALLER_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12954 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12955 {
12956 zend_op *opline = EX(opline);
12957 zend_free_op free_op1, free_op2;
12958 zval *result = &EX_T(opline->result.u.var).tmp_var;
12959
12960 compare_function(result,
12961 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12962 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12963 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
12964 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12965 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12966 ZEND_VM_NEXT_OPCODE();
12967 }
12968
ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12969 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12970 {
12971 zend_op *opline = EX(opline);
12972 zend_free_op free_op1, free_op2;
12973 zval *result = &EX_T(opline->result.u.var).tmp_var;
12974
12975 compare_function(result,
12976 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12977 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12978 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
12979 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12980 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12981 ZEND_VM_NEXT_OPCODE();
12982 }
12983
ZEND_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12984 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12985 {
12986 zend_op *opline = EX(opline);
12987 zend_free_op free_op1, free_op2;
12988
12989 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
12990 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
12991 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
12992 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
12993 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
12994 ZEND_VM_NEXT_OPCODE();
12995 }
12996
ZEND_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)12997 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
12998 {
12999 zend_op *opline = EX(opline);
13000 zend_free_op free_op1, free_op2;
13001
13002 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
13003 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
13004 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
13005 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13006 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13007 ZEND_VM_NEXT_OPCODE();
13008 }
13009
ZEND_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13010 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13011 {
13012 zend_op *opline = EX(opline);
13013 zend_free_op free_op1, free_op2;
13014
13015 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
13016 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
13017 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
13018 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13019 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13020 ZEND_VM_NEXT_OPCODE();
13021 }
13022
ZEND_BOOL_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13023 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13024 {
13025 zend_op *opline = EX(opline);
13026 zend_free_op free_op1, free_op2;
13027
13028 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
13029 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
13030 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
13031 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13032 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13033 ZEND_VM_NEXT_OPCODE();
13034 }
13035
zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)13036 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
13037 {
13038 zend_op *opline = EX(opline);
13039 zend_op *op_data = opline+1;
13040 zend_free_op free_op1, free_op2, free_op_data1;
13041 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13042 zval *object;
13043 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13044 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
13045 znode *result = &opline->result;
13046 int have_get_ptr = 0;
13047
13048 if (IS_VAR == IS_VAR && !object_ptr) {
13049 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
13050 }
13051
13052 EX_T(result->u.var).var.ptr_ptr = NULL;
13053 make_real_object(object_ptr TSRMLS_CC);
13054 object = *object_ptr;
13055
13056 if (Z_TYPE_P(object) != IS_OBJECT) {
13057 zend_error(E_WARNING, "Attempt to assign property of non-object");
13058 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13059 FREE_OP(free_op_data1);
13060
13061 if (!RETURN_VALUE_UNUSED(result)) {
13062 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
13063 EX_T(result->u.var).var.ptr_ptr = NULL;
13064 PZVAL_LOCK(EG(uninitialized_zval_ptr));
13065 }
13066 } else {
13067 /* here we are sure we are dealing with an object */
13068 if (0) {
13069 MAKE_REAL_ZVAL_PTR(property);
13070 }
13071
13072 /* here property is a string */
13073 if (opline->extended_value == ZEND_ASSIGN_OBJ
13074 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
13075 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
13076 if (zptr != NULL) { /* NULL means no success in getting PTR */
13077 SEPARATE_ZVAL_IF_NOT_REF(zptr);
13078
13079 have_get_ptr = 1;
13080 binary_op(*zptr, *zptr, value TSRMLS_CC);
13081 if (!RETURN_VALUE_UNUSED(result)) {
13082 EX_T(result->u.var).var.ptr = *zptr;
13083 EX_T(result->u.var).var.ptr_ptr = NULL;
13084 PZVAL_LOCK(*zptr);
13085 }
13086 }
13087 }
13088
13089 if (!have_get_ptr) {
13090 zval *z = NULL;
13091
13092 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
13093 if (Z_OBJ_HT_P(object)->read_property) {
13094 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
13095 }
13096 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
13097 if (Z_OBJ_HT_P(object)->read_dimension) {
13098 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
13099 }
13100 }
13101 if (z) {
13102 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
13103 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
13104
13105 if (Z_REFCOUNT_P(z) == 0) {
13106 GC_REMOVE_ZVAL_FROM_BUFFER(z);
13107 zval_dtor(z);
13108 FREE_ZVAL(z);
13109 }
13110 z = value;
13111 }
13112 Z_ADDREF_P(z);
13113 SEPARATE_ZVAL_IF_NOT_REF(&z);
13114 binary_op(z, z, value TSRMLS_CC);
13115 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
13116 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
13117 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
13118 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
13119 }
13120 if (!RETURN_VALUE_UNUSED(result)) {
13121 EX_T(result->u.var).var.ptr = z;
13122 EX_T(result->u.var).var.ptr_ptr = NULL;
13123 PZVAL_LOCK(z);
13124 }
13125 zval_ptr_dtor(&z);
13126 } else {
13127 zend_error(E_WARNING, "Attempt to assign property of non-object");
13128 if (!RETURN_VALUE_UNUSED(result)) {
13129 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
13130 EX_T(result->u.var).var.ptr_ptr = NULL;
13131 PZVAL_LOCK(EG(uninitialized_zval_ptr));
13132 }
13133 }
13134 }
13135
13136 if (0) {
13137 zval_ptr_dtor(&property);
13138 } else {
13139 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13140 }
13141 FREE_OP(free_op_data1);
13142 }
13143
13144 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13145 /* assign_obj has two opcodes! */
13146 ZEND_VM_INC_OPCODE();
13147 ZEND_VM_NEXT_OPCODE();
13148 }
13149
zend_binary_assign_op_helper_SPEC_VAR_VAR(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)13150 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
13151 {
13152 zend_op *opline = EX(opline);
13153 zend_free_op free_op1, free_op2, free_op_data2, free_op_data1;
13154 zval **var_ptr;
13155 zval *value;
13156
13157 switch (opline->extended_value) {
13158 case ZEND_ASSIGN_OBJ:
13159 return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13160 break;
13161 case ZEND_ASSIGN_DIM: {
13162 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13163
13164 if (IS_VAR == IS_VAR && !container) {
13165 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13166 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
13167 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
13168 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
13169 }
13170 return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13171 } else {
13172 zend_op *op_data = opline+1;
13173 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13174
13175 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
13176 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
13177 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
13178 ZEND_VM_INC_OPCODE();
13179 }
13180 }
13181 break;
13182 default:
13183 value = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13184 var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13185 /* do nothing */
13186 break;
13187 }
13188
13189 if (!var_ptr) {
13190 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
13191 }
13192
13193 if (*var_ptr == EG(error_zval_ptr)) {
13194 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13195 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
13196 PZVAL_LOCK(EG(uninitialized_zval_ptr));
13197 }
13198 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13199 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13200 ZEND_VM_NEXT_OPCODE();
13201 }
13202
13203 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
13204
13205 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
13206 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
13207 /* proxy object */
13208 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
13209 Z_ADDREF_P(objval);
13210 binary_op(objval, objval, value TSRMLS_CC);
13211 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
13212 zval_ptr_dtor(&objval);
13213 } else {
13214 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
13215 }
13216
13217 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13218 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
13219 PZVAL_LOCK(*var_ptr);
13220 }
13221 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13222
13223 if (opline->extended_value == ZEND_ASSIGN_DIM) {
13224 FREE_OP(free_op_data1);
13225 FREE_OP_VAR_PTR(free_op_data2);
13226 }
13227 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13228 ZEND_VM_NEXT_OPCODE();
13229 }
13230
ZEND_ASSIGN_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13231 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13232 {
13233 return zend_binary_assign_op_helper_SPEC_VAR_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13234 }
13235
ZEND_ASSIGN_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13236 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13237 {
13238 return zend_binary_assign_op_helper_SPEC_VAR_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13239 }
13240
ZEND_ASSIGN_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13241 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13242 {
13243 return zend_binary_assign_op_helper_SPEC_VAR_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13244 }
13245
ZEND_ASSIGN_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13246 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13247 {
13248 return zend_binary_assign_op_helper_SPEC_VAR_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13249 }
13250
ZEND_ASSIGN_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13251 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13252 {
13253 return zend_binary_assign_op_helper_SPEC_VAR_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13254 }
13255
ZEND_ASSIGN_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13256 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13257 {
13258 return zend_binary_assign_op_helper_SPEC_VAR_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13259 }
13260
ZEND_ASSIGN_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13261 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13262 {
13263 return zend_binary_assign_op_helper_SPEC_VAR_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13264 }
13265
ZEND_ASSIGN_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13266 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13267 {
13268 return zend_binary_assign_op_helper_SPEC_VAR_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13269 }
13270
ZEND_ASSIGN_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13271 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13272 {
13273 return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13274 }
13275
ZEND_ASSIGN_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13276 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13277 {
13278 return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13279 }
13280
ZEND_ASSIGN_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13281 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13282 {
13283 return zend_binary_assign_op_helper_SPEC_VAR_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13284 }
13285
zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)13286 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
13287 {
13288 zend_op *opline = EX(opline);
13289 zend_free_op free_op1, free_op2;
13290 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13291 zval *object;
13292 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13293 zval **retval = &EX_T(opline->result.u.var).var.ptr;
13294 int have_get_ptr = 0;
13295
13296 if (IS_VAR == IS_VAR && !object_ptr) {
13297 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
13298 }
13299
13300 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
13301 object = *object_ptr;
13302
13303 if (Z_TYPE_P(object) != IS_OBJECT) {
13304 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
13305 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13306 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13307 *retval = EG(uninitialized_zval_ptr);
13308 PZVAL_LOCK(*retval);
13309 }
13310 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13311 ZEND_VM_NEXT_OPCODE();
13312 }
13313
13314 /* here we are sure we are dealing with an object */
13315
13316 if (0) {
13317 MAKE_REAL_ZVAL_PTR(property);
13318 }
13319
13320 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
13321 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
13322 if (zptr != NULL) { /* NULL means no success in getting PTR */
13323 SEPARATE_ZVAL_IF_NOT_REF(zptr);
13324
13325 have_get_ptr = 1;
13326 incdec_op(*zptr);
13327 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13328 *retval = *zptr;
13329 PZVAL_LOCK(*retval);
13330 }
13331 }
13332 }
13333
13334 if (!have_get_ptr) {
13335 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
13336 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
13337
13338 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
13339 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
13340
13341 if (Z_REFCOUNT_P(z) == 0) {
13342 GC_REMOVE_ZVAL_FROM_BUFFER(z);
13343 zval_dtor(z);
13344 FREE_ZVAL(z);
13345 }
13346 z = value;
13347 }
13348 Z_ADDREF_P(z);
13349 SEPARATE_ZVAL_IF_NOT_REF(&z);
13350 incdec_op(z);
13351 *retval = z;
13352 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
13353 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
13354 zval_ptr_dtor(&z);
13355 } else {
13356 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
13357 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13358 *retval = EG(uninitialized_zval_ptr);
13359 PZVAL_LOCK(*retval);
13360 }
13361 }
13362 }
13363
13364 if (0) {
13365 zval_ptr_dtor(&property);
13366 } else {
13367 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13368 }
13369 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13370 ZEND_VM_NEXT_OPCODE();
13371 }
13372
ZEND_PRE_INC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13373 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13374 {
13375 return zend_pre_incdec_property_helper_SPEC_VAR_VAR(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13376 }
13377
ZEND_PRE_DEC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13378 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13379 {
13380 return zend_pre_incdec_property_helper_SPEC_VAR_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13381 }
13382
zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)13383 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
13384 {
13385 zend_op *opline = EX(opline);
13386 zend_free_op free_op1, free_op2;
13387 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13388 zval *object;
13389 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13390 zval *retval = &EX_T(opline->result.u.var).tmp_var;
13391 int have_get_ptr = 0;
13392
13393 if (IS_VAR == IS_VAR && !object_ptr) {
13394 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
13395 }
13396
13397 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
13398 object = *object_ptr;
13399
13400 if (Z_TYPE_P(object) != IS_OBJECT) {
13401 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
13402 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13403 *retval = *EG(uninitialized_zval_ptr);
13404 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13405 ZEND_VM_NEXT_OPCODE();
13406 }
13407
13408 /* here we are sure we are dealing with an object */
13409
13410 if (0) {
13411 MAKE_REAL_ZVAL_PTR(property);
13412 }
13413
13414 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
13415 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
13416 if (zptr != NULL) { /* NULL means no success in getting PTR */
13417 have_get_ptr = 1;
13418 SEPARATE_ZVAL_IF_NOT_REF(zptr);
13419
13420 *retval = **zptr;
13421 zendi_zval_copy_ctor(*retval);
13422
13423 incdec_op(*zptr);
13424
13425 }
13426 }
13427
13428 if (!have_get_ptr) {
13429 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
13430 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
13431 zval *z_copy;
13432
13433 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
13434 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
13435
13436 if (Z_REFCOUNT_P(z) == 0) {
13437 GC_REMOVE_ZVAL_FROM_BUFFER(z);
13438 zval_dtor(z);
13439 FREE_ZVAL(z);
13440 }
13441 z = value;
13442 }
13443 *retval = *z;
13444 zendi_zval_copy_ctor(*retval);
13445 ALLOC_ZVAL(z_copy);
13446 *z_copy = *z;
13447 zendi_zval_copy_ctor(*z_copy);
13448 INIT_PZVAL(z_copy);
13449 incdec_op(z_copy);
13450 Z_ADDREF_P(z);
13451 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
13452 zval_ptr_dtor(&z_copy);
13453 zval_ptr_dtor(&z);
13454 } else {
13455 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
13456 *retval = *EG(uninitialized_zval_ptr);
13457 }
13458 }
13459
13460 if (0) {
13461 zval_ptr_dtor(&property);
13462 } else {
13463 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13464 }
13465 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13466 ZEND_VM_NEXT_OPCODE();
13467 }
13468
ZEND_POST_INC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13469 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13470 {
13471 return zend_post_incdec_property_helper_SPEC_VAR_VAR(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13472 }
13473
ZEND_POST_DEC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13474 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13475 {
13476 return zend_post_incdec_property_helper_SPEC_VAR_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13477 }
13478
ZEND_FETCH_DIM_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13479 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13480 {
13481 zend_op *opline = EX(opline);
13482 zend_free_op free_op1, free_op2;
13483 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13484 zval **container;
13485
13486 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
13487 IS_VAR != IS_CV &&
13488 EX_T(opline->op1.u.var).var.ptr_ptr) {
13489 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
13490 }
13491 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13492 if (IS_VAR == IS_VAR && !container) {
13493 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13494 }
13495 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
13496 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13497 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13498 ZEND_VM_NEXT_OPCODE();
13499 }
13500
ZEND_FETCH_DIM_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13501 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13502 {
13503 zend_op *opline = EX(opline);
13504 zend_free_op free_op1, free_op2;
13505 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13506 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13507
13508 if (IS_VAR == IS_VAR && !container) {
13509 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13510 }
13511 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
13512 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13513 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13514 READY_TO_DESTROY(free_op1.var)) {
13515 AI_USE_PTR(EX_T(opline->result.u.var).var);
13516 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13517 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13518 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13519 }
13520 }
13521 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13522
13523 /* We are going to assign the result by reference */
13524 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
13525 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
13526 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
13527 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
13528 }
13529
13530 ZEND_VM_NEXT_OPCODE();
13531 }
13532
ZEND_FETCH_DIM_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13533 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13534 {
13535 zend_op *opline = EX(opline);
13536 zend_free_op free_op1, free_op2;
13537 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13538 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13539
13540 if (IS_VAR == IS_VAR && !container) {
13541 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13542 }
13543 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
13544 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13545 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13546 READY_TO_DESTROY(free_op1.var)) {
13547 AI_USE_PTR(EX_T(opline->result.u.var).var);
13548 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13549 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13550 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13551 }
13552 }
13553 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13554 ZEND_VM_NEXT_OPCODE();
13555 }
13556
ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13557 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13558 {
13559 zend_op *opline = EX(opline);
13560 zend_free_op free_op1, free_op2;
13561 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13562 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13563
13564 if (IS_VAR == IS_VAR && !container) {
13565 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13566 }
13567 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_IS TSRMLS_CC);
13568 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13569 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13570 ZEND_VM_NEXT_OPCODE();
13571 }
13572
ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13573 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13574 {
13575 zend_op *opline = EX(opline);
13576 zend_free_op free_op1, free_op2;
13577 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13578 zval **container;
13579
13580 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
13581 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13582 if (IS_VAR == IS_VAR && !container) {
13583 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13584 }
13585 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
13586 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13587 READY_TO_DESTROY(free_op1.var)) {
13588 AI_USE_PTR(EX_T(opline->result.u.var).var);
13589 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13590 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13591 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13592 }
13593 }
13594 } else {
13595 if (IS_VAR == IS_UNUSED) {
13596 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
13597 }
13598 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13599 if (IS_VAR == IS_VAR && !container) {
13600 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13601 }
13602 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
13603 }
13604 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13605 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13606 ZEND_VM_NEXT_OPCODE();
13607 }
13608
ZEND_FETCH_DIM_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13609 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13610 {
13611 zend_op *opline = EX(opline);
13612 zend_free_op free_op1, free_op2;
13613 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13614 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13615
13616 /* Not needed in DIM_UNSET
13617 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
13618 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
13619 }
13620 */
13621 if (IS_VAR == IS_CV) {
13622 if (container != &EG(uninitialized_zval_ptr)) {
13623 SEPARATE_ZVAL_IF_NOT_REF(container);
13624 }
13625 }
13626 if (IS_VAR == IS_VAR && !container) {
13627 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13628 }
13629 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_UNSET TSRMLS_CC);
13630 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13631 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13632 READY_TO_DESTROY(free_op1.var)) {
13633 AI_USE_PTR(EX_T(opline->result.u.var).var);
13634 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13635 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13636 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13637 }
13638 }
13639 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13640 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
13641 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
13642 } else {
13643 zend_free_op free_res;
13644
13645 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
13646 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
13647 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
13648 }
13649 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
13650 FREE_OP_VAR_PTR(free_res);
13651 }
13652 ZEND_VM_NEXT_OPCODE();
13653 }
13654
zend_fetch_property_address_read_helper_SPEC_VAR_VAR(int type,ZEND_OPCODE_HANDLER_ARGS)13655 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(int type, ZEND_OPCODE_HANDLER_ARGS)
13656 {
13657 zend_op *opline = EX(opline);
13658 zend_free_op free_op1;
13659 zval *container = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13660 zend_free_op free_op2;
13661 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13662
13663 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
13664 if (type != BP_VAR_IS) {
13665 zend_error(E_NOTICE, "Trying to get property of non-object");
13666 }
13667 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13668 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
13669 PZVAL_LOCK(EG(uninitialized_zval_ptr));
13670 }
13671 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13672 } else {
13673 zval *retval;
13674
13675 if (0) {
13676 MAKE_REAL_ZVAL_PTR(offset);
13677 }
13678
13679 /* here we are sure we are dealing with an object */
13680 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
13681
13682 if (RETURN_VALUE_UNUSED(&opline->result)) {
13683 if (Z_REFCOUNT_P(retval) == 0) {
13684 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
13685 zval_dtor(retval);
13686 FREE_ZVAL(retval);
13687 }
13688 } else {
13689 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
13690 PZVAL_LOCK(retval);
13691 }
13692
13693 if (0) {
13694 zval_ptr_dtor(&offset);
13695 } else {
13696 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13697 }
13698 }
13699
13700 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13701 ZEND_VM_NEXT_OPCODE();
13702 }
13703
ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13704 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13705 {
13706 return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13707 }
13708
ZEND_FETCH_OBJ_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13709 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13710 {
13711 zend_op *opline = EX(opline);
13712 zend_free_op free_op1, free_op2;
13713 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13714 zval **container;
13715
13716 if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
13717 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
13718 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
13719 }
13720
13721 if (0) {
13722 MAKE_REAL_ZVAL_PTR(property);
13723 }
13724 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13725 if (IS_VAR == IS_VAR && !container) {
13726 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
13727 }
13728 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
13729 if (0) {
13730 zval_ptr_dtor(&property);
13731 } else {
13732 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13733 }
13734 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13735 READY_TO_DESTROY(free_op1.var)) {
13736 AI_USE_PTR(EX_T(opline->result.u.var).var);
13737 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13738 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13739 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13740 }
13741 }
13742 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13743
13744 /* We are going to assign the result by reference */
13745 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
13746 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
13747 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
13748 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
13749 }
13750
13751 ZEND_VM_NEXT_OPCODE();
13752 }
13753
ZEND_FETCH_OBJ_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13754 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13755 {
13756 zend_op *opline = EX(opline);
13757 zend_free_op free_op1, free_op2;
13758 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13759 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13760
13761 if (0) {
13762 MAKE_REAL_ZVAL_PTR(property);
13763 }
13764 if (IS_VAR == IS_VAR && !container) {
13765 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
13766 }
13767 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
13768 if (0) {
13769 zval_ptr_dtor(&property);
13770 } else {
13771 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13772 }
13773 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13774 READY_TO_DESTROY(free_op1.var)) {
13775 AI_USE_PTR(EX_T(opline->result.u.var).var);
13776 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13777 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13778 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13779 }
13780 }
13781 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13782 ZEND_VM_NEXT_OPCODE();
13783 }
13784
ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13785 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13786 {
13787 return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13788 }
13789
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13790 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13791 {
13792 zend_op *opline = EX(opline);
13793
13794 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
13795 /* Behave like FETCH_OBJ_W */
13796 zend_free_op free_op1, free_op2;
13797 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13798 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13799
13800 if (0) {
13801 MAKE_REAL_ZVAL_PTR(property);
13802 }
13803 if (IS_VAR == IS_VAR && !container) {
13804 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
13805 }
13806 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
13807 if (0) {
13808 zval_ptr_dtor(&property);
13809 } else {
13810 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13811 }
13812 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13813 READY_TO_DESTROY(free_op1.var)) {
13814 AI_USE_PTR(EX_T(opline->result.u.var).var);
13815 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13816 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13817 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13818 }
13819 }
13820 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13821 ZEND_VM_NEXT_OPCODE();
13822 } else {
13823 return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
13824 }
13825 }
13826
ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13827 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13828 {
13829 zend_op *opline = EX(opline);
13830 zend_free_op free_op1, free_op2, free_res;
13831 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13832 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13833
13834 if (IS_VAR == IS_CV) {
13835 if (container != &EG(uninitialized_zval_ptr)) {
13836 SEPARATE_ZVAL_IF_NOT_REF(container);
13837 }
13838 }
13839 if (0) {
13840 MAKE_REAL_ZVAL_PTR(property);
13841 }
13842 if (IS_VAR == IS_VAR && !container) {
13843 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
13844 }
13845 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
13846 if (0) {
13847 zval_ptr_dtor(&property);
13848 } else {
13849 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13850 }
13851 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
13852 READY_TO_DESTROY(free_op1.var)) {
13853 AI_USE_PTR(EX_T(opline->result.u.var).var);
13854 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
13855 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
13856 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
13857 }
13858 }
13859 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13860
13861 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
13862 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
13863 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
13864 }
13865 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
13866 FREE_OP_VAR_PTR(free_res);
13867 ZEND_VM_NEXT_OPCODE();
13868 }
13869
ZEND_ASSIGN_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13870 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13871 {
13872 zend_op *opline = EX(opline);
13873 zend_op *op_data = opline+1;
13874 zend_free_op free_op1, free_op2;
13875 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13876 zval *property_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13877
13878 if (0) {
13879 MAKE_REAL_ZVAL_PTR(property_name);
13880 }
13881 if (IS_VAR == IS_VAR && !object_ptr) {
13882 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13883 }
13884 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
13885 if (0) {
13886 zval_ptr_dtor(&property_name);
13887 } else {
13888 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13889 }
13890 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13891 /* assign_obj has two opcodes! */
13892 ZEND_VM_INC_OPCODE();
13893 ZEND_VM_NEXT_OPCODE();
13894 }
13895
ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13896 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13897 {
13898 zend_op *opline = EX(opline);
13899 zend_op *op_data = opline+1;
13900 zend_free_op free_op1;
13901 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13902
13903 if (IS_VAR == IS_VAR && !object_ptr) {
13904 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
13905 }
13906 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
13907 zend_free_op free_op2;
13908 zval *property_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13909
13910 if (0) {
13911 MAKE_REAL_ZVAL_PTR(property_name);
13912 }
13913 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
13914 if (0) {
13915 zval_ptr_dtor(&property_name);
13916 } else {
13917 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13918 }
13919 } else {
13920 zend_free_op free_op2, free_op_data1, free_op_data2;
13921 zval *value;
13922 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13923 zval **variable_ptr_ptr;
13924
13925 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
13926 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13927
13928 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
13929 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
13930 if (!variable_ptr_ptr) {
13931 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
13932 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13933 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
13934 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
13935 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
13936 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
13937 }
13938 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
13939 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
13940 PZVAL_LOCK(EG(uninitialized_zval_ptr));
13941 }
13942 } else {
13943 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
13944 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13945 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
13946 PZVAL_LOCK(value);
13947 }
13948 }
13949 FREE_OP_VAR_PTR(free_op_data2);
13950 FREE_OP_IF_VAR(free_op_data1);
13951 }
13952 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13953 /* assign_dim has two opcodes! */
13954 ZEND_VM_INC_OPCODE();
13955 ZEND_VM_NEXT_OPCODE();
13956 }
13957
ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13958 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13959 {
13960 zend_op *opline = EX(opline);
13961 zend_free_op free_op1, free_op2;
13962 zval *value = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13963 zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
13964
13965 if (IS_VAR == IS_VAR && !variable_ptr_ptr) {
13966 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_VAR TSRMLS_CC)) {
13967 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13968 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
13969 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
13970 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
13971 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
13972 }
13973 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
13974 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
13975 PZVAL_LOCK(EG(uninitialized_zval_ptr));
13976 }
13977 } else {
13978 value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC);
13979 if (!RETURN_VALUE_UNUSED(&opline->result)) {
13980 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
13981 PZVAL_LOCK(value);
13982 }
13983 }
13984
13985 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
13986
13987 /* zend_assign_to_variable() always takes care of op2, never free it! */
13988 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
13989
13990 ZEND_VM_NEXT_OPCODE();
13991 }
13992
ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)13993 static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
13994 {
13995 zend_op *opline = EX(opline);
13996 zend_free_op free_op1, free_op2;
13997 zval **variable_ptr_ptr;
13998 zval **value_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
13999
14000 if (IS_VAR == IS_VAR &&
14001 value_ptr_ptr &&
14002 !Z_ISREF_PP(value_ptr_ptr) &&
14003 opline->extended_value == ZEND_RETURNS_FUNCTION &&
14004 !EX_T(opline->op2.u.var).var.fcall_returned_reference) {
14005 if (free_op2.var == NULL) {
14006 PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
14007 }
14008 zend_error(E_STRICT, "Only variables should be assigned by reference");
14009 if (UNEXPECTED(EG(exception) != NULL)) {
14010 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14011 ZEND_VM_NEXT_OPCODE();
14012 }
14013 return ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14014 } else if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
14015 PZVAL_LOCK(*value_ptr_ptr);
14016 }
14017 if (IS_VAR == IS_VAR && EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
14018 zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object");
14019 }
14020
14021 variable_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14022 if ((IS_VAR == IS_VAR && !value_ptr_ptr) ||
14023 (IS_VAR == IS_VAR && !variable_ptr_ptr)) {
14024 zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects");
14025 }
14026 zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC);
14027
14028 if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
14029 Z_DELREF_PP(variable_ptr_ptr);
14030 }
14031
14032 if (!RETURN_VALUE_UNUSED(&opline->result)) {
14033 AI_SET_PTR(EX_T(opline->result.u.var).var, *variable_ptr_ptr);
14034 PZVAL_LOCK(*variable_ptr_ptr);
14035 }
14036
14037 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14038 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14039
14040 ZEND_VM_NEXT_OPCODE();
14041 }
14042
ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14043 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14044 {
14045 zend_op *opline = EX(opline);
14046 zval *function_name;
14047 char *function_name_strval;
14048 int function_name_strlen;
14049 zend_free_op free_op1, free_op2;
14050
14051 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
14052
14053 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
14054
14055 if (Z_TYPE_P(function_name)!=IS_STRING) {
14056 zend_error_noreturn(E_ERROR, "Method name must be a string");
14057 }
14058
14059 function_name_strval = Z_STRVAL_P(function_name);
14060 function_name_strlen = Z_STRLEN_P(function_name);
14061
14062 EX(object) = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14063
14064 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
14065 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
14066 zend_error_noreturn(E_ERROR, "Object does not support method calls");
14067 }
14068
14069 /* First, locate the function. */
14070 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
14071 if (!EX(fbc)) {
14072 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
14073 }
14074
14075 EX(called_scope) = Z_OBJCE_P(EX(object));
14076 } else {
14077 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
14078 }
14079
14080 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
14081 EX(object) = NULL;
14082 } else {
14083 if (!PZVAL_IS_REF(EX(object))) {
14084 Z_ADDREF_P(EX(object)); /* For $this pointer */
14085 } else {
14086 zval *this_ptr;
14087 ALLOC_ZVAL(this_ptr);
14088 INIT_PZVAL_COPY(this_ptr, EX(object));
14089 zval_copy_ctor(this_ptr);
14090 EX(object) = this_ptr;
14091 }
14092 }
14093
14094 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14095 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14096
14097 ZEND_VM_NEXT_OPCODE();
14098 }
14099
ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14100 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14101 {
14102 zend_op *opline = EX(opline);
14103 zval *function_name;
14104 zend_class_entry *ce;
14105
14106 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
14107
14108 if (IS_VAR == IS_CONST) {
14109 /* no function found. try a static method in class */
14110 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
14111 if (UNEXPECTED(EG(exception) != NULL)) {
14112 ZEND_VM_CONTINUE();
14113 }
14114 if (!ce) {
14115 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
14116 }
14117 EX(called_scope) = ce;
14118 } else {
14119 ce = EX_T(opline->op1.u.var).class_entry;
14120
14121 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
14122 EX(called_scope) = EG(called_scope);
14123 } else {
14124 EX(called_scope) = ce;
14125 }
14126 }
14127 if(IS_VAR != IS_UNUSED) {
14128 char *function_name_strval = NULL;
14129 int function_name_strlen = 0;
14130 zend_free_op free_op2;
14131
14132 if (IS_VAR == IS_CONST) {
14133 function_name_strval = Z_STRVAL(opline->op2.u.constant);
14134 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
14135 } else {
14136 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
14137
14138 if (Z_TYPE_P(function_name) != IS_STRING) {
14139 zend_error_noreturn(E_ERROR, "Function name must be a string");
14140 } else {
14141 function_name_strval = Z_STRVAL_P(function_name);
14142 function_name_strlen = Z_STRLEN_P(function_name);
14143 }
14144 }
14145
14146 if (function_name_strval) {
14147 if (ce->get_static_method) {
14148 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
14149 } else {
14150 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
14151 }
14152 if (!EX(fbc)) {
14153 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
14154 }
14155 }
14156
14157 if (IS_VAR != IS_CONST) {
14158 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14159 }
14160 } else {
14161 if(!ce->constructor) {
14162 zend_error_noreturn(E_ERROR, "Cannot call constructor");
14163 }
14164 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
14165 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
14166 }
14167 EX(fbc) = ce->constructor;
14168 }
14169
14170 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
14171 EX(object) = NULL;
14172 } else {
14173 if (EG(This) &&
14174 Z_OBJ_HT_P(EG(This))->get_class_entry &&
14175 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
14176 /* We are calling method of the other (incompatible) class,
14177 but passing $this. This is done for compatibility with php-4. */
14178 int severity;
14179 char *verb;
14180 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
14181 severity = E_STRICT;
14182 verb = "should not";
14183 } else {
14184 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
14185 severity = E_ERROR;
14186 verb = "cannot";
14187 }
14188 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
14189
14190 }
14191 if ((EX(object) = EG(This))) {
14192 Z_ADDREF_P(EX(object));
14193 EX(called_scope) = Z_OBJCE_P(EX(object));
14194 }
14195 }
14196
14197 ZEND_VM_NEXT_OPCODE();
14198 }
14199
ZEND_CASE_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14200 static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14201 {
14202 zend_op *opline = EX(opline);
14203 int switch_expr_is_overloaded=0;
14204 zend_free_op free_op1, free_op2;
14205
14206 if (IS_VAR==IS_VAR) {
14207 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
14208 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
14209 } else {
14210 switch_expr_is_overloaded = 1;
14211 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
14212 }
14213 }
14214 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
14215 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
14216 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
14217
14218 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14219 if (switch_expr_is_overloaded) {
14220 /* We only free op1 if this is a string offset,
14221 * Since if it is a TMP_VAR, it'll be reused by
14222 * other CASE opcodes (whereas string offsets
14223 * are allocated at each get_zval_ptr())
14224 */
14225 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14226 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
14227 EX_T(opline->op1.u.var).var.ptr = NULL;
14228 }
14229 ZEND_VM_NEXT_OPCODE();
14230 }
14231
ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14232 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14233 {
14234 zend_op *opline = EX(opline);
14235 zend_free_op free_op1, free_op2;
14236 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
14237 zval *expr_ptr;
14238 zval *offset=_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
14239
14240 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
14241 zval **expr_ptr_ptr = NULL;
14242
14243 if (opline->extended_value) {
14244 expr_ptr_ptr=_get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14245 expr_ptr = *expr_ptr_ptr;
14246 } else {
14247 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14248 }
14249 #else
14250 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14251 #endif
14252
14253 if (0) { /* temporary variable */
14254 zval *new_expr;
14255
14256 ALLOC_ZVAL(new_expr);
14257 INIT_PZVAL_COPY(new_expr, expr_ptr);
14258 expr_ptr = new_expr;
14259 } else {
14260 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
14261 if (opline->extended_value) {
14262 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
14263 expr_ptr = *expr_ptr_ptr;
14264 Z_ADDREF_P(expr_ptr);
14265 } else
14266 #endif
14267 if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
14268 zval *new_expr;
14269
14270 ALLOC_ZVAL(new_expr);
14271 INIT_PZVAL_COPY(new_expr, expr_ptr);
14272 expr_ptr = new_expr;
14273 zendi_zval_copy_ctor(*expr_ptr);
14274 } else {
14275 Z_ADDREF_P(expr_ptr);
14276 }
14277 }
14278 if (offset) {
14279 switch (Z_TYPE_P(offset)) {
14280 case IS_DOUBLE:
14281 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
14282 break;
14283 case IS_LONG:
14284 case IS_BOOL:
14285 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
14286 break;
14287 case IS_STRING:
14288 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
14289 break;
14290 case IS_NULL:
14291 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
14292 break;
14293 default:
14294 zend_error(E_WARNING, "Illegal offset type");
14295 zval_ptr_dtor(&expr_ptr);
14296 /* do nothing */
14297 break;
14298 }
14299 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14300 } else {
14301 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
14302 }
14303 if (opline->extended_value) {
14304 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14305 } else {
14306 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14307 }
14308 ZEND_VM_NEXT_OPCODE();
14309 }
14310
ZEND_INIT_ARRAY_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14311 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14312 {
14313 zend_op *opline = EX(opline);
14314
14315 array_init(&EX_T(opline->result.u.var).tmp_var);
14316 if (IS_VAR == IS_UNUSED) {
14317 ZEND_VM_NEXT_OPCODE();
14318 #if 0 || IS_VAR != IS_UNUSED
14319 } else {
14320 return ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14321 #endif
14322 }
14323 }
14324
ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14325 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14326 {
14327 zend_op *opline = EX(opline);
14328 zend_free_op free_op1, free_op2;
14329 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14330 zval *offset;
14331
14332 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
14333 SEPARATE_ZVAL_IF_NOT_REF(container);
14334 }
14335 offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
14336
14337 if (IS_VAR != IS_VAR || container) {
14338 switch (Z_TYPE_PP(container)) {
14339 case IS_ARRAY: {
14340 HashTable *ht = Z_ARRVAL_PP(container);
14341
14342 switch (Z_TYPE_P(offset)) {
14343 case IS_DOUBLE:
14344 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
14345 break;
14346 case IS_RESOURCE:
14347 case IS_BOOL:
14348 case IS_LONG:
14349 zend_hash_index_del(ht, Z_LVAL_P(offset));
14350 break;
14351 case IS_STRING:
14352 if (IS_VAR == IS_CV || IS_VAR == IS_VAR) {
14353 Z_ADDREF_P(offset);
14354 }
14355 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
14356 ht == &EG(symbol_table)) {
14357 zend_execute_data *ex;
14358 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
14359
14360 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
14361 if (ex->op_array && ex->symbol_table == ht) {
14362 int i;
14363
14364 for (i = 0; i < ex->op_array->last_var; i++) {
14365 if (ex->op_array->vars[i].hash_value == hash_value &&
14366 ex->op_array->vars[i].name_len == offset->value.str.len &&
14367 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
14368 ex->CVs[i] = NULL;
14369 break;
14370 }
14371 }
14372 }
14373 }
14374 }
14375 if (IS_VAR == IS_CV || IS_VAR == IS_VAR) {
14376 zval_ptr_dtor(&offset);
14377 }
14378 break;
14379 case IS_NULL:
14380 zend_hash_del(ht, "", sizeof(""));
14381 break;
14382 default:
14383 zend_error(E_WARNING, "Illegal offset type in unset");
14384 break;
14385 }
14386 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14387 break;
14388 }
14389 case IS_OBJECT:
14390 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
14391 zend_error_noreturn(E_ERROR, "Cannot use object as array");
14392 }
14393 if (0) {
14394 MAKE_REAL_ZVAL_PTR(offset);
14395 }
14396 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
14397 if (0) {
14398 zval_ptr_dtor(&offset);
14399 } else {
14400 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14401 }
14402 break;
14403 case IS_STRING:
14404 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
14405 ZEND_VM_CONTINUE(); /* bailed out before */
14406 default:
14407 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14408 break;
14409 }
14410 } else {
14411 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14412 }
14413 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14414
14415 ZEND_VM_NEXT_OPCODE();
14416 }
14417
ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14418 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14419 {
14420 zend_op *opline = EX(opline);
14421 zend_free_op free_op1, free_op2;
14422 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14423 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
14424
14425 if (IS_VAR != IS_VAR || container) {
14426 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
14427 SEPARATE_ZVAL_IF_NOT_REF(container);
14428 }
14429 if (Z_TYPE_PP(container) == IS_OBJECT) {
14430 if (0) {
14431 MAKE_REAL_ZVAL_PTR(offset);
14432 }
14433 if (Z_OBJ_HT_P(*container)->unset_property) {
14434 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
14435 } else {
14436 zend_error(E_NOTICE, "Trying to unset property of non-object");
14437 }
14438 if (0) {
14439 zval_ptr_dtor(&offset);
14440 } else {
14441 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14442 }
14443 } else {
14444 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14445 }
14446 } else {
14447 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14448 }
14449 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14450
14451 ZEND_VM_NEXT_OPCODE();
14452 }
14453
zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)14454 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
14455 {
14456 zend_op *opline = EX(opline);
14457 zend_free_op free_op1;
14458 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14459 zval **value = NULL;
14460 int result = 0;
14461
14462 if (IS_VAR != IS_VAR || container) {
14463 zend_free_op free_op2;
14464 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
14465
14466 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
14467 HashTable *ht;
14468 int isset = 0;
14469
14470 ht = Z_ARRVAL_PP(container);
14471
14472 switch (Z_TYPE_P(offset)) {
14473 case IS_DOUBLE:
14474 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
14475 isset = 1;
14476 }
14477 break;
14478 case IS_RESOURCE:
14479 case IS_BOOL:
14480 case IS_LONG:
14481 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
14482 isset = 1;
14483 }
14484 break;
14485 case IS_STRING:
14486 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
14487 isset = 1;
14488 }
14489 break;
14490 case IS_NULL:
14491 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
14492 isset = 1;
14493 }
14494 break;
14495 default:
14496 zend_error(E_WARNING, "Illegal offset type in isset or empty");
14497
14498 break;
14499 }
14500
14501 switch (opline->extended_value) {
14502 case ZEND_ISSET:
14503 if (isset && Z_TYPE_PP(value) == IS_NULL) {
14504 result = 0;
14505 } else {
14506 result = isset;
14507 }
14508 break;
14509 case ZEND_ISEMPTY:
14510 if (!isset || !i_zend_is_true(*value)) {
14511 result = 0;
14512 } else {
14513 result = 1;
14514 }
14515 break;
14516 }
14517 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14518 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
14519 if (0) {
14520 MAKE_REAL_ZVAL_PTR(offset);
14521 }
14522 if (prop_dim) {
14523 if (Z_OBJ_HT_P(*container)->has_property) {
14524 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
14525 } else {
14526 zend_error(E_NOTICE, "Trying to check property of non-object");
14527 result = 0;
14528 }
14529 } else {
14530 if (Z_OBJ_HT_P(*container)->has_dimension) {
14531 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
14532 } else {
14533 zend_error(E_NOTICE, "Trying to check element of non-array");
14534 result = 0;
14535 }
14536 }
14537 if (0) {
14538 zval_ptr_dtor(&offset);
14539 } else {
14540 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14541 }
14542 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
14543 zval tmp;
14544
14545 if (Z_TYPE_P(offset) != IS_LONG) {
14546 tmp = *offset;
14547 zval_copy_ctor(&tmp);
14548 convert_to_long(&tmp);
14549 offset = &tmp;
14550 }
14551 if (Z_TYPE_P(offset) == IS_LONG) {
14552 switch (opline->extended_value) {
14553 case ZEND_ISSET:
14554 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
14555 result = 1;
14556 }
14557 break;
14558 case ZEND_ISEMPTY:
14559 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
14560 result = 1;
14561 }
14562 break;
14563 }
14564 }
14565 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14566 } else {
14567 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
14568 }
14569 }
14570
14571 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
14572
14573 switch (opline->extended_value) {
14574 case ZEND_ISSET:
14575 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
14576 break;
14577 case ZEND_ISEMPTY:
14578 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
14579 break;
14580 }
14581
14582 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14583
14584 ZEND_VM_NEXT_OPCODE();
14585 }
14586
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14587 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14588 {
14589 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14590 }
14591
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14592 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14593 {
14594 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14595 }
14596
zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)14597 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
14598 {
14599 zend_op *opline = EX(opline);
14600 zend_op *op_data = opline+1;
14601 zend_free_op free_op1, free_op_data1;
14602 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14603 zval *object;
14604 zval *property = NULL;
14605 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
14606 znode *result = &opline->result;
14607 int have_get_ptr = 0;
14608
14609 if (IS_VAR == IS_VAR && !object_ptr) {
14610 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
14611 }
14612
14613 EX_T(result->u.var).var.ptr_ptr = NULL;
14614 make_real_object(object_ptr TSRMLS_CC);
14615 object = *object_ptr;
14616
14617 if (Z_TYPE_P(object) != IS_OBJECT) {
14618 zend_error(E_WARNING, "Attempt to assign property of non-object");
14619
14620 FREE_OP(free_op_data1);
14621
14622 if (!RETURN_VALUE_UNUSED(result)) {
14623 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
14624 EX_T(result->u.var).var.ptr_ptr = NULL;
14625 PZVAL_LOCK(EG(uninitialized_zval_ptr));
14626 }
14627 } else {
14628 /* here we are sure we are dealing with an object */
14629 if (0) {
14630 MAKE_REAL_ZVAL_PTR(property);
14631 }
14632
14633 /* here property is a string */
14634 if (opline->extended_value == ZEND_ASSIGN_OBJ
14635 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
14636 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
14637 if (zptr != NULL) { /* NULL means no success in getting PTR */
14638 SEPARATE_ZVAL_IF_NOT_REF(zptr);
14639
14640 have_get_ptr = 1;
14641 binary_op(*zptr, *zptr, value TSRMLS_CC);
14642 if (!RETURN_VALUE_UNUSED(result)) {
14643 EX_T(result->u.var).var.ptr = *zptr;
14644 EX_T(result->u.var).var.ptr_ptr = NULL;
14645 PZVAL_LOCK(*zptr);
14646 }
14647 }
14648 }
14649
14650 if (!have_get_ptr) {
14651 zval *z = NULL;
14652
14653 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
14654 if (Z_OBJ_HT_P(object)->read_property) {
14655 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
14656 }
14657 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
14658 if (Z_OBJ_HT_P(object)->read_dimension) {
14659 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
14660 }
14661 }
14662 if (z) {
14663 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
14664 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
14665
14666 if (Z_REFCOUNT_P(z) == 0) {
14667 GC_REMOVE_ZVAL_FROM_BUFFER(z);
14668 zval_dtor(z);
14669 FREE_ZVAL(z);
14670 }
14671 z = value;
14672 }
14673 Z_ADDREF_P(z);
14674 SEPARATE_ZVAL_IF_NOT_REF(&z);
14675 binary_op(z, z, value TSRMLS_CC);
14676 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
14677 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
14678 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
14679 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
14680 }
14681 if (!RETURN_VALUE_UNUSED(result)) {
14682 EX_T(result->u.var).var.ptr = z;
14683 EX_T(result->u.var).var.ptr_ptr = NULL;
14684 PZVAL_LOCK(z);
14685 }
14686 zval_ptr_dtor(&z);
14687 } else {
14688 zend_error(E_WARNING, "Attempt to assign property of non-object");
14689 if (!RETURN_VALUE_UNUSED(result)) {
14690 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
14691 EX_T(result->u.var).var.ptr_ptr = NULL;
14692 PZVAL_LOCK(EG(uninitialized_zval_ptr));
14693 }
14694 }
14695 }
14696
14697 if (0) {
14698 zval_ptr_dtor(&property);
14699 } else {
14700
14701 }
14702 FREE_OP(free_op_data1);
14703 }
14704
14705 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14706 /* assign_obj has two opcodes! */
14707 ZEND_VM_INC_OPCODE();
14708 ZEND_VM_NEXT_OPCODE();
14709 }
14710
zend_binary_assign_op_helper_SPEC_VAR_UNUSED(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)14711 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
14712 {
14713 zend_op *opline = EX(opline);
14714 zend_free_op free_op1, free_op_data2, free_op_data1;
14715 zval **var_ptr;
14716 zval *value;
14717
14718 switch (opline->extended_value) {
14719 case ZEND_ASSIGN_OBJ:
14720 return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14721 break;
14722 case ZEND_ASSIGN_DIM: {
14723 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14724
14725 if (IS_VAR == IS_VAR && !container) {
14726 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
14727 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
14728 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
14729 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
14730 }
14731 return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14732 } else {
14733 zend_op *op_data = opline+1;
14734 zval *dim = NULL;
14735
14736 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
14737 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
14738 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
14739 ZEND_VM_INC_OPCODE();
14740 }
14741 }
14742 break;
14743 default:
14744 value = NULL;
14745 var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14746 /* do nothing */
14747 break;
14748 }
14749
14750 if (!var_ptr) {
14751 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
14752 }
14753
14754 if (*var_ptr == EG(error_zval_ptr)) {
14755 if (!RETURN_VALUE_UNUSED(&opline->result)) {
14756 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
14757 PZVAL_LOCK(EG(uninitialized_zval_ptr));
14758 }
14759
14760 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14761 ZEND_VM_NEXT_OPCODE();
14762 }
14763
14764 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
14765
14766 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
14767 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
14768 /* proxy object */
14769 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
14770 Z_ADDREF_P(objval);
14771 binary_op(objval, objval, value TSRMLS_CC);
14772 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
14773 zval_ptr_dtor(&objval);
14774 } else {
14775 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
14776 }
14777
14778 if (!RETURN_VALUE_UNUSED(&opline->result)) {
14779 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
14780 PZVAL_LOCK(*var_ptr);
14781 }
14782
14783 if (opline->extended_value == ZEND_ASSIGN_DIM) {
14784 FREE_OP(free_op_data1);
14785 FREE_OP_VAR_PTR(free_op_data2);
14786 }
14787 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14788 ZEND_VM_NEXT_OPCODE();
14789 }
14790
ZEND_ASSIGN_ADD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14791 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14792 {
14793 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14794 }
14795
ZEND_ASSIGN_SUB_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14796 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14797 {
14798 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14799 }
14800
ZEND_ASSIGN_MUL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14801 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14802 {
14803 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14804 }
14805
ZEND_ASSIGN_DIV_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14806 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14807 {
14808 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14809 }
14810
ZEND_ASSIGN_MOD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14811 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14812 {
14813 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14814 }
14815
ZEND_ASSIGN_SL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14816 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14817 {
14818 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14819 }
14820
ZEND_ASSIGN_SR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14821 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14822 {
14823 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14824 }
14825
ZEND_ASSIGN_CONCAT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14826 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14827 {
14828 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14829 }
14830
ZEND_ASSIGN_BW_OR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14831 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14832 {
14833 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14834 }
14835
ZEND_ASSIGN_BW_AND_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14836 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14837 {
14838 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14839 }
14840
ZEND_ASSIGN_BW_XOR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14841 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14842 {
14843 return zend_binary_assign_op_helper_SPEC_VAR_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
14844 }
14845
ZEND_FETCH_DIM_W_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14846 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14847 {
14848 zend_op *opline = EX(opline);
14849 zend_free_op free_op1;
14850 zval *dim = NULL;
14851 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14852
14853 if (IS_VAR == IS_VAR && !container) {
14854 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
14855 }
14856 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
14857
14858 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
14859 READY_TO_DESTROY(free_op1.var)) {
14860 AI_USE_PTR(EX_T(opline->result.u.var).var);
14861 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
14862 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
14863 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
14864 }
14865 }
14866 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14867
14868 /* We are going to assign the result by reference */
14869 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
14870 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
14871 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
14872 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
14873 }
14874
14875 ZEND_VM_NEXT_OPCODE();
14876 }
14877
ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14878 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14879 {
14880 zend_op *opline = EX(opline);
14881 zend_free_op free_op1;
14882 zval *dim = NULL;
14883 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14884
14885 if (IS_VAR == IS_VAR && !container) {
14886 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
14887 }
14888 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
14889
14890 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
14891 READY_TO_DESTROY(free_op1.var)) {
14892 AI_USE_PTR(EX_T(opline->result.u.var).var);
14893 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
14894 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
14895 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
14896 }
14897 }
14898 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14899 ZEND_VM_NEXT_OPCODE();
14900 }
14901
ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14902 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14903 {
14904 zend_op *opline = EX(opline);
14905 zend_free_op free_op1;
14906 zval *dim = NULL;
14907 zval **container;
14908
14909 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
14910 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14911 if (IS_VAR == IS_VAR && !container) {
14912 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
14913 }
14914 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
14915 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
14916 READY_TO_DESTROY(free_op1.var)) {
14917 AI_USE_PTR(EX_T(opline->result.u.var).var);
14918 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
14919 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
14920 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
14921 }
14922 }
14923 } else {
14924 if (IS_UNUSED == IS_UNUSED) {
14925 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
14926 }
14927 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14928 if (IS_VAR == IS_VAR && !container) {
14929 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
14930 }
14931 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
14932 }
14933
14934 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14935 ZEND_VM_NEXT_OPCODE();
14936 }
14937
ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14938 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
14939 {
14940 zend_op *opline = EX(opline);
14941 zend_op *op_data = opline+1;
14942 zend_free_op free_op1;
14943 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
14944
14945 if (IS_VAR == IS_VAR && !object_ptr) {
14946 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
14947 }
14948 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
14949
14950 zval *property_name = NULL;
14951
14952 if (0) {
14953 MAKE_REAL_ZVAL_PTR(property_name);
14954 }
14955 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
14956 if (0) {
14957 zval_ptr_dtor(&property_name);
14958 } else {
14959
14960 }
14961 } else {
14962 zend_free_op free_op_data1, free_op_data2;
14963 zval *value;
14964 zval *dim = NULL;
14965 zval **variable_ptr_ptr;
14966
14967 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
14968
14969 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
14970 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
14971 if (!variable_ptr_ptr) {
14972 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
14973 if (!RETURN_VALUE_UNUSED(&opline->result)) {
14974 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
14975 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
14976 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
14977 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
14978 }
14979 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
14980 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
14981 PZVAL_LOCK(EG(uninitialized_zval_ptr));
14982 }
14983 } else {
14984 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
14985 if (!RETURN_VALUE_UNUSED(&opline->result)) {
14986 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
14987 PZVAL_LOCK(value);
14988 }
14989 }
14990 FREE_OP_VAR_PTR(free_op_data2);
14991 FREE_OP_IF_VAR(free_op_data1);
14992 }
14993 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
14994 /* assign_dim has two opcodes! */
14995 ZEND_VM_INC_OPCODE();
14996 ZEND_VM_NEXT_OPCODE();
14997 }
14998
ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)14999 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15000 {
15001 zend_op *opline = EX(opline);
15002 zval *function_name;
15003 zend_class_entry *ce;
15004
15005 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
15006
15007 if (IS_VAR == IS_CONST) {
15008 /* no function found. try a static method in class */
15009 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
15010 if (UNEXPECTED(EG(exception) != NULL)) {
15011 ZEND_VM_CONTINUE();
15012 }
15013 if (!ce) {
15014 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
15015 }
15016 EX(called_scope) = ce;
15017 } else {
15018 ce = EX_T(opline->op1.u.var).class_entry;
15019
15020 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
15021 EX(called_scope) = EG(called_scope);
15022 } else {
15023 EX(called_scope) = ce;
15024 }
15025 }
15026 if(IS_UNUSED != IS_UNUSED) {
15027 char *function_name_strval = NULL;
15028 int function_name_strlen = 0;
15029
15030
15031 if (IS_UNUSED == IS_CONST) {
15032 function_name_strval = Z_STRVAL(opline->op2.u.constant);
15033 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
15034 } else {
15035 function_name = NULL;
15036
15037 if (Z_TYPE_P(function_name) != IS_STRING) {
15038 zend_error_noreturn(E_ERROR, "Function name must be a string");
15039 } else {
15040 function_name_strval = Z_STRVAL_P(function_name);
15041 function_name_strlen = Z_STRLEN_P(function_name);
15042 }
15043 }
15044
15045 if (function_name_strval) {
15046 if (ce->get_static_method) {
15047 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
15048 } else {
15049 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
15050 }
15051 if (!EX(fbc)) {
15052 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
15053 }
15054 }
15055
15056 if (IS_UNUSED != IS_CONST) {
15057
15058 }
15059 } else {
15060 if(!ce->constructor) {
15061 zend_error_noreturn(E_ERROR, "Cannot call constructor");
15062 }
15063 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
15064 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
15065 }
15066 EX(fbc) = ce->constructor;
15067 }
15068
15069 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
15070 EX(object) = NULL;
15071 } else {
15072 if (EG(This) &&
15073 Z_OBJ_HT_P(EG(This))->get_class_entry &&
15074 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
15075 /* We are calling method of the other (incompatible) class,
15076 but passing $this. This is done for compatibility with php-4. */
15077 int severity;
15078 char *verb;
15079 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
15080 severity = E_STRICT;
15081 verb = "should not";
15082 } else {
15083 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
15084 severity = E_ERROR;
15085 verb = "cannot";
15086 }
15087 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
15088
15089 }
15090 if ((EX(object) = EG(This))) {
15091 Z_ADDREF_P(EX(object));
15092 EX(called_scope) = Z_OBJCE_P(EX(object));
15093 }
15094 }
15095
15096 ZEND_VM_NEXT_OPCODE();
15097 }
15098
ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15099 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15100 {
15101 zend_op *opline = EX(opline);
15102 zend_free_op free_op1;
15103 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
15104 zval *expr_ptr;
15105 zval *offset=NULL;
15106
15107 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
15108 zval **expr_ptr_ptr = NULL;
15109
15110 if (opline->extended_value) {
15111 expr_ptr_ptr=_get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15112 expr_ptr = *expr_ptr_ptr;
15113 } else {
15114 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15115 }
15116 #else
15117 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15118 #endif
15119
15120 if (0) { /* temporary variable */
15121 zval *new_expr;
15122
15123 ALLOC_ZVAL(new_expr);
15124 INIT_PZVAL_COPY(new_expr, expr_ptr);
15125 expr_ptr = new_expr;
15126 } else {
15127 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
15128 if (opline->extended_value) {
15129 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
15130 expr_ptr = *expr_ptr_ptr;
15131 Z_ADDREF_P(expr_ptr);
15132 } else
15133 #endif
15134 if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
15135 zval *new_expr;
15136
15137 ALLOC_ZVAL(new_expr);
15138 INIT_PZVAL_COPY(new_expr, expr_ptr);
15139 expr_ptr = new_expr;
15140 zendi_zval_copy_ctor(*expr_ptr);
15141 } else {
15142 Z_ADDREF_P(expr_ptr);
15143 }
15144 }
15145 if (offset) {
15146 switch (Z_TYPE_P(offset)) {
15147 case IS_DOUBLE:
15148 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
15149 break;
15150 case IS_LONG:
15151 case IS_BOOL:
15152 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
15153 break;
15154 case IS_STRING:
15155 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
15156 break;
15157 case IS_NULL:
15158 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
15159 break;
15160 default:
15161 zend_error(E_WARNING, "Illegal offset type");
15162 zval_ptr_dtor(&expr_ptr);
15163 /* do nothing */
15164 break;
15165 }
15166
15167 } else {
15168 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
15169 }
15170 if (opline->extended_value) {
15171 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15172 } else {
15173 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15174 }
15175 ZEND_VM_NEXT_OPCODE();
15176 }
15177
ZEND_INIT_ARRAY_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15178 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15179 {
15180 zend_op *opline = EX(opline);
15181
15182 array_init(&EX_T(opline->result.u.var).tmp_var);
15183 if (IS_VAR == IS_UNUSED) {
15184 ZEND_VM_NEXT_OPCODE();
15185 #if 0 || IS_VAR != IS_UNUSED
15186 } else {
15187 return ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15188 #endif
15189 }
15190 }
15191
ZEND_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15192 static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15193 {
15194 zend_op *opline = EX(opline);
15195 zend_free_op free_op1;
15196
15197 add_function(&EX_T(opline->result.u.var).tmp_var,
15198 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15199 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15200 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15201
15202 ZEND_VM_NEXT_OPCODE();
15203 }
15204
ZEND_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15205 static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15206 {
15207 zend_op *opline = EX(opline);
15208 zend_free_op free_op1;
15209
15210 sub_function(&EX_T(opline->result.u.var).tmp_var,
15211 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15212 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15213 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15214
15215 ZEND_VM_NEXT_OPCODE();
15216 }
15217
ZEND_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15218 static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15219 {
15220 zend_op *opline = EX(opline);
15221 zend_free_op free_op1;
15222
15223 mul_function(&EX_T(opline->result.u.var).tmp_var,
15224 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15225 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15226 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15227
15228 ZEND_VM_NEXT_OPCODE();
15229 }
15230
ZEND_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15231 static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15232 {
15233 zend_op *opline = EX(opline);
15234 zend_free_op free_op1;
15235
15236 div_function(&EX_T(opline->result.u.var).tmp_var,
15237 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15238 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15239 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15240
15241 ZEND_VM_NEXT_OPCODE();
15242 }
15243
ZEND_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15244 static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15245 {
15246 zend_op *opline = EX(opline);
15247 zend_free_op free_op1;
15248
15249 mod_function(&EX_T(opline->result.u.var).tmp_var,
15250 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15251 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15252 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15253
15254 ZEND_VM_NEXT_OPCODE();
15255 }
15256
ZEND_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15257 static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15258 {
15259 zend_op *opline = EX(opline);
15260 zend_free_op free_op1;
15261
15262 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
15263 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15264 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15265 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15266
15267 ZEND_VM_NEXT_OPCODE();
15268 }
15269
ZEND_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15270 static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15271 {
15272 zend_op *opline = EX(opline);
15273 zend_free_op free_op1;
15274
15275 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
15276 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15277 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15278 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15279
15280 ZEND_VM_NEXT_OPCODE();
15281 }
15282
ZEND_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15283 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15284 {
15285 zend_op *opline = EX(opline);
15286 zend_free_op free_op1;
15287
15288 concat_function(&EX_T(opline->result.u.var).tmp_var,
15289 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15290 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15291 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15292
15293 ZEND_VM_NEXT_OPCODE();
15294 }
15295
ZEND_IS_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15296 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15297 {
15298 zend_op *opline = EX(opline);
15299 zend_free_op free_op1;
15300
15301 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
15302 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15303 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15304 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15305
15306 ZEND_VM_NEXT_OPCODE();
15307 }
15308
ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15309 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15310 {
15311 zend_op *opline = EX(opline);
15312 zend_free_op free_op1;
15313 zval *result = &EX_T(opline->result.u.var).tmp_var;
15314
15315 is_identical_function(result,
15316 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15317 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15318 Z_LVAL_P(result) = !Z_LVAL_P(result);
15319 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15320
15321 ZEND_VM_NEXT_OPCODE();
15322 }
15323
ZEND_IS_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15324 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15325 {
15326 zend_op *opline = EX(opline);
15327 zend_free_op free_op1;
15328 zval *result = &EX_T(opline->result.u.var).tmp_var;
15329
15330 compare_function(result,
15331 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15332 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15333 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
15334 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15335
15336 ZEND_VM_NEXT_OPCODE();
15337 }
15338
ZEND_IS_NOT_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15339 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15340 {
15341 zend_op *opline = EX(opline);
15342 zend_free_op free_op1;
15343 zval *result = &EX_T(opline->result.u.var).tmp_var;
15344
15345 compare_function(result,
15346 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15347 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15348 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
15349 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15350
15351 ZEND_VM_NEXT_OPCODE();
15352 }
15353
ZEND_IS_SMALLER_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15354 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15355 {
15356 zend_op *opline = EX(opline);
15357 zend_free_op free_op1;
15358 zval *result = &EX_T(opline->result.u.var).tmp_var;
15359
15360 compare_function(result,
15361 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15362 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15363 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
15364 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15365
15366 ZEND_VM_NEXT_OPCODE();
15367 }
15368
ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15369 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15370 {
15371 zend_op *opline = EX(opline);
15372 zend_free_op free_op1;
15373 zval *result = &EX_T(opline->result.u.var).tmp_var;
15374
15375 compare_function(result,
15376 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15377 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15378 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
15379 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15380
15381 ZEND_VM_NEXT_OPCODE();
15382 }
15383
ZEND_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15384 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15385 {
15386 zend_op *opline = EX(opline);
15387 zend_free_op free_op1;
15388
15389 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
15390 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15391 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15392 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15393
15394 ZEND_VM_NEXT_OPCODE();
15395 }
15396
ZEND_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15397 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15398 {
15399 zend_op *opline = EX(opline);
15400 zend_free_op free_op1;
15401
15402 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
15403 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15404 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15405 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15406
15407 ZEND_VM_NEXT_OPCODE();
15408 }
15409
ZEND_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15410 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15411 {
15412 zend_op *opline = EX(opline);
15413 zend_free_op free_op1;
15414
15415 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
15416 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15417 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15418 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15419
15420 ZEND_VM_NEXT_OPCODE();
15421 }
15422
ZEND_BOOL_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15423 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15424 {
15425 zend_op *opline = EX(opline);
15426 zend_free_op free_op1;
15427
15428 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
15429 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
15430 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
15431 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15432
15433 ZEND_VM_NEXT_OPCODE();
15434 }
15435
zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)15436 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
15437 {
15438 zend_op *opline = EX(opline);
15439 zend_op *op_data = opline+1;
15440 zend_free_op free_op1, free_op_data1;
15441 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15442 zval *object;
15443 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15444 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
15445 znode *result = &opline->result;
15446 int have_get_ptr = 0;
15447
15448 if (IS_VAR == IS_VAR && !object_ptr) {
15449 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
15450 }
15451
15452 EX_T(result->u.var).var.ptr_ptr = NULL;
15453 make_real_object(object_ptr TSRMLS_CC);
15454 object = *object_ptr;
15455
15456 if (Z_TYPE_P(object) != IS_OBJECT) {
15457 zend_error(E_WARNING, "Attempt to assign property of non-object");
15458
15459 FREE_OP(free_op_data1);
15460
15461 if (!RETURN_VALUE_UNUSED(result)) {
15462 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
15463 EX_T(result->u.var).var.ptr_ptr = NULL;
15464 PZVAL_LOCK(EG(uninitialized_zval_ptr));
15465 }
15466 } else {
15467 /* here we are sure we are dealing with an object */
15468 if (0) {
15469 MAKE_REAL_ZVAL_PTR(property);
15470 }
15471
15472 /* here property is a string */
15473 if (opline->extended_value == ZEND_ASSIGN_OBJ
15474 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
15475 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
15476 if (zptr != NULL) { /* NULL means no success in getting PTR */
15477 SEPARATE_ZVAL_IF_NOT_REF(zptr);
15478
15479 have_get_ptr = 1;
15480 binary_op(*zptr, *zptr, value TSRMLS_CC);
15481 if (!RETURN_VALUE_UNUSED(result)) {
15482 EX_T(result->u.var).var.ptr = *zptr;
15483 EX_T(result->u.var).var.ptr_ptr = NULL;
15484 PZVAL_LOCK(*zptr);
15485 }
15486 }
15487 }
15488
15489 if (!have_get_ptr) {
15490 zval *z = NULL;
15491
15492 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
15493 if (Z_OBJ_HT_P(object)->read_property) {
15494 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
15495 }
15496 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
15497 if (Z_OBJ_HT_P(object)->read_dimension) {
15498 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
15499 }
15500 }
15501 if (z) {
15502 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
15503 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
15504
15505 if (Z_REFCOUNT_P(z) == 0) {
15506 GC_REMOVE_ZVAL_FROM_BUFFER(z);
15507 zval_dtor(z);
15508 FREE_ZVAL(z);
15509 }
15510 z = value;
15511 }
15512 Z_ADDREF_P(z);
15513 SEPARATE_ZVAL_IF_NOT_REF(&z);
15514 binary_op(z, z, value TSRMLS_CC);
15515 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
15516 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
15517 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
15518 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
15519 }
15520 if (!RETURN_VALUE_UNUSED(result)) {
15521 EX_T(result->u.var).var.ptr = z;
15522 EX_T(result->u.var).var.ptr_ptr = NULL;
15523 PZVAL_LOCK(z);
15524 }
15525 zval_ptr_dtor(&z);
15526 } else {
15527 zend_error(E_WARNING, "Attempt to assign property of non-object");
15528 if (!RETURN_VALUE_UNUSED(result)) {
15529 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
15530 EX_T(result->u.var).var.ptr_ptr = NULL;
15531 PZVAL_LOCK(EG(uninitialized_zval_ptr));
15532 }
15533 }
15534 }
15535
15536 if (0) {
15537 zval_ptr_dtor(&property);
15538 } else {
15539
15540 }
15541 FREE_OP(free_op_data1);
15542 }
15543
15544 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15545 /* assign_obj has two opcodes! */
15546 ZEND_VM_INC_OPCODE();
15547 ZEND_VM_NEXT_OPCODE();
15548 }
15549
zend_binary_assign_op_helper_SPEC_VAR_CV(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)15550 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
15551 {
15552 zend_op *opline = EX(opline);
15553 zend_free_op free_op1, free_op_data2, free_op_data1;
15554 zval **var_ptr;
15555 zval *value;
15556
15557 switch (opline->extended_value) {
15558 case ZEND_ASSIGN_OBJ:
15559 return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15560 break;
15561 case ZEND_ASSIGN_DIM: {
15562 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15563
15564 if (IS_VAR == IS_VAR && !container) {
15565 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
15566 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
15567 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
15568 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
15569 }
15570 return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15571 } else {
15572 zend_op *op_data = opline+1;
15573 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15574
15575 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
15576 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
15577 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
15578 ZEND_VM_INC_OPCODE();
15579 }
15580 }
15581 break;
15582 default:
15583 value = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15584 var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15585 /* do nothing */
15586 break;
15587 }
15588
15589 if (!var_ptr) {
15590 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
15591 }
15592
15593 if (*var_ptr == EG(error_zval_ptr)) {
15594 if (!RETURN_VALUE_UNUSED(&opline->result)) {
15595 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
15596 PZVAL_LOCK(EG(uninitialized_zval_ptr));
15597 }
15598
15599 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15600 ZEND_VM_NEXT_OPCODE();
15601 }
15602
15603 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
15604
15605 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
15606 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
15607 /* proxy object */
15608 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
15609 Z_ADDREF_P(objval);
15610 binary_op(objval, objval, value TSRMLS_CC);
15611 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
15612 zval_ptr_dtor(&objval);
15613 } else {
15614 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
15615 }
15616
15617 if (!RETURN_VALUE_UNUSED(&opline->result)) {
15618 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
15619 PZVAL_LOCK(*var_ptr);
15620 }
15621
15622 if (opline->extended_value == ZEND_ASSIGN_DIM) {
15623 FREE_OP(free_op_data1);
15624 FREE_OP_VAR_PTR(free_op_data2);
15625 }
15626 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15627 ZEND_VM_NEXT_OPCODE();
15628 }
15629
ZEND_ASSIGN_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15630 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15631 {
15632 return zend_binary_assign_op_helper_SPEC_VAR_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15633 }
15634
ZEND_ASSIGN_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15635 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15636 {
15637 return zend_binary_assign_op_helper_SPEC_VAR_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15638 }
15639
ZEND_ASSIGN_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15640 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15641 {
15642 return zend_binary_assign_op_helper_SPEC_VAR_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15643 }
15644
ZEND_ASSIGN_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15645 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15646 {
15647 return zend_binary_assign_op_helper_SPEC_VAR_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15648 }
15649
ZEND_ASSIGN_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15650 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15651 {
15652 return zend_binary_assign_op_helper_SPEC_VAR_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15653 }
15654
ZEND_ASSIGN_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15655 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15656 {
15657 return zend_binary_assign_op_helper_SPEC_VAR_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15658 }
15659
ZEND_ASSIGN_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15660 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15661 {
15662 return zend_binary_assign_op_helper_SPEC_VAR_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15663 }
15664
ZEND_ASSIGN_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15665 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15666 {
15667 return zend_binary_assign_op_helper_SPEC_VAR_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15668 }
15669
ZEND_ASSIGN_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15670 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15671 {
15672 return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15673 }
15674
ZEND_ASSIGN_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15675 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15676 {
15677 return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15678 }
15679
ZEND_ASSIGN_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15680 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15681 {
15682 return zend_binary_assign_op_helper_SPEC_VAR_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15683 }
15684
zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)15685 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
15686 {
15687 zend_op *opline = EX(opline);
15688 zend_free_op free_op1;
15689 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15690 zval *object;
15691 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15692 zval **retval = &EX_T(opline->result.u.var).var.ptr;
15693 int have_get_ptr = 0;
15694
15695 if (IS_VAR == IS_VAR && !object_ptr) {
15696 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
15697 }
15698
15699 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
15700 object = *object_ptr;
15701
15702 if (Z_TYPE_P(object) != IS_OBJECT) {
15703 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
15704
15705 if (!RETURN_VALUE_UNUSED(&opline->result)) {
15706 *retval = EG(uninitialized_zval_ptr);
15707 PZVAL_LOCK(*retval);
15708 }
15709 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15710 ZEND_VM_NEXT_OPCODE();
15711 }
15712
15713 /* here we are sure we are dealing with an object */
15714
15715 if (0) {
15716 MAKE_REAL_ZVAL_PTR(property);
15717 }
15718
15719 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
15720 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
15721 if (zptr != NULL) { /* NULL means no success in getting PTR */
15722 SEPARATE_ZVAL_IF_NOT_REF(zptr);
15723
15724 have_get_ptr = 1;
15725 incdec_op(*zptr);
15726 if (!RETURN_VALUE_UNUSED(&opline->result)) {
15727 *retval = *zptr;
15728 PZVAL_LOCK(*retval);
15729 }
15730 }
15731 }
15732
15733 if (!have_get_ptr) {
15734 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
15735 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
15736
15737 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
15738 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
15739
15740 if (Z_REFCOUNT_P(z) == 0) {
15741 GC_REMOVE_ZVAL_FROM_BUFFER(z);
15742 zval_dtor(z);
15743 FREE_ZVAL(z);
15744 }
15745 z = value;
15746 }
15747 Z_ADDREF_P(z);
15748 SEPARATE_ZVAL_IF_NOT_REF(&z);
15749 incdec_op(z);
15750 *retval = z;
15751 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
15752 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
15753 zval_ptr_dtor(&z);
15754 } else {
15755 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
15756 if (!RETURN_VALUE_UNUSED(&opline->result)) {
15757 *retval = EG(uninitialized_zval_ptr);
15758 PZVAL_LOCK(*retval);
15759 }
15760 }
15761 }
15762
15763 if (0) {
15764 zval_ptr_dtor(&property);
15765 } else {
15766
15767 }
15768 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15769 ZEND_VM_NEXT_OPCODE();
15770 }
15771
ZEND_PRE_INC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15772 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15773 {
15774 return zend_pre_incdec_property_helper_SPEC_VAR_CV(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15775 }
15776
ZEND_PRE_DEC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15777 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15778 {
15779 return zend_pre_incdec_property_helper_SPEC_VAR_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15780 }
15781
zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)15782 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
15783 {
15784 zend_op *opline = EX(opline);
15785 zend_free_op free_op1;
15786 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15787 zval *object;
15788 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15789 zval *retval = &EX_T(opline->result.u.var).tmp_var;
15790 int have_get_ptr = 0;
15791
15792 if (IS_VAR == IS_VAR && !object_ptr) {
15793 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
15794 }
15795
15796 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
15797 object = *object_ptr;
15798
15799 if (Z_TYPE_P(object) != IS_OBJECT) {
15800 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
15801
15802 *retval = *EG(uninitialized_zval_ptr);
15803 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15804 ZEND_VM_NEXT_OPCODE();
15805 }
15806
15807 /* here we are sure we are dealing with an object */
15808
15809 if (0) {
15810 MAKE_REAL_ZVAL_PTR(property);
15811 }
15812
15813 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
15814 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
15815 if (zptr != NULL) { /* NULL means no success in getting PTR */
15816 have_get_ptr = 1;
15817 SEPARATE_ZVAL_IF_NOT_REF(zptr);
15818
15819 *retval = **zptr;
15820 zendi_zval_copy_ctor(*retval);
15821
15822 incdec_op(*zptr);
15823
15824 }
15825 }
15826
15827 if (!have_get_ptr) {
15828 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
15829 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
15830 zval *z_copy;
15831
15832 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
15833 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
15834
15835 if (Z_REFCOUNT_P(z) == 0) {
15836 GC_REMOVE_ZVAL_FROM_BUFFER(z);
15837 zval_dtor(z);
15838 FREE_ZVAL(z);
15839 }
15840 z = value;
15841 }
15842 *retval = *z;
15843 zendi_zval_copy_ctor(*retval);
15844 ALLOC_ZVAL(z_copy);
15845 *z_copy = *z;
15846 zendi_zval_copy_ctor(*z_copy);
15847 INIT_PZVAL(z_copy);
15848 incdec_op(z_copy);
15849 Z_ADDREF_P(z);
15850 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
15851 zval_ptr_dtor(&z_copy);
15852 zval_ptr_dtor(&z);
15853 } else {
15854 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
15855 *retval = *EG(uninitialized_zval_ptr);
15856 }
15857 }
15858
15859 if (0) {
15860 zval_ptr_dtor(&property);
15861 } else {
15862
15863 }
15864 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15865 ZEND_VM_NEXT_OPCODE();
15866 }
15867
ZEND_POST_INC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15868 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15869 {
15870 return zend_post_incdec_property_helper_SPEC_VAR_CV(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15871 }
15872
ZEND_POST_DEC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15873 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15874 {
15875 return zend_post_incdec_property_helper_SPEC_VAR_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
15876 }
15877
ZEND_FETCH_DIM_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15878 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15879 {
15880 zend_op *opline = EX(opline);
15881 zend_free_op free_op1;
15882 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15883 zval **container;
15884
15885 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
15886 IS_VAR != IS_CV &&
15887 EX_T(opline->op1.u.var).var.ptr_ptr) {
15888 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
15889 }
15890 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15891 if (IS_VAR == IS_VAR && !container) {
15892 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
15893 }
15894 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
15895
15896 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15897 ZEND_VM_NEXT_OPCODE();
15898 }
15899
ZEND_FETCH_DIM_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15900 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15901 {
15902 zend_op *opline = EX(opline);
15903 zend_free_op free_op1;
15904 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15905 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15906
15907 if (IS_VAR == IS_VAR && !container) {
15908 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
15909 }
15910 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
15911
15912 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
15913 READY_TO_DESTROY(free_op1.var)) {
15914 AI_USE_PTR(EX_T(opline->result.u.var).var);
15915 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
15916 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
15917 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
15918 }
15919 }
15920 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15921
15922 /* We are going to assign the result by reference */
15923 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
15924 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
15925 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
15926 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
15927 }
15928
15929 ZEND_VM_NEXT_OPCODE();
15930 }
15931
ZEND_FETCH_DIM_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15932 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15933 {
15934 zend_op *opline = EX(opline);
15935 zend_free_op free_op1;
15936 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15937 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15938
15939 if (IS_VAR == IS_VAR && !container) {
15940 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
15941 }
15942 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
15943
15944 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
15945 READY_TO_DESTROY(free_op1.var)) {
15946 AI_USE_PTR(EX_T(opline->result.u.var).var);
15947 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
15948 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
15949 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
15950 }
15951 }
15952 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15953 ZEND_VM_NEXT_OPCODE();
15954 }
15955
ZEND_FETCH_DIM_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15956 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15957 {
15958 zend_op *opline = EX(opline);
15959 zend_free_op free_op1;
15960 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15961 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15962
15963 if (IS_VAR == IS_VAR && !container) {
15964 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
15965 }
15966 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_IS TSRMLS_CC);
15967
15968 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
15969 ZEND_VM_NEXT_OPCODE();
15970 }
15971
ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)15972 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
15973 {
15974 zend_op *opline = EX(opline);
15975 zend_free_op free_op1;
15976 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
15977 zval **container;
15978
15979 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
15980 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15981 if (IS_VAR == IS_VAR && !container) {
15982 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
15983 }
15984 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
15985 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
15986 READY_TO_DESTROY(free_op1.var)) {
15987 AI_USE_PTR(EX_T(opline->result.u.var).var);
15988 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
15989 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
15990 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
15991 }
15992 }
15993 } else {
15994 if (IS_CV == IS_UNUSED) {
15995 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
15996 }
15997 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
15998 if (IS_VAR == IS_VAR && !container) {
15999 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
16000 }
16001 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
16002 }
16003
16004 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16005 ZEND_VM_NEXT_OPCODE();
16006 }
16007
ZEND_FETCH_DIM_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16008 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16009 {
16010 zend_op *opline = EX(opline);
16011 zend_free_op free_op1;
16012 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16013 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16014
16015 /* Not needed in DIM_UNSET
16016 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
16017 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
16018 }
16019 */
16020 if (IS_VAR == IS_CV) {
16021 if (container != &EG(uninitialized_zval_ptr)) {
16022 SEPARATE_ZVAL_IF_NOT_REF(container);
16023 }
16024 }
16025 if (IS_VAR == IS_VAR && !container) {
16026 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
16027 }
16028 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_UNSET TSRMLS_CC);
16029
16030 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
16031 READY_TO_DESTROY(free_op1.var)) {
16032 AI_USE_PTR(EX_T(opline->result.u.var).var);
16033 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
16034 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
16035 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
16036 }
16037 }
16038 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16039 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
16040 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
16041 } else {
16042 zend_free_op free_res;
16043
16044 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
16045 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
16046 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
16047 }
16048 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
16049 FREE_OP_VAR_PTR(free_res);
16050 }
16051 ZEND_VM_NEXT_OPCODE();
16052 }
16053
zend_fetch_property_address_read_helper_SPEC_VAR_CV(int type,ZEND_OPCODE_HANDLER_ARGS)16054 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(int type, ZEND_OPCODE_HANDLER_ARGS)
16055 {
16056 zend_op *opline = EX(opline);
16057 zend_free_op free_op1;
16058 zval *container = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16059
16060 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16061
16062 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
16063 if (type != BP_VAR_IS) {
16064 zend_error(E_NOTICE, "Trying to get property of non-object");
16065 }
16066 if (!RETURN_VALUE_UNUSED(&opline->result)) {
16067 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
16068 PZVAL_LOCK(EG(uninitialized_zval_ptr));
16069 }
16070
16071 } else {
16072 zval *retval;
16073
16074 if (0) {
16075 MAKE_REAL_ZVAL_PTR(offset);
16076 }
16077
16078 /* here we are sure we are dealing with an object */
16079 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
16080
16081 if (RETURN_VALUE_UNUSED(&opline->result)) {
16082 if (Z_REFCOUNT_P(retval) == 0) {
16083 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
16084 zval_dtor(retval);
16085 FREE_ZVAL(retval);
16086 }
16087 } else {
16088 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
16089 PZVAL_LOCK(retval);
16090 }
16091
16092 if (0) {
16093 zval_ptr_dtor(&offset);
16094 } else {
16095
16096 }
16097 }
16098
16099 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16100 ZEND_VM_NEXT_OPCODE();
16101 }
16102
ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16103 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16104 {
16105 return zend_fetch_property_address_read_helper_SPEC_VAR_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16106 }
16107
ZEND_FETCH_OBJ_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16108 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16109 {
16110 zend_op *opline = EX(opline);
16111 zend_free_op free_op1;
16112 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16113 zval **container;
16114
16115 if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
16116 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
16117 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
16118 }
16119
16120 if (0) {
16121 MAKE_REAL_ZVAL_PTR(property);
16122 }
16123 container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16124 if (IS_VAR == IS_VAR && !container) {
16125 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
16126 }
16127 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
16128 if (0) {
16129 zval_ptr_dtor(&property);
16130 } else {
16131
16132 }
16133 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
16134 READY_TO_DESTROY(free_op1.var)) {
16135 AI_USE_PTR(EX_T(opline->result.u.var).var);
16136 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
16137 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
16138 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
16139 }
16140 }
16141 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16142
16143 /* We are going to assign the result by reference */
16144 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
16145 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
16146 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
16147 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
16148 }
16149
16150 ZEND_VM_NEXT_OPCODE();
16151 }
16152
ZEND_FETCH_OBJ_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16153 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16154 {
16155 zend_op *opline = EX(opline);
16156 zend_free_op free_op1;
16157 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16158 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16159
16160 if (0) {
16161 MAKE_REAL_ZVAL_PTR(property);
16162 }
16163 if (IS_VAR == IS_VAR && !container) {
16164 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
16165 }
16166 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
16167 if (0) {
16168 zval_ptr_dtor(&property);
16169 } else {
16170
16171 }
16172 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
16173 READY_TO_DESTROY(free_op1.var)) {
16174 AI_USE_PTR(EX_T(opline->result.u.var).var);
16175 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
16176 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
16177 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
16178 }
16179 }
16180 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16181 ZEND_VM_NEXT_OPCODE();
16182 }
16183
ZEND_FETCH_OBJ_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16184 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16185 {
16186 return zend_fetch_property_address_read_helper_SPEC_VAR_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16187 }
16188
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16189 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16190 {
16191 zend_op *opline = EX(opline);
16192
16193 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
16194 /* Behave like FETCH_OBJ_W */
16195 zend_free_op free_op1;
16196 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16197 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16198
16199 if (0) {
16200 MAKE_REAL_ZVAL_PTR(property);
16201 }
16202 if (IS_VAR == IS_VAR && !container) {
16203 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
16204 }
16205 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
16206 if (0) {
16207 zval_ptr_dtor(&property);
16208 } else {
16209
16210 }
16211 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
16212 READY_TO_DESTROY(free_op1.var)) {
16213 AI_USE_PTR(EX_T(opline->result.u.var).var);
16214 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
16215 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
16216 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
16217 }
16218 }
16219 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16220 ZEND_VM_NEXT_OPCODE();
16221 } else {
16222 return zend_fetch_property_address_read_helper_SPEC_VAR_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16223 }
16224 }
16225
ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16226 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16227 {
16228 zend_op *opline = EX(opline);
16229 zend_free_op free_op1, free_res;
16230 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16231 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16232
16233 if (IS_VAR == IS_CV) {
16234 if (container != &EG(uninitialized_zval_ptr)) {
16235 SEPARATE_ZVAL_IF_NOT_REF(container);
16236 }
16237 }
16238 if (0) {
16239 MAKE_REAL_ZVAL_PTR(property);
16240 }
16241 if (IS_VAR == IS_VAR && !container) {
16242 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
16243 }
16244 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
16245 if (0) {
16246 zval_ptr_dtor(&property);
16247 } else {
16248
16249 }
16250 if (IS_VAR == IS_VAR && (free_op1.var != NULL) &&
16251 READY_TO_DESTROY(free_op1.var)) {
16252 AI_USE_PTR(EX_T(opline->result.u.var).var);
16253 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
16254 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
16255 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
16256 }
16257 }
16258 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16259
16260 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
16261 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
16262 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
16263 }
16264 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
16265 FREE_OP_VAR_PTR(free_res);
16266 ZEND_VM_NEXT_OPCODE();
16267 }
16268
ZEND_ASSIGN_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16269 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16270 {
16271 zend_op *opline = EX(opline);
16272 zend_op *op_data = opline+1;
16273 zend_free_op free_op1;
16274 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16275 zval *property_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16276
16277 if (0) {
16278 MAKE_REAL_ZVAL_PTR(property_name);
16279 }
16280 if (IS_VAR == IS_VAR && !object_ptr) {
16281 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
16282 }
16283 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
16284 if (0) {
16285 zval_ptr_dtor(&property_name);
16286 } else {
16287
16288 }
16289 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16290 /* assign_obj has two opcodes! */
16291 ZEND_VM_INC_OPCODE();
16292 ZEND_VM_NEXT_OPCODE();
16293 }
16294
ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16295 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16296 {
16297 zend_op *opline = EX(opline);
16298 zend_op *op_data = opline+1;
16299 zend_free_op free_op1;
16300 zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16301
16302 if (IS_VAR == IS_VAR && !object_ptr) {
16303 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
16304 }
16305 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
16306
16307 zval *property_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16308
16309 if (0) {
16310 MAKE_REAL_ZVAL_PTR(property_name);
16311 }
16312 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
16313 if (0) {
16314 zval_ptr_dtor(&property_name);
16315 } else {
16316
16317 }
16318 } else {
16319 zend_free_op free_op_data1, free_op_data2;
16320 zval *value;
16321 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16322 zval **variable_ptr_ptr;
16323
16324 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
16325
16326 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
16327 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
16328 if (!variable_ptr_ptr) {
16329 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
16330 if (!RETURN_VALUE_UNUSED(&opline->result)) {
16331 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
16332 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
16333 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
16334 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
16335 }
16336 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
16337 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
16338 PZVAL_LOCK(EG(uninitialized_zval_ptr));
16339 }
16340 } else {
16341 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
16342 if (!RETURN_VALUE_UNUSED(&opline->result)) {
16343 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
16344 PZVAL_LOCK(value);
16345 }
16346 }
16347 FREE_OP_VAR_PTR(free_op_data2);
16348 FREE_OP_IF_VAR(free_op_data1);
16349 }
16350 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16351 /* assign_dim has two opcodes! */
16352 ZEND_VM_INC_OPCODE();
16353 ZEND_VM_NEXT_OPCODE();
16354 }
16355
ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16356 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16357 {
16358 zend_op *opline = EX(opline);
16359 zend_free_op free_op1;
16360 zval *value = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16361 zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16362
16363 if (IS_VAR == IS_VAR && !variable_ptr_ptr) {
16364 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_CV TSRMLS_CC)) {
16365 if (!RETURN_VALUE_UNUSED(&opline->result)) {
16366 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
16367 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
16368 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
16369 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
16370 }
16371 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
16372 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
16373 PZVAL_LOCK(EG(uninitialized_zval_ptr));
16374 }
16375 } else {
16376 value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC);
16377 if (!RETURN_VALUE_UNUSED(&opline->result)) {
16378 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
16379 PZVAL_LOCK(value);
16380 }
16381 }
16382
16383 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16384
16385 /* zend_assign_to_variable() always takes care of op2, never free it! */
16386
16387 ZEND_VM_NEXT_OPCODE();
16388 }
16389
ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16390 static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16391 {
16392 zend_op *opline = EX(opline);
16393 zend_free_op free_op1, free_op2;
16394 zval **variable_ptr_ptr;
16395 zval **value_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC);
16396
16397 if (IS_CV == IS_VAR &&
16398 value_ptr_ptr &&
16399 !Z_ISREF_PP(value_ptr_ptr) &&
16400 opline->extended_value == ZEND_RETURNS_FUNCTION &&
16401 !EX_T(opline->op2.u.var).var.fcall_returned_reference) {
16402 if (free_op2.var == NULL) {
16403 PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
16404 }
16405 zend_error(E_STRICT, "Only variables should be assigned by reference");
16406 if (UNEXPECTED(EG(exception) != NULL)) {
16407
16408 ZEND_VM_NEXT_OPCODE();
16409 }
16410 return ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16411 } else if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
16412 PZVAL_LOCK(*value_ptr_ptr);
16413 }
16414 if (IS_VAR == IS_VAR && EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
16415 zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object");
16416 }
16417
16418 variable_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16419 if ((IS_CV == IS_VAR && !value_ptr_ptr) ||
16420 (IS_VAR == IS_VAR && !variable_ptr_ptr)) {
16421 zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects");
16422 }
16423 zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC);
16424
16425 if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
16426 Z_DELREF_PP(variable_ptr_ptr);
16427 }
16428
16429 if (!RETURN_VALUE_UNUSED(&opline->result)) {
16430 AI_SET_PTR(EX_T(opline->result.u.var).var, *variable_ptr_ptr);
16431 PZVAL_LOCK(*variable_ptr_ptr);
16432 }
16433
16434 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16435
16436 ZEND_VM_NEXT_OPCODE();
16437 }
16438
ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16439 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16440 {
16441 zend_op *opline = EX(opline);
16442 zval *function_name;
16443 char *function_name_strval;
16444 int function_name_strlen;
16445 zend_free_op free_op1;
16446
16447 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
16448
16449 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16450
16451 if (Z_TYPE_P(function_name)!=IS_STRING) {
16452 zend_error_noreturn(E_ERROR, "Method name must be a string");
16453 }
16454
16455 function_name_strval = Z_STRVAL_P(function_name);
16456 function_name_strlen = Z_STRLEN_P(function_name);
16457
16458 EX(object) = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16459
16460 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
16461 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
16462 zend_error_noreturn(E_ERROR, "Object does not support method calls");
16463 }
16464
16465 /* First, locate the function. */
16466 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
16467 if (!EX(fbc)) {
16468 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
16469 }
16470
16471 EX(called_scope) = Z_OBJCE_P(EX(object));
16472 } else {
16473 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
16474 }
16475
16476 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
16477 EX(object) = NULL;
16478 } else {
16479 if (!PZVAL_IS_REF(EX(object))) {
16480 Z_ADDREF_P(EX(object)); /* For $this pointer */
16481 } else {
16482 zval *this_ptr;
16483 ALLOC_ZVAL(this_ptr);
16484 INIT_PZVAL_COPY(this_ptr, EX(object));
16485 zval_copy_ctor(this_ptr);
16486 EX(object) = this_ptr;
16487 }
16488 }
16489
16490 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16491
16492 ZEND_VM_NEXT_OPCODE();
16493 }
16494
ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16495 static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16496 {
16497 zend_op *opline = EX(opline);
16498 zval *function_name;
16499 zend_class_entry *ce;
16500
16501 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
16502
16503 if (IS_VAR == IS_CONST) {
16504 /* no function found. try a static method in class */
16505 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
16506 if (UNEXPECTED(EG(exception) != NULL)) {
16507 ZEND_VM_CONTINUE();
16508 }
16509 if (!ce) {
16510 zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
16511 }
16512 EX(called_scope) = ce;
16513 } else {
16514 ce = EX_T(opline->op1.u.var).class_entry;
16515
16516 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
16517 EX(called_scope) = EG(called_scope);
16518 } else {
16519 EX(called_scope) = ce;
16520 }
16521 }
16522 if(IS_CV != IS_UNUSED) {
16523 char *function_name_strval = NULL;
16524 int function_name_strlen = 0;
16525
16526
16527 if (IS_CV == IS_CONST) {
16528 function_name_strval = Z_STRVAL(opline->op2.u.constant);
16529 function_name_strlen = Z_STRLEN(opline->op2.u.constant);
16530 } else {
16531 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16532
16533 if (Z_TYPE_P(function_name) != IS_STRING) {
16534 zend_error_noreturn(E_ERROR, "Function name must be a string");
16535 } else {
16536 function_name_strval = Z_STRVAL_P(function_name);
16537 function_name_strlen = Z_STRLEN_P(function_name);
16538 }
16539 }
16540
16541 if (function_name_strval) {
16542 if (ce->get_static_method) {
16543 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
16544 } else {
16545 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
16546 }
16547 if (!EX(fbc)) {
16548 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
16549 }
16550 }
16551
16552 if (IS_CV != IS_CONST) {
16553
16554 }
16555 } else {
16556 if(!ce->constructor) {
16557 zend_error_noreturn(E_ERROR, "Cannot call constructor");
16558 }
16559 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
16560 zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
16561 }
16562 EX(fbc) = ce->constructor;
16563 }
16564
16565 if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
16566 EX(object) = NULL;
16567 } else {
16568 if (EG(This) &&
16569 Z_OBJ_HT_P(EG(This))->get_class_entry &&
16570 !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
16571 /* We are calling method of the other (incompatible) class,
16572 but passing $this. This is done for compatibility with php-4. */
16573 int severity;
16574 char *verb;
16575 if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
16576 severity = E_STRICT;
16577 verb = "should not";
16578 } else {
16579 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
16580 severity = E_ERROR;
16581 verb = "cannot";
16582 }
16583 zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
16584
16585 }
16586 if ((EX(object) = EG(This))) {
16587 Z_ADDREF_P(EX(object));
16588 EX(called_scope) = Z_OBJCE_P(EX(object));
16589 }
16590 }
16591
16592 ZEND_VM_NEXT_OPCODE();
16593 }
16594
ZEND_CASE_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16595 static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16596 {
16597 zend_op *opline = EX(opline);
16598 int switch_expr_is_overloaded=0;
16599 zend_free_op free_op1;
16600
16601 if (IS_VAR==IS_VAR) {
16602 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
16603 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
16604 } else {
16605 switch_expr_is_overloaded = 1;
16606 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
16607 }
16608 }
16609 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
16610 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
16611 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
16612
16613 if (switch_expr_is_overloaded) {
16614 /* We only free op1 if this is a string offset,
16615 * Since if it is a TMP_VAR, it'll be reused by
16616 * other CASE opcodes (whereas string offsets
16617 * are allocated at each get_zval_ptr())
16618 */
16619 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16620 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
16621 EX_T(opline->op1.u.var).var.ptr = NULL;
16622 }
16623 ZEND_VM_NEXT_OPCODE();
16624 }
16625
ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16626 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16627 {
16628 zend_op *opline = EX(opline);
16629 zend_free_op free_op1;
16630 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
16631 zval *expr_ptr;
16632 zval *offset=_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16633
16634 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
16635 zval **expr_ptr_ptr = NULL;
16636
16637 if (opline->extended_value) {
16638 expr_ptr_ptr=_get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16639 expr_ptr = *expr_ptr_ptr;
16640 } else {
16641 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16642 }
16643 #else
16644 expr_ptr=_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16645 #endif
16646
16647 if (0) { /* temporary variable */
16648 zval *new_expr;
16649
16650 ALLOC_ZVAL(new_expr);
16651 INIT_PZVAL_COPY(new_expr, expr_ptr);
16652 expr_ptr = new_expr;
16653 } else {
16654 #if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV
16655 if (opline->extended_value) {
16656 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
16657 expr_ptr = *expr_ptr_ptr;
16658 Z_ADDREF_P(expr_ptr);
16659 } else
16660 #endif
16661 if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
16662 zval *new_expr;
16663
16664 ALLOC_ZVAL(new_expr);
16665 INIT_PZVAL_COPY(new_expr, expr_ptr);
16666 expr_ptr = new_expr;
16667 zendi_zval_copy_ctor(*expr_ptr);
16668 } else {
16669 Z_ADDREF_P(expr_ptr);
16670 }
16671 }
16672 if (offset) {
16673 switch (Z_TYPE_P(offset)) {
16674 case IS_DOUBLE:
16675 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
16676 break;
16677 case IS_LONG:
16678 case IS_BOOL:
16679 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
16680 break;
16681 case IS_STRING:
16682 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
16683 break;
16684 case IS_NULL:
16685 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
16686 break;
16687 default:
16688 zend_error(E_WARNING, "Illegal offset type");
16689 zval_ptr_dtor(&expr_ptr);
16690 /* do nothing */
16691 break;
16692 }
16693
16694 } else {
16695 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
16696 }
16697 if (opline->extended_value) {
16698 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16699 } else {
16700 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16701 }
16702 ZEND_VM_NEXT_OPCODE();
16703 }
16704
ZEND_INIT_ARRAY_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16705 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16706 {
16707 zend_op *opline = EX(opline);
16708
16709 array_init(&EX_T(opline->result.u.var).tmp_var);
16710 if (IS_VAR == IS_UNUSED) {
16711 ZEND_VM_NEXT_OPCODE();
16712 #if 0 || IS_VAR != IS_UNUSED
16713 } else {
16714 return ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16715 #endif
16716 }
16717 }
16718
ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16719 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16720 {
16721 zend_op *opline = EX(opline);
16722 zend_free_op free_op1;
16723 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16724 zval *offset;
16725
16726 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
16727 SEPARATE_ZVAL_IF_NOT_REF(container);
16728 }
16729 offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16730
16731 if (IS_VAR != IS_VAR || container) {
16732 switch (Z_TYPE_PP(container)) {
16733 case IS_ARRAY: {
16734 HashTable *ht = Z_ARRVAL_PP(container);
16735
16736 switch (Z_TYPE_P(offset)) {
16737 case IS_DOUBLE:
16738 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
16739 break;
16740 case IS_RESOURCE:
16741 case IS_BOOL:
16742 case IS_LONG:
16743 zend_hash_index_del(ht, Z_LVAL_P(offset));
16744 break;
16745 case IS_STRING:
16746 if (IS_CV == IS_CV || IS_CV == IS_VAR) {
16747 Z_ADDREF_P(offset);
16748 }
16749 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
16750 ht == &EG(symbol_table)) {
16751 zend_execute_data *ex;
16752 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
16753
16754 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
16755 if (ex->op_array && ex->symbol_table == ht) {
16756 int i;
16757
16758 for (i = 0; i < ex->op_array->last_var; i++) {
16759 if (ex->op_array->vars[i].hash_value == hash_value &&
16760 ex->op_array->vars[i].name_len == offset->value.str.len &&
16761 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
16762 ex->CVs[i] = NULL;
16763 break;
16764 }
16765 }
16766 }
16767 }
16768 }
16769 if (IS_CV == IS_CV || IS_CV == IS_VAR) {
16770 zval_ptr_dtor(&offset);
16771 }
16772 break;
16773 case IS_NULL:
16774 zend_hash_del(ht, "", sizeof(""));
16775 break;
16776 default:
16777 zend_error(E_WARNING, "Illegal offset type in unset");
16778 break;
16779 }
16780
16781 break;
16782 }
16783 case IS_OBJECT:
16784 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
16785 zend_error_noreturn(E_ERROR, "Cannot use object as array");
16786 }
16787 if (0) {
16788 MAKE_REAL_ZVAL_PTR(offset);
16789 }
16790 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
16791 if (0) {
16792 zval_ptr_dtor(&offset);
16793 } else {
16794
16795 }
16796 break;
16797 case IS_STRING:
16798 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
16799 ZEND_VM_CONTINUE(); /* bailed out before */
16800 default:
16801
16802 break;
16803 }
16804 } else {
16805
16806 }
16807 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16808
16809 ZEND_VM_NEXT_OPCODE();
16810 }
16811
ZEND_UNSET_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16812 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16813 {
16814 zend_op *opline = EX(opline);
16815 zend_free_op free_op1;
16816 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16817 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16818
16819 if (IS_VAR != IS_VAR || container) {
16820 if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) {
16821 SEPARATE_ZVAL_IF_NOT_REF(container);
16822 }
16823 if (Z_TYPE_PP(container) == IS_OBJECT) {
16824 if (0) {
16825 MAKE_REAL_ZVAL_PTR(offset);
16826 }
16827 if (Z_OBJ_HT_P(*container)->unset_property) {
16828 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
16829 } else {
16830 zend_error(E_NOTICE, "Trying to unset property of non-object");
16831 }
16832 if (0) {
16833 zval_ptr_dtor(&offset);
16834 } else {
16835
16836 }
16837 } else {
16838
16839 }
16840 } else {
16841
16842 }
16843 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16844
16845 ZEND_VM_NEXT_OPCODE();
16846 }
16847
zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)16848 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
16849 {
16850 zend_op *opline = EX(opline);
16851 zend_free_op free_op1;
16852 zval **container = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
16853 zval **value = NULL;
16854 int result = 0;
16855
16856 if (IS_VAR != IS_VAR || container) {
16857
16858 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
16859
16860 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
16861 HashTable *ht;
16862 int isset = 0;
16863
16864 ht = Z_ARRVAL_PP(container);
16865
16866 switch (Z_TYPE_P(offset)) {
16867 case IS_DOUBLE:
16868 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
16869 isset = 1;
16870 }
16871 break;
16872 case IS_RESOURCE:
16873 case IS_BOOL:
16874 case IS_LONG:
16875 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
16876 isset = 1;
16877 }
16878 break;
16879 case IS_STRING:
16880 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
16881 isset = 1;
16882 }
16883 break;
16884 case IS_NULL:
16885 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
16886 isset = 1;
16887 }
16888 break;
16889 default:
16890 zend_error(E_WARNING, "Illegal offset type in isset or empty");
16891
16892 break;
16893 }
16894
16895 switch (opline->extended_value) {
16896 case ZEND_ISSET:
16897 if (isset && Z_TYPE_PP(value) == IS_NULL) {
16898 result = 0;
16899 } else {
16900 result = isset;
16901 }
16902 break;
16903 case ZEND_ISEMPTY:
16904 if (!isset || !i_zend_is_true(*value)) {
16905 result = 0;
16906 } else {
16907 result = 1;
16908 }
16909 break;
16910 }
16911
16912 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
16913 if (0) {
16914 MAKE_REAL_ZVAL_PTR(offset);
16915 }
16916 if (prop_dim) {
16917 if (Z_OBJ_HT_P(*container)->has_property) {
16918 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
16919 } else {
16920 zend_error(E_NOTICE, "Trying to check property of non-object");
16921 result = 0;
16922 }
16923 } else {
16924 if (Z_OBJ_HT_P(*container)->has_dimension) {
16925 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
16926 } else {
16927 zend_error(E_NOTICE, "Trying to check element of non-array");
16928 result = 0;
16929 }
16930 }
16931 if (0) {
16932 zval_ptr_dtor(&offset);
16933 } else {
16934
16935 }
16936 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
16937 zval tmp;
16938
16939 if (Z_TYPE_P(offset) != IS_LONG) {
16940 tmp = *offset;
16941 zval_copy_ctor(&tmp);
16942 convert_to_long(&tmp);
16943 offset = &tmp;
16944 }
16945 if (Z_TYPE_P(offset) == IS_LONG) {
16946 switch (opline->extended_value) {
16947 case ZEND_ISSET:
16948 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
16949 result = 1;
16950 }
16951 break;
16952 case ZEND_ISEMPTY:
16953 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
16954 result = 1;
16955 }
16956 break;
16957 }
16958 }
16959
16960 } else {
16961
16962 }
16963 }
16964
16965 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
16966
16967 switch (opline->extended_value) {
16968 case ZEND_ISSET:
16969 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
16970 break;
16971 case ZEND_ISEMPTY:
16972 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
16973 break;
16974 }
16975
16976 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
16977
16978 ZEND_VM_NEXT_OPCODE();
16979 }
16980
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16981 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16982 {
16983 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16984 }
16985
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16986 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16987 {
16988 return zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
16989 }
16990
ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)16991 static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
16992 {
16993 zend_op *opline = EX(opline);
16994
16995 zval *obj = _get_obj_zval_ptr_unused(TSRMLS_C);
16996 zend_class_entry *ce;
16997 zend_function *clone;
16998 zend_object_clone_obj_t clone_call;
16999
17000 if (IS_UNUSED == IS_CONST ||
17001 (IS_UNUSED == IS_VAR && !obj) ||
17002 Z_TYPE_P(obj) != IS_OBJECT) {
17003 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
17004 }
17005
17006 ce = Z_OBJCE_P(obj);
17007 clone = ce ? ce->clone : NULL;
17008 clone_call = Z_OBJ_HT_P(obj)->clone_obj;
17009 if (!clone_call) {
17010 if (ce) {
17011 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
17012 } else {
17013 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
17014 }
17015 }
17016
17017 if (ce && clone) {
17018 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
17019 /* Ensure that if we're calling a private function, we're allowed to do so.
17020 */
17021 if (ce != EG(scope)) {
17022 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
17023 }
17024 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
17025 /* Ensure that if we're calling a protected function, we're allowed to do so.
17026 */
17027 if (!zend_check_protected(clone->common.scope, EG(scope))) {
17028 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
17029 }
17030 }
17031 }
17032
17033 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
17034 if (!EG(exception)) {
17035 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
17036 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
17037 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
17038 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
17039 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
17040 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
17041 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
17042 }
17043 }
17044
17045 ZEND_VM_NEXT_OPCODE();
17046 }
17047
ZEND_EXIT_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17048 static int ZEND_FASTCALL ZEND_EXIT_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17049 {
17050 #if 0 || (IS_UNUSED != IS_UNUSED)
17051 zend_op *opline = EX(opline);
17052 if (IS_UNUSED != IS_UNUSED) {
17053
17054 zval *ptr = NULL;
17055
17056 if (Z_TYPE_P(ptr) == IS_LONG) {
17057 EG(exit_status) = Z_LVAL_P(ptr);
17058 } else {
17059 zend_print_variable(ptr);
17060 }
17061
17062 }
17063 #endif
17064 zend_bailout();
17065 ZEND_VM_NEXT_OPCODE();
17066 }
17067
zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)17068 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
17069 {
17070 zend_op *opline = EX(opline);
17071 zend_op *op_data = opline+1;
17072 zend_free_op free_op_data1;
17073 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17074 zval *object;
17075 zval *property = &opline->op2.u.constant;
17076 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
17077 znode *result = &opline->result;
17078 int have_get_ptr = 0;
17079
17080 if (IS_UNUSED == IS_VAR && !object_ptr) {
17081 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
17082 }
17083
17084 EX_T(result->u.var).var.ptr_ptr = NULL;
17085 make_real_object(object_ptr TSRMLS_CC);
17086 object = *object_ptr;
17087
17088 if (Z_TYPE_P(object) != IS_OBJECT) {
17089 zend_error(E_WARNING, "Attempt to assign property of non-object");
17090
17091 FREE_OP(free_op_data1);
17092
17093 if (!RETURN_VALUE_UNUSED(result)) {
17094 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
17095 EX_T(result->u.var).var.ptr_ptr = NULL;
17096 PZVAL_LOCK(EG(uninitialized_zval_ptr));
17097 }
17098 } else {
17099 /* here we are sure we are dealing with an object */
17100 if (0) {
17101 MAKE_REAL_ZVAL_PTR(property);
17102 }
17103
17104 /* here property is a string */
17105 if (opline->extended_value == ZEND_ASSIGN_OBJ
17106 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
17107 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
17108 if (zptr != NULL) { /* NULL means no success in getting PTR */
17109 SEPARATE_ZVAL_IF_NOT_REF(zptr);
17110
17111 have_get_ptr = 1;
17112 binary_op(*zptr, *zptr, value TSRMLS_CC);
17113 if (!RETURN_VALUE_UNUSED(result)) {
17114 EX_T(result->u.var).var.ptr = *zptr;
17115 EX_T(result->u.var).var.ptr_ptr = NULL;
17116 PZVAL_LOCK(*zptr);
17117 }
17118 }
17119 }
17120
17121 if (!have_get_ptr) {
17122 zval *z = NULL;
17123
17124 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
17125 if (Z_OBJ_HT_P(object)->read_property) {
17126 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
17127 }
17128 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
17129 if (Z_OBJ_HT_P(object)->read_dimension) {
17130 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
17131 }
17132 }
17133 if (z) {
17134 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
17135 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
17136
17137 if (Z_REFCOUNT_P(z) == 0) {
17138 GC_REMOVE_ZVAL_FROM_BUFFER(z);
17139 zval_dtor(z);
17140 FREE_ZVAL(z);
17141 }
17142 z = value;
17143 }
17144 Z_ADDREF_P(z);
17145 SEPARATE_ZVAL_IF_NOT_REF(&z);
17146 binary_op(z, z, value TSRMLS_CC);
17147 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
17148 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
17149 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
17150 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
17151 }
17152 if (!RETURN_VALUE_UNUSED(result)) {
17153 EX_T(result->u.var).var.ptr = z;
17154 EX_T(result->u.var).var.ptr_ptr = NULL;
17155 PZVAL_LOCK(z);
17156 }
17157 zval_ptr_dtor(&z);
17158 } else {
17159 zend_error(E_WARNING, "Attempt to assign property of non-object");
17160 if (!RETURN_VALUE_UNUSED(result)) {
17161 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
17162 EX_T(result->u.var).var.ptr_ptr = NULL;
17163 PZVAL_LOCK(EG(uninitialized_zval_ptr));
17164 }
17165 }
17166 }
17167
17168 if (0) {
17169 zval_ptr_dtor(&property);
17170 } else {
17171
17172 }
17173 FREE_OP(free_op_data1);
17174 }
17175
17176 /* assign_obj has two opcodes! */
17177 ZEND_VM_INC_OPCODE();
17178 ZEND_VM_NEXT_OPCODE();
17179 }
17180
zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)17181 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
17182 {
17183 zend_op *opline = EX(opline);
17184 zend_free_op free_op_data2, free_op_data1;
17185 zval **var_ptr;
17186 zval *value;
17187
17188 switch (opline->extended_value) {
17189 case ZEND_ASSIGN_OBJ:
17190 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17191 break;
17192 case ZEND_ASSIGN_DIM: {
17193 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17194
17195 if (IS_UNUSED == IS_VAR && !container) {
17196 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
17197 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
17198 if (IS_UNUSED == IS_VAR && !0) {
17199 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
17200 }
17201 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17202 } else {
17203 zend_op *op_data = opline+1;
17204 zval *dim = &opline->op2.u.constant;
17205
17206 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
17207 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
17208 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
17209 ZEND_VM_INC_OPCODE();
17210 }
17211 }
17212 break;
17213 default:
17214 value = &opline->op2.u.constant;
17215 var_ptr = NULL;
17216 /* do nothing */
17217 break;
17218 }
17219
17220 if (!var_ptr) {
17221 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
17222 }
17223
17224 if (*var_ptr == EG(error_zval_ptr)) {
17225 if (!RETURN_VALUE_UNUSED(&opline->result)) {
17226 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
17227 PZVAL_LOCK(EG(uninitialized_zval_ptr));
17228 }
17229
17230
17231 ZEND_VM_NEXT_OPCODE();
17232 }
17233
17234 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
17235
17236 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
17237 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
17238 /* proxy object */
17239 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
17240 Z_ADDREF_P(objval);
17241 binary_op(objval, objval, value TSRMLS_CC);
17242 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
17243 zval_ptr_dtor(&objval);
17244 } else {
17245 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
17246 }
17247
17248 if (!RETURN_VALUE_UNUSED(&opline->result)) {
17249 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
17250 PZVAL_LOCK(*var_ptr);
17251 }
17252
17253 if (opline->extended_value == ZEND_ASSIGN_DIM) {
17254 FREE_OP(free_op_data1);
17255 FREE_OP_VAR_PTR(free_op_data2);
17256 }
17257
17258 ZEND_VM_NEXT_OPCODE();
17259 }
17260
ZEND_ASSIGN_ADD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17261 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17262 {
17263 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17264 }
17265
ZEND_ASSIGN_SUB_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17266 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17267 {
17268 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17269 }
17270
ZEND_ASSIGN_MUL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17271 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17272 {
17273 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17274 }
17275
ZEND_ASSIGN_DIV_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17276 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17277 {
17278 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17279 }
17280
ZEND_ASSIGN_MOD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17281 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17282 {
17283 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17284 }
17285
ZEND_ASSIGN_SL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17286 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17287 {
17288 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17289 }
17290
ZEND_ASSIGN_SR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17291 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17292 {
17293 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17294 }
17295
ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17296 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17297 {
17298 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17299 }
17300
ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17301 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17302 {
17303 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17304 }
17305
ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17306 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17307 {
17308 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17309 }
17310
ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17311 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17312 {
17313 return zend_binary_assign_op_helper_SPEC_UNUSED_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17314 }
17315
zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)17316 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
17317 {
17318 zend_op *opline = EX(opline);
17319
17320 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17321 zval *object;
17322 zval *property = &opline->op2.u.constant;
17323 zval **retval = &EX_T(opline->result.u.var).var.ptr;
17324 int have_get_ptr = 0;
17325
17326 if (IS_UNUSED == IS_VAR && !object_ptr) {
17327 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
17328 }
17329
17330 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
17331 object = *object_ptr;
17332
17333 if (Z_TYPE_P(object) != IS_OBJECT) {
17334 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
17335
17336 if (!RETURN_VALUE_UNUSED(&opline->result)) {
17337 *retval = EG(uninitialized_zval_ptr);
17338 PZVAL_LOCK(*retval);
17339 }
17340
17341 ZEND_VM_NEXT_OPCODE();
17342 }
17343
17344 /* here we are sure we are dealing with an object */
17345
17346 if (0) {
17347 MAKE_REAL_ZVAL_PTR(property);
17348 }
17349
17350 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
17351 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
17352 if (zptr != NULL) { /* NULL means no success in getting PTR */
17353 SEPARATE_ZVAL_IF_NOT_REF(zptr);
17354
17355 have_get_ptr = 1;
17356 incdec_op(*zptr);
17357 if (!RETURN_VALUE_UNUSED(&opline->result)) {
17358 *retval = *zptr;
17359 PZVAL_LOCK(*retval);
17360 }
17361 }
17362 }
17363
17364 if (!have_get_ptr) {
17365 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
17366 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
17367
17368 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
17369 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
17370
17371 if (Z_REFCOUNT_P(z) == 0) {
17372 GC_REMOVE_ZVAL_FROM_BUFFER(z);
17373 zval_dtor(z);
17374 FREE_ZVAL(z);
17375 }
17376 z = value;
17377 }
17378 Z_ADDREF_P(z);
17379 SEPARATE_ZVAL_IF_NOT_REF(&z);
17380 incdec_op(z);
17381 *retval = z;
17382 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
17383 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
17384 zval_ptr_dtor(&z);
17385 } else {
17386 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
17387 if (!RETURN_VALUE_UNUSED(&opline->result)) {
17388 *retval = EG(uninitialized_zval_ptr);
17389 PZVAL_LOCK(*retval);
17390 }
17391 }
17392 }
17393
17394 if (0) {
17395 zval_ptr_dtor(&property);
17396 } else {
17397
17398 }
17399
17400 ZEND_VM_NEXT_OPCODE();
17401 }
17402
ZEND_PRE_INC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17403 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17404 {
17405 return zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17406 }
17407
ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17408 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17409 {
17410 return zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17411 }
17412
zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)17413 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
17414 {
17415 zend_op *opline = EX(opline);
17416
17417 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17418 zval *object;
17419 zval *property = &opline->op2.u.constant;
17420 zval *retval = &EX_T(opline->result.u.var).tmp_var;
17421 int have_get_ptr = 0;
17422
17423 if (IS_UNUSED == IS_VAR && !object_ptr) {
17424 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
17425 }
17426
17427 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
17428 object = *object_ptr;
17429
17430 if (Z_TYPE_P(object) != IS_OBJECT) {
17431 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
17432
17433 *retval = *EG(uninitialized_zval_ptr);
17434
17435 ZEND_VM_NEXT_OPCODE();
17436 }
17437
17438 /* here we are sure we are dealing with an object */
17439
17440 if (0) {
17441 MAKE_REAL_ZVAL_PTR(property);
17442 }
17443
17444 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
17445 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
17446 if (zptr != NULL) { /* NULL means no success in getting PTR */
17447 have_get_ptr = 1;
17448 SEPARATE_ZVAL_IF_NOT_REF(zptr);
17449
17450 *retval = **zptr;
17451 zendi_zval_copy_ctor(*retval);
17452
17453 incdec_op(*zptr);
17454
17455 }
17456 }
17457
17458 if (!have_get_ptr) {
17459 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
17460 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
17461 zval *z_copy;
17462
17463 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
17464 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
17465
17466 if (Z_REFCOUNT_P(z) == 0) {
17467 GC_REMOVE_ZVAL_FROM_BUFFER(z);
17468 zval_dtor(z);
17469 FREE_ZVAL(z);
17470 }
17471 z = value;
17472 }
17473 *retval = *z;
17474 zendi_zval_copy_ctor(*retval);
17475 ALLOC_ZVAL(z_copy);
17476 *z_copy = *z;
17477 zendi_zval_copy_ctor(*z_copy);
17478 INIT_PZVAL(z_copy);
17479 incdec_op(z_copy);
17480 Z_ADDREF_P(z);
17481 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
17482 zval_ptr_dtor(&z_copy);
17483 zval_ptr_dtor(&z);
17484 } else {
17485 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
17486 *retval = *EG(uninitialized_zval_ptr);
17487 }
17488 }
17489
17490 if (0) {
17491 zval_ptr_dtor(&property);
17492 } else {
17493
17494 }
17495
17496 ZEND_VM_NEXT_OPCODE();
17497 }
17498
ZEND_POST_INC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17499 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17500 {
17501 return zend_post_incdec_property_helper_SPEC_UNUSED_CONST(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17502 }
17503
ZEND_POST_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17504 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17505 {
17506 return zend_post_incdec_property_helper_SPEC_UNUSED_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17507 }
17508
zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(int type,ZEND_OPCODE_HANDLER_ARGS)17509 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(int type, ZEND_OPCODE_HANDLER_ARGS)
17510 {
17511 zend_op *opline = EX(opline);
17512
17513 zval *container = _get_obj_zval_ptr_unused(TSRMLS_C);
17514
17515 zval *offset = &opline->op2.u.constant;
17516
17517 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
17518 if (type != BP_VAR_IS) {
17519 zend_error(E_NOTICE, "Trying to get property of non-object");
17520 }
17521 if (!RETURN_VALUE_UNUSED(&opline->result)) {
17522 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
17523 PZVAL_LOCK(EG(uninitialized_zval_ptr));
17524 }
17525
17526 } else {
17527 zval *retval;
17528
17529 if (0) {
17530 MAKE_REAL_ZVAL_PTR(offset);
17531 }
17532
17533 /* here we are sure we are dealing with an object */
17534 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
17535
17536 if (RETURN_VALUE_UNUSED(&opline->result)) {
17537 if (Z_REFCOUNT_P(retval) == 0) {
17538 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
17539 zval_dtor(retval);
17540 FREE_ZVAL(retval);
17541 }
17542 } else {
17543 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
17544 PZVAL_LOCK(retval);
17545 }
17546
17547 if (0) {
17548 zval_ptr_dtor(&offset);
17549 } else {
17550
17551 }
17552 }
17553
17554 ZEND_VM_NEXT_OPCODE();
17555 }
17556
ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17557 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17558 {
17559 return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17560 }
17561
ZEND_FETCH_OBJ_W_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17562 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17563 {
17564 zend_op *opline = EX(opline);
17565 zend_free_op free_op1;
17566 zval *property = &opline->op2.u.constant;
17567 zval **container;
17568
17569 if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
17570 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
17571 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
17572 }
17573
17574 if (0) {
17575 MAKE_REAL_ZVAL_PTR(property);
17576 }
17577 container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17578 if (IS_UNUSED == IS_VAR && !container) {
17579 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
17580 }
17581 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
17582 if (0) {
17583 zval_ptr_dtor(&property);
17584 } else {
17585
17586 }
17587 if (IS_UNUSED == IS_VAR && 0 &&
17588 READY_TO_DESTROY(free_op1.var)) {
17589 AI_USE_PTR(EX_T(opline->result.u.var).var);
17590 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
17591 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
17592 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
17593 }
17594 }
17595
17596 /* We are going to assign the result by reference */
17597 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
17598 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
17599 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
17600 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
17601 }
17602
17603 ZEND_VM_NEXT_OPCODE();
17604 }
17605
ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17606 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17607 {
17608 zend_op *opline = EX(opline);
17609 zend_free_op free_op1;
17610 zval *property = &opline->op2.u.constant;
17611 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17612
17613 if (0) {
17614 MAKE_REAL_ZVAL_PTR(property);
17615 }
17616 if (IS_UNUSED == IS_VAR && !container) {
17617 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
17618 }
17619 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
17620 if (0) {
17621 zval_ptr_dtor(&property);
17622 } else {
17623
17624 }
17625 if (IS_UNUSED == IS_VAR && 0 &&
17626 READY_TO_DESTROY(free_op1.var)) {
17627 AI_USE_PTR(EX_T(opline->result.u.var).var);
17628 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
17629 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
17630 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
17631 }
17632 }
17633
17634 ZEND_VM_NEXT_OPCODE();
17635 }
17636
ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17637 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17638 {
17639 return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17640 }
17641
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17642 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17643 {
17644 zend_op *opline = EX(opline);
17645
17646 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
17647 /* Behave like FETCH_OBJ_W */
17648 zend_free_op free_op1;
17649 zval *property = &opline->op2.u.constant;
17650 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17651
17652 if (0) {
17653 MAKE_REAL_ZVAL_PTR(property);
17654 }
17655 if (IS_UNUSED == IS_VAR && !container) {
17656 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
17657 }
17658 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
17659 if (0) {
17660 zval_ptr_dtor(&property);
17661 } else {
17662
17663 }
17664 if (IS_UNUSED == IS_VAR && 0 &&
17665 READY_TO_DESTROY(free_op1.var)) {
17666 AI_USE_PTR(EX_T(opline->result.u.var).var);
17667 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
17668 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
17669 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
17670 }
17671 }
17672
17673 ZEND_VM_NEXT_OPCODE();
17674 } else {
17675 return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17676 }
17677 }
17678
ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17679 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17680 {
17681 zend_op *opline = EX(opline);
17682 zend_free_op free_op1, free_res;
17683 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17684 zval *property = &opline->op2.u.constant;
17685
17686 if (IS_UNUSED == IS_CV) {
17687 if (container != &EG(uninitialized_zval_ptr)) {
17688 SEPARATE_ZVAL_IF_NOT_REF(container);
17689 }
17690 }
17691 if (0) {
17692 MAKE_REAL_ZVAL_PTR(property);
17693 }
17694 if (IS_UNUSED == IS_VAR && !container) {
17695 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
17696 }
17697 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
17698 if (0) {
17699 zval_ptr_dtor(&property);
17700 } else {
17701
17702 }
17703 if (IS_UNUSED == IS_VAR && 0 &&
17704 READY_TO_DESTROY(free_op1.var)) {
17705 AI_USE_PTR(EX_T(opline->result.u.var).var);
17706 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
17707 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
17708 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
17709 }
17710 }
17711
17712 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
17713 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
17714 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
17715 }
17716 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
17717 FREE_OP_VAR_PTR(free_res);
17718 ZEND_VM_NEXT_OPCODE();
17719 }
17720
ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17721 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17722 {
17723 zend_op *opline = EX(opline);
17724 zend_op *op_data = opline+1;
17725
17726 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17727 zval *property_name = &opline->op2.u.constant;
17728
17729 if (0) {
17730 MAKE_REAL_ZVAL_PTR(property_name);
17731 }
17732 if (IS_UNUSED == IS_VAR && !object_ptr) {
17733 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
17734 }
17735 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
17736 if (0) {
17737 zval_ptr_dtor(&property_name);
17738 } else {
17739
17740 }
17741
17742 /* assign_obj has two opcodes! */
17743 ZEND_VM_INC_OPCODE();
17744 ZEND_VM_NEXT_OPCODE();
17745 }
17746
ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17747 static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17748 {
17749 zend_op *opline = EX(opline);
17750 zval *str = &EX_T(opline->result.u.var).tmp_var;
17751
17752 if (IS_UNUSED == IS_UNUSED) {
17753 /* Initialize for erealloc in add_char_to_string */
17754 Z_STRVAL_P(str) = NULL;
17755 Z_STRLEN_P(str) = 0;
17756 Z_TYPE_P(str) = IS_STRING;
17757
17758 INIT_PZVAL(str);
17759 }
17760
17761 add_char_to_string(str, str, &opline->op2.u.constant);
17762
17763 /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */
17764 ZEND_VM_NEXT_OPCODE();
17765 }
17766
ZEND_ADD_STRING_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17767 static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17768 {
17769 zend_op *opline = EX(opline);
17770 zval *str = &EX_T(opline->result.u.var).tmp_var;
17771
17772 if (IS_UNUSED == IS_UNUSED) {
17773 /* Initialize for erealloc in add_string_to_string */
17774 Z_STRVAL_P(str) = NULL;
17775 Z_STRLEN_P(str) = 0;
17776 Z_TYPE_P(str) = IS_STRING;
17777
17778 INIT_PZVAL(str);
17779 }
17780
17781 add_string_to_string(str, str, &opline->op2.u.constant);
17782
17783 /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */
17784 ZEND_VM_NEXT_OPCODE();
17785 }
17786
ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17787 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17788 {
17789 zend_op *opline = EX(opline);
17790 zval *function_name;
17791 char *function_name_strval;
17792 int function_name_strlen;
17793
17794
17795 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
17796
17797 function_name = &opline->op2.u.constant;
17798
17799 if (Z_TYPE_P(function_name)!=IS_STRING) {
17800 zend_error_noreturn(E_ERROR, "Method name must be a string");
17801 }
17802
17803 function_name_strval = Z_STRVAL_P(function_name);
17804 function_name_strlen = Z_STRLEN_P(function_name);
17805
17806 EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C);
17807
17808 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
17809 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
17810 zend_error_noreturn(E_ERROR, "Object does not support method calls");
17811 }
17812
17813 /* First, locate the function. */
17814 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
17815 if (!EX(fbc)) {
17816 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
17817 }
17818
17819 EX(called_scope) = Z_OBJCE_P(EX(object));
17820 } else {
17821 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
17822 }
17823
17824 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
17825 EX(object) = NULL;
17826 } else {
17827 if (!PZVAL_IS_REF(EX(object))) {
17828 Z_ADDREF_P(EX(object)); /* For $this pointer */
17829 } else {
17830 zval *this_ptr;
17831 ALLOC_ZVAL(this_ptr);
17832 INIT_PZVAL_COPY(this_ptr, EX(object));
17833 zval_copy_ctor(this_ptr);
17834 EX(object) = this_ptr;
17835 }
17836 }
17837
17838
17839 ZEND_VM_NEXT_OPCODE();
17840 }
17841
ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17842 static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17843 {
17844 zend_op *opline = EX(opline);
17845
17846 if (IS_UNUSED == IS_UNUSED) {
17847 /* namespaced constant */
17848 if (!zend_get_constant_ex(Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant), &EX_T(opline->result.u.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) {
17849 if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) {
17850 char *actual = (char *)zend_memrchr(Z_STRVAL(opline->op2.u.constant), '\\', Z_STRLEN(opline->op2.u.constant));
17851 if(!actual) {
17852 actual = Z_STRVAL(opline->op2.u.constant);
17853 } else {
17854 actual++;
17855 }
17856 /* non-qualified constant - allow text substitution */
17857 zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual);
17858 ZVAL_STRINGL(&EX_T(opline->result.u.var).tmp_var, actual, Z_STRLEN(opline->op2.u.constant)-(actual - Z_STRVAL(opline->op2.u.constant)), 1);
17859 } else {
17860 zend_error_noreturn(E_ERROR, "Undefined constant '%s'",
17861 Z_STRVAL(opline->op2.u.constant), Z_STRVAL(opline->op2.u.constant));
17862 }
17863 }
17864 ZEND_VM_NEXT_OPCODE();
17865 } else {
17866 /* class constant */
17867 zend_class_entry *ce;
17868 zval **value;
17869
17870 if (IS_UNUSED == IS_CONST) {
17871
17872 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
17873 if (UNEXPECTED(EG(exception) != NULL)) {
17874 ZEND_VM_CONTINUE();
17875 }
17876 if (!ce) {
17877 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
17878 }
17879 } else {
17880 ce = EX_T(opline->op1.u.var).class_entry;
17881 }
17882
17883 if (zend_hash_find(&ce->constants_table, Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant)+1, (void **) &value) == SUCCESS) {
17884 if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY ||
17885 (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) {
17886 zend_class_entry *old_scope = EG(scope);
17887
17888 EG(scope) = ce;
17889 zval_update_constant(value, (void *) 1 TSRMLS_CC);
17890 EG(scope) = old_scope;
17891 }
17892 EX_T(opline->result.u.var).tmp_var = **value;
17893 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
17894 } else {
17895 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
17896 }
17897
17898 ZEND_VM_NEXT_OPCODE();
17899 }
17900 }
17901
ZEND_INIT_ARRAY_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17902 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17903 {
17904 zend_op *opline = EX(opline);
17905
17906 array_init(&EX_T(opline->result.u.var).tmp_var);
17907 if (IS_UNUSED == IS_UNUSED) {
17908 ZEND_VM_NEXT_OPCODE();
17909 #if 0 || IS_UNUSED != IS_UNUSED
17910 } else {
17911 return ZEND_ADD_ARRAY_ELEMENT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
17912 #endif
17913 }
17914 }
17915
ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)17916 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
17917 {
17918 zend_op *opline = EX(opline);
17919
17920 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
17921 zval *offset;
17922
17923 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
17924 SEPARATE_ZVAL_IF_NOT_REF(container);
17925 }
17926 offset = &opline->op2.u.constant;
17927
17928 if (IS_UNUSED != IS_VAR || container) {
17929 switch (Z_TYPE_PP(container)) {
17930 case IS_ARRAY: {
17931 HashTable *ht = Z_ARRVAL_PP(container);
17932
17933 switch (Z_TYPE_P(offset)) {
17934 case IS_DOUBLE:
17935 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
17936 break;
17937 case IS_RESOURCE:
17938 case IS_BOOL:
17939 case IS_LONG:
17940 zend_hash_index_del(ht, Z_LVAL_P(offset));
17941 break;
17942 case IS_STRING:
17943 if (IS_CONST == IS_CV || IS_CONST == IS_VAR) {
17944 Z_ADDREF_P(offset);
17945 }
17946 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
17947 ht == &EG(symbol_table)) {
17948 zend_execute_data *ex;
17949 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
17950
17951 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
17952 if (ex->op_array && ex->symbol_table == ht) {
17953 int i;
17954
17955 for (i = 0; i < ex->op_array->last_var; i++) {
17956 if (ex->op_array->vars[i].hash_value == hash_value &&
17957 ex->op_array->vars[i].name_len == offset->value.str.len &&
17958 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
17959 ex->CVs[i] = NULL;
17960 break;
17961 }
17962 }
17963 }
17964 }
17965 }
17966 if (IS_CONST == IS_CV || IS_CONST == IS_VAR) {
17967 zval_ptr_dtor(&offset);
17968 }
17969 break;
17970 case IS_NULL:
17971 zend_hash_del(ht, "", sizeof(""));
17972 break;
17973 default:
17974 zend_error(E_WARNING, "Illegal offset type in unset");
17975 break;
17976 }
17977
17978 break;
17979 }
17980 case IS_OBJECT:
17981 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
17982 zend_error_noreturn(E_ERROR, "Cannot use object as array");
17983 }
17984 if (0) {
17985 MAKE_REAL_ZVAL_PTR(offset);
17986 }
17987 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
17988 if (0) {
17989 zval_ptr_dtor(&offset);
17990 } else {
17991
17992 }
17993 break;
17994 case IS_STRING:
17995 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
17996 ZEND_VM_CONTINUE(); /* bailed out before */
17997 default:
17998
17999 break;
18000 }
18001 } else {
18002
18003 }
18004
18005 ZEND_VM_NEXT_OPCODE();
18006 }
18007
ZEND_UNSET_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18008 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18009 {
18010 zend_op *opline = EX(opline);
18011
18012 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18013 zval *offset = &opline->op2.u.constant;
18014
18015 if (IS_UNUSED != IS_VAR || container) {
18016 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
18017 SEPARATE_ZVAL_IF_NOT_REF(container);
18018 }
18019 if (Z_TYPE_PP(container) == IS_OBJECT) {
18020 if (0) {
18021 MAKE_REAL_ZVAL_PTR(offset);
18022 }
18023 if (Z_OBJ_HT_P(*container)->unset_property) {
18024 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
18025 } else {
18026 zend_error(E_NOTICE, "Trying to unset property of non-object");
18027 }
18028 if (0) {
18029 zval_ptr_dtor(&offset);
18030 } else {
18031
18032 }
18033 } else {
18034
18035 }
18036 } else {
18037
18038 }
18039
18040 ZEND_VM_NEXT_OPCODE();
18041 }
18042
zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)18043 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
18044 {
18045 zend_op *opline = EX(opline);
18046
18047 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18048 zval **value = NULL;
18049 int result = 0;
18050
18051 if (IS_UNUSED != IS_VAR || container) {
18052
18053 zval *offset = &opline->op2.u.constant;
18054
18055 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
18056 HashTable *ht;
18057 int isset = 0;
18058
18059 ht = Z_ARRVAL_PP(container);
18060
18061 switch (Z_TYPE_P(offset)) {
18062 case IS_DOUBLE:
18063 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
18064 isset = 1;
18065 }
18066 break;
18067 case IS_RESOURCE:
18068 case IS_BOOL:
18069 case IS_LONG:
18070 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
18071 isset = 1;
18072 }
18073 break;
18074 case IS_STRING:
18075 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
18076 isset = 1;
18077 }
18078 break;
18079 case IS_NULL:
18080 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
18081 isset = 1;
18082 }
18083 break;
18084 default:
18085 zend_error(E_WARNING, "Illegal offset type in isset or empty");
18086
18087 break;
18088 }
18089
18090 switch (opline->extended_value) {
18091 case ZEND_ISSET:
18092 if (isset && Z_TYPE_PP(value) == IS_NULL) {
18093 result = 0;
18094 } else {
18095 result = isset;
18096 }
18097 break;
18098 case ZEND_ISEMPTY:
18099 if (!isset || !i_zend_is_true(*value)) {
18100 result = 0;
18101 } else {
18102 result = 1;
18103 }
18104 break;
18105 }
18106
18107 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
18108 if (0) {
18109 MAKE_REAL_ZVAL_PTR(offset);
18110 }
18111 if (prop_dim) {
18112 if (Z_OBJ_HT_P(*container)->has_property) {
18113 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
18114 } else {
18115 zend_error(E_NOTICE, "Trying to check property of non-object");
18116 result = 0;
18117 }
18118 } else {
18119 if (Z_OBJ_HT_P(*container)->has_dimension) {
18120 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
18121 } else {
18122 zend_error(E_NOTICE, "Trying to check element of non-array");
18123 result = 0;
18124 }
18125 }
18126 if (0) {
18127 zval_ptr_dtor(&offset);
18128 } else {
18129
18130 }
18131 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
18132 zval tmp;
18133
18134 if (Z_TYPE_P(offset) != IS_LONG) {
18135 tmp = *offset;
18136 zval_copy_ctor(&tmp);
18137 convert_to_long(&tmp);
18138 offset = &tmp;
18139 }
18140 if (Z_TYPE_P(offset) == IS_LONG) {
18141 switch (opline->extended_value) {
18142 case ZEND_ISSET:
18143 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
18144 result = 1;
18145 }
18146 break;
18147 case ZEND_ISEMPTY:
18148 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
18149 result = 1;
18150 }
18151 break;
18152 }
18153 }
18154
18155 } else {
18156
18157 }
18158 }
18159
18160 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
18161
18162 switch (opline->extended_value) {
18163 case ZEND_ISSET:
18164 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
18165 break;
18166 case ZEND_ISEMPTY:
18167 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
18168 break;
18169 }
18170
18171 ZEND_VM_NEXT_OPCODE();
18172 }
18173
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18174 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18175 {
18176 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18177 }
18178
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18179 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18180 {
18181 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18182 }
18183
zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)18184 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
18185 {
18186 zend_op *opline = EX(opline);
18187 zend_op *op_data = opline+1;
18188 zend_free_op free_op2, free_op_data1;
18189 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18190 zval *object;
18191 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18192 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
18193 znode *result = &opline->result;
18194 int have_get_ptr = 0;
18195
18196 if (IS_UNUSED == IS_VAR && !object_ptr) {
18197 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
18198 }
18199
18200 EX_T(result->u.var).var.ptr_ptr = NULL;
18201 make_real_object(object_ptr TSRMLS_CC);
18202 object = *object_ptr;
18203
18204 if (Z_TYPE_P(object) != IS_OBJECT) {
18205 zend_error(E_WARNING, "Attempt to assign property of non-object");
18206 zval_dtor(free_op2.var);
18207 FREE_OP(free_op_data1);
18208
18209 if (!RETURN_VALUE_UNUSED(result)) {
18210 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
18211 EX_T(result->u.var).var.ptr_ptr = NULL;
18212 PZVAL_LOCK(EG(uninitialized_zval_ptr));
18213 }
18214 } else {
18215 /* here we are sure we are dealing with an object */
18216 if (1) {
18217 MAKE_REAL_ZVAL_PTR(property);
18218 }
18219
18220 /* here property is a string */
18221 if (opline->extended_value == ZEND_ASSIGN_OBJ
18222 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
18223 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
18224 if (zptr != NULL) { /* NULL means no success in getting PTR */
18225 SEPARATE_ZVAL_IF_NOT_REF(zptr);
18226
18227 have_get_ptr = 1;
18228 binary_op(*zptr, *zptr, value TSRMLS_CC);
18229 if (!RETURN_VALUE_UNUSED(result)) {
18230 EX_T(result->u.var).var.ptr = *zptr;
18231 EX_T(result->u.var).var.ptr_ptr = NULL;
18232 PZVAL_LOCK(*zptr);
18233 }
18234 }
18235 }
18236
18237 if (!have_get_ptr) {
18238 zval *z = NULL;
18239
18240 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
18241 if (Z_OBJ_HT_P(object)->read_property) {
18242 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
18243 }
18244 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
18245 if (Z_OBJ_HT_P(object)->read_dimension) {
18246 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
18247 }
18248 }
18249 if (z) {
18250 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
18251 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
18252
18253 if (Z_REFCOUNT_P(z) == 0) {
18254 GC_REMOVE_ZVAL_FROM_BUFFER(z);
18255 zval_dtor(z);
18256 FREE_ZVAL(z);
18257 }
18258 z = value;
18259 }
18260 Z_ADDREF_P(z);
18261 SEPARATE_ZVAL_IF_NOT_REF(&z);
18262 binary_op(z, z, value TSRMLS_CC);
18263 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
18264 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
18265 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
18266 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
18267 }
18268 if (!RETURN_VALUE_UNUSED(result)) {
18269 EX_T(result->u.var).var.ptr = z;
18270 EX_T(result->u.var).var.ptr_ptr = NULL;
18271 PZVAL_LOCK(z);
18272 }
18273 zval_ptr_dtor(&z);
18274 } else {
18275 zend_error(E_WARNING, "Attempt to assign property of non-object");
18276 if (!RETURN_VALUE_UNUSED(result)) {
18277 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
18278 EX_T(result->u.var).var.ptr_ptr = NULL;
18279 PZVAL_LOCK(EG(uninitialized_zval_ptr));
18280 }
18281 }
18282 }
18283
18284 if (1) {
18285 zval_ptr_dtor(&property);
18286 } else {
18287 zval_dtor(free_op2.var);
18288 }
18289 FREE_OP(free_op_data1);
18290 }
18291
18292 /* assign_obj has two opcodes! */
18293 ZEND_VM_INC_OPCODE();
18294 ZEND_VM_NEXT_OPCODE();
18295 }
18296
zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)18297 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
18298 {
18299 zend_op *opline = EX(opline);
18300 zend_free_op free_op2, free_op_data2, free_op_data1;
18301 zval **var_ptr;
18302 zval *value;
18303
18304 switch (opline->extended_value) {
18305 case ZEND_ASSIGN_OBJ:
18306 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18307 break;
18308 case ZEND_ASSIGN_DIM: {
18309 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18310
18311 if (IS_UNUSED == IS_VAR && !container) {
18312 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
18313 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
18314 if (IS_UNUSED == IS_VAR && !0) {
18315 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
18316 }
18317 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18318 } else {
18319 zend_op *op_data = opline+1;
18320 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18321
18322 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 1, BP_VAR_RW TSRMLS_CC);
18323 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
18324 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
18325 ZEND_VM_INC_OPCODE();
18326 }
18327 }
18328 break;
18329 default:
18330 value = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18331 var_ptr = NULL;
18332 /* do nothing */
18333 break;
18334 }
18335
18336 if (!var_ptr) {
18337 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
18338 }
18339
18340 if (*var_ptr == EG(error_zval_ptr)) {
18341 if (!RETURN_VALUE_UNUSED(&opline->result)) {
18342 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
18343 PZVAL_LOCK(EG(uninitialized_zval_ptr));
18344 }
18345 zval_dtor(free_op2.var);
18346
18347 ZEND_VM_NEXT_OPCODE();
18348 }
18349
18350 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
18351
18352 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
18353 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
18354 /* proxy object */
18355 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
18356 Z_ADDREF_P(objval);
18357 binary_op(objval, objval, value TSRMLS_CC);
18358 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
18359 zval_ptr_dtor(&objval);
18360 } else {
18361 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
18362 }
18363
18364 if (!RETURN_VALUE_UNUSED(&opline->result)) {
18365 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
18366 PZVAL_LOCK(*var_ptr);
18367 }
18368 zval_dtor(free_op2.var);
18369
18370 if (opline->extended_value == ZEND_ASSIGN_DIM) {
18371 FREE_OP(free_op_data1);
18372 FREE_OP_VAR_PTR(free_op_data2);
18373 }
18374
18375 ZEND_VM_NEXT_OPCODE();
18376 }
18377
ZEND_ASSIGN_ADD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18378 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18379 {
18380 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18381 }
18382
ZEND_ASSIGN_SUB_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18383 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18384 {
18385 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18386 }
18387
ZEND_ASSIGN_MUL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18388 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18389 {
18390 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18391 }
18392
ZEND_ASSIGN_DIV_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18393 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18394 {
18395 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18396 }
18397
ZEND_ASSIGN_MOD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18398 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18399 {
18400 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18401 }
18402
ZEND_ASSIGN_SL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18403 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18404 {
18405 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18406 }
18407
ZEND_ASSIGN_SR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18408 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18409 {
18410 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18411 }
18412
ZEND_ASSIGN_CONCAT_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18413 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18414 {
18415 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18416 }
18417
ZEND_ASSIGN_BW_OR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18418 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18419 {
18420 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18421 }
18422
ZEND_ASSIGN_BW_AND_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18423 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18424 {
18425 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18426 }
18427
ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18428 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18429 {
18430 return zend_binary_assign_op_helper_SPEC_UNUSED_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18431 }
18432
zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)18433 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
18434 {
18435 zend_op *opline = EX(opline);
18436 zend_free_op free_op2;
18437 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18438 zval *object;
18439 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18440 zval **retval = &EX_T(opline->result.u.var).var.ptr;
18441 int have_get_ptr = 0;
18442
18443 if (IS_UNUSED == IS_VAR && !object_ptr) {
18444 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
18445 }
18446
18447 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
18448 object = *object_ptr;
18449
18450 if (Z_TYPE_P(object) != IS_OBJECT) {
18451 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
18452 zval_dtor(free_op2.var);
18453 if (!RETURN_VALUE_UNUSED(&opline->result)) {
18454 *retval = EG(uninitialized_zval_ptr);
18455 PZVAL_LOCK(*retval);
18456 }
18457
18458 ZEND_VM_NEXT_OPCODE();
18459 }
18460
18461 /* here we are sure we are dealing with an object */
18462
18463 if (1) {
18464 MAKE_REAL_ZVAL_PTR(property);
18465 }
18466
18467 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
18468 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
18469 if (zptr != NULL) { /* NULL means no success in getting PTR */
18470 SEPARATE_ZVAL_IF_NOT_REF(zptr);
18471
18472 have_get_ptr = 1;
18473 incdec_op(*zptr);
18474 if (!RETURN_VALUE_UNUSED(&opline->result)) {
18475 *retval = *zptr;
18476 PZVAL_LOCK(*retval);
18477 }
18478 }
18479 }
18480
18481 if (!have_get_ptr) {
18482 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
18483 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
18484
18485 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
18486 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
18487
18488 if (Z_REFCOUNT_P(z) == 0) {
18489 GC_REMOVE_ZVAL_FROM_BUFFER(z);
18490 zval_dtor(z);
18491 FREE_ZVAL(z);
18492 }
18493 z = value;
18494 }
18495 Z_ADDREF_P(z);
18496 SEPARATE_ZVAL_IF_NOT_REF(&z);
18497 incdec_op(z);
18498 *retval = z;
18499 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
18500 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
18501 zval_ptr_dtor(&z);
18502 } else {
18503 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
18504 if (!RETURN_VALUE_UNUSED(&opline->result)) {
18505 *retval = EG(uninitialized_zval_ptr);
18506 PZVAL_LOCK(*retval);
18507 }
18508 }
18509 }
18510
18511 if (1) {
18512 zval_ptr_dtor(&property);
18513 } else {
18514 zval_dtor(free_op2.var);
18515 }
18516
18517 ZEND_VM_NEXT_OPCODE();
18518 }
18519
ZEND_PRE_INC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18520 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18521 {
18522 return zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18523 }
18524
ZEND_PRE_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18525 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18526 {
18527 return zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18528 }
18529
zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)18530 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
18531 {
18532 zend_op *opline = EX(opline);
18533 zend_free_op free_op2;
18534 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18535 zval *object;
18536 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18537 zval *retval = &EX_T(opline->result.u.var).tmp_var;
18538 int have_get_ptr = 0;
18539
18540 if (IS_UNUSED == IS_VAR && !object_ptr) {
18541 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
18542 }
18543
18544 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
18545 object = *object_ptr;
18546
18547 if (Z_TYPE_P(object) != IS_OBJECT) {
18548 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
18549 zval_dtor(free_op2.var);
18550 *retval = *EG(uninitialized_zval_ptr);
18551
18552 ZEND_VM_NEXT_OPCODE();
18553 }
18554
18555 /* here we are sure we are dealing with an object */
18556
18557 if (1) {
18558 MAKE_REAL_ZVAL_PTR(property);
18559 }
18560
18561 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
18562 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
18563 if (zptr != NULL) { /* NULL means no success in getting PTR */
18564 have_get_ptr = 1;
18565 SEPARATE_ZVAL_IF_NOT_REF(zptr);
18566
18567 *retval = **zptr;
18568 zendi_zval_copy_ctor(*retval);
18569
18570 incdec_op(*zptr);
18571
18572 }
18573 }
18574
18575 if (!have_get_ptr) {
18576 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
18577 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
18578 zval *z_copy;
18579
18580 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
18581 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
18582
18583 if (Z_REFCOUNT_P(z) == 0) {
18584 GC_REMOVE_ZVAL_FROM_BUFFER(z);
18585 zval_dtor(z);
18586 FREE_ZVAL(z);
18587 }
18588 z = value;
18589 }
18590 *retval = *z;
18591 zendi_zval_copy_ctor(*retval);
18592 ALLOC_ZVAL(z_copy);
18593 *z_copy = *z;
18594 zendi_zval_copy_ctor(*z_copy);
18595 INIT_PZVAL(z_copy);
18596 incdec_op(z_copy);
18597 Z_ADDREF_P(z);
18598 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
18599 zval_ptr_dtor(&z_copy);
18600 zval_ptr_dtor(&z);
18601 } else {
18602 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
18603 *retval = *EG(uninitialized_zval_ptr);
18604 }
18605 }
18606
18607 if (1) {
18608 zval_ptr_dtor(&property);
18609 } else {
18610 zval_dtor(free_op2.var);
18611 }
18612
18613 ZEND_VM_NEXT_OPCODE();
18614 }
18615
ZEND_POST_INC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18616 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18617 {
18618 return zend_post_incdec_property_helper_SPEC_UNUSED_TMP(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18619 }
18620
ZEND_POST_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18621 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18622 {
18623 return zend_post_incdec_property_helper_SPEC_UNUSED_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18624 }
18625
zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(int type,ZEND_OPCODE_HANDLER_ARGS)18626 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(int type, ZEND_OPCODE_HANDLER_ARGS)
18627 {
18628 zend_op *opline = EX(opline);
18629
18630 zval *container = _get_obj_zval_ptr_unused(TSRMLS_C);
18631 zend_free_op free_op2;
18632 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18633
18634 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
18635 if (type != BP_VAR_IS) {
18636 zend_error(E_NOTICE, "Trying to get property of non-object");
18637 }
18638 if (!RETURN_VALUE_UNUSED(&opline->result)) {
18639 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
18640 PZVAL_LOCK(EG(uninitialized_zval_ptr));
18641 }
18642 zval_dtor(free_op2.var);
18643 } else {
18644 zval *retval;
18645
18646 if (1) {
18647 MAKE_REAL_ZVAL_PTR(offset);
18648 }
18649
18650 /* here we are sure we are dealing with an object */
18651 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
18652
18653 if (RETURN_VALUE_UNUSED(&opline->result)) {
18654 if (Z_REFCOUNT_P(retval) == 0) {
18655 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
18656 zval_dtor(retval);
18657 FREE_ZVAL(retval);
18658 }
18659 } else {
18660 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
18661 PZVAL_LOCK(retval);
18662 }
18663
18664 if (1) {
18665 zval_ptr_dtor(&offset);
18666 } else {
18667 zval_dtor(free_op2.var);
18668 }
18669 }
18670
18671 ZEND_VM_NEXT_OPCODE();
18672 }
18673
ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18674 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18675 {
18676 return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18677 }
18678
ZEND_FETCH_OBJ_W_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18679 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18680 {
18681 zend_op *opline = EX(opline);
18682 zend_free_op free_op1, free_op2;
18683 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18684 zval **container;
18685
18686 if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
18687 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
18688 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
18689 }
18690
18691 if (1) {
18692 MAKE_REAL_ZVAL_PTR(property);
18693 }
18694 container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18695 if (IS_UNUSED == IS_VAR && !container) {
18696 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
18697 }
18698 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
18699 if (1) {
18700 zval_ptr_dtor(&property);
18701 } else {
18702 zval_dtor(free_op2.var);
18703 }
18704 if (IS_UNUSED == IS_VAR && 0 &&
18705 READY_TO_DESTROY(free_op1.var)) {
18706 AI_USE_PTR(EX_T(opline->result.u.var).var);
18707 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
18708 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
18709 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
18710 }
18711 }
18712
18713 /* We are going to assign the result by reference */
18714 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
18715 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
18716 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
18717 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
18718 }
18719
18720 ZEND_VM_NEXT_OPCODE();
18721 }
18722
ZEND_FETCH_OBJ_RW_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18723 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18724 {
18725 zend_op *opline = EX(opline);
18726 zend_free_op free_op1, free_op2;
18727 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18728 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18729
18730 if (1) {
18731 MAKE_REAL_ZVAL_PTR(property);
18732 }
18733 if (IS_UNUSED == IS_VAR && !container) {
18734 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
18735 }
18736 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
18737 if (1) {
18738 zval_ptr_dtor(&property);
18739 } else {
18740 zval_dtor(free_op2.var);
18741 }
18742 if (IS_UNUSED == IS_VAR && 0 &&
18743 READY_TO_DESTROY(free_op1.var)) {
18744 AI_USE_PTR(EX_T(opline->result.u.var).var);
18745 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
18746 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
18747 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
18748 }
18749 }
18750
18751 ZEND_VM_NEXT_OPCODE();
18752 }
18753
ZEND_FETCH_OBJ_IS_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18754 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18755 {
18756 return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18757 }
18758
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18759 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18760 {
18761 zend_op *opline = EX(opline);
18762
18763 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
18764 /* Behave like FETCH_OBJ_W */
18765 zend_free_op free_op1, free_op2;
18766 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18767 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18768
18769 if (1) {
18770 MAKE_REAL_ZVAL_PTR(property);
18771 }
18772 if (IS_UNUSED == IS_VAR && !container) {
18773 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
18774 }
18775 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
18776 if (1) {
18777 zval_ptr_dtor(&property);
18778 } else {
18779 zval_dtor(free_op2.var);
18780 }
18781 if (IS_UNUSED == IS_VAR && 0 &&
18782 READY_TO_DESTROY(free_op1.var)) {
18783 AI_USE_PTR(EX_T(opline->result.u.var).var);
18784 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
18785 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
18786 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
18787 }
18788 }
18789
18790 ZEND_VM_NEXT_OPCODE();
18791 } else {
18792 return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18793 }
18794 }
18795
ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18796 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18797 {
18798 zend_op *opline = EX(opline);
18799 zend_free_op free_op1, free_op2, free_res;
18800 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18801 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18802
18803 if (IS_UNUSED == IS_CV) {
18804 if (container != &EG(uninitialized_zval_ptr)) {
18805 SEPARATE_ZVAL_IF_NOT_REF(container);
18806 }
18807 }
18808 if (1) {
18809 MAKE_REAL_ZVAL_PTR(property);
18810 }
18811 if (IS_UNUSED == IS_VAR && !container) {
18812 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
18813 }
18814 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
18815 if (1) {
18816 zval_ptr_dtor(&property);
18817 } else {
18818 zval_dtor(free_op2.var);
18819 }
18820 if (IS_UNUSED == IS_VAR && 0 &&
18821 READY_TO_DESTROY(free_op1.var)) {
18822 AI_USE_PTR(EX_T(opline->result.u.var).var);
18823 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
18824 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
18825 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
18826 }
18827 }
18828
18829 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
18830 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
18831 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
18832 }
18833 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
18834 FREE_OP_VAR_PTR(free_res);
18835 ZEND_VM_NEXT_OPCODE();
18836 }
18837
ZEND_ASSIGN_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18838 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18839 {
18840 zend_op *opline = EX(opline);
18841 zend_op *op_data = opline+1;
18842 zend_free_op free_op2;
18843 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18844 zval *property_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18845
18846 if (1) {
18847 MAKE_REAL_ZVAL_PTR(property_name);
18848 }
18849 if (IS_UNUSED == IS_VAR && !object_ptr) {
18850 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
18851 }
18852 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
18853 if (1) {
18854 zval_ptr_dtor(&property_name);
18855 } else {
18856 zval_dtor(free_op2.var);
18857 }
18858
18859 /* assign_obj has two opcodes! */
18860 ZEND_VM_INC_OPCODE();
18861 ZEND_VM_NEXT_OPCODE();
18862 }
18863
ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18864 static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18865 {
18866 zend_op *opline = EX(opline);
18867 zend_free_op free_op2;
18868 zval *str = &EX_T(opline->result.u.var).tmp_var;
18869 zval *var = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18870 zval var_copy;
18871 int use_copy = 0;
18872
18873 if (IS_UNUSED == IS_UNUSED) {
18874 /* Initialize for erealloc in add_string_to_string */
18875 Z_STRVAL_P(str) = NULL;
18876 Z_STRLEN_P(str) = 0;
18877 Z_TYPE_P(str) = IS_STRING;
18878
18879 INIT_PZVAL(str);
18880 }
18881
18882 if (Z_TYPE_P(var) != IS_STRING) {
18883 zend_make_printable_zval(var, &var_copy, &use_copy);
18884
18885 if (use_copy) {
18886 var = &var_copy;
18887 }
18888 }
18889 add_string_to_string(str, str, var);
18890
18891 if (use_copy) {
18892 zval_dtor(var);
18893 }
18894 /* original comment, possibly problematic:
18895 * FREE_OP is missing intentionally here - we're always working on the same temporary variable
18896 * (Zeev): I don't think it's problematic, we only use variables
18897 * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
18898 * string offsets or overloaded objects
18899 */
18900 zval_dtor(free_op2.var);
18901
18902 ZEND_VM_NEXT_OPCODE();
18903 }
18904
ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18905 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18906 {
18907 zend_op *opline = EX(opline);
18908 zval *function_name;
18909 char *function_name_strval;
18910 int function_name_strlen;
18911 zend_free_op free_op2;
18912
18913 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
18914
18915 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18916
18917 if (Z_TYPE_P(function_name)!=IS_STRING) {
18918 zend_error_noreturn(E_ERROR, "Method name must be a string");
18919 }
18920
18921 function_name_strval = Z_STRVAL_P(function_name);
18922 function_name_strlen = Z_STRLEN_P(function_name);
18923
18924 EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C);
18925
18926 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
18927 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
18928 zend_error_noreturn(E_ERROR, "Object does not support method calls");
18929 }
18930
18931 /* First, locate the function. */
18932 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
18933 if (!EX(fbc)) {
18934 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
18935 }
18936
18937 EX(called_scope) = Z_OBJCE_P(EX(object));
18938 } else {
18939 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
18940 }
18941
18942 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
18943 EX(object) = NULL;
18944 } else {
18945 if (!PZVAL_IS_REF(EX(object))) {
18946 Z_ADDREF_P(EX(object)); /* For $this pointer */
18947 } else {
18948 zval *this_ptr;
18949 ALLOC_ZVAL(this_ptr);
18950 INIT_PZVAL_COPY(this_ptr, EX(object));
18951 zval_copy_ctor(this_ptr);
18952 EX(object) = this_ptr;
18953 }
18954 }
18955
18956 zval_dtor(free_op2.var);
18957
18958 ZEND_VM_NEXT_OPCODE();
18959 }
18960
ZEND_INIT_ARRAY_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18961 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18962 {
18963 zend_op *opline = EX(opline);
18964
18965 array_init(&EX_T(opline->result.u.var).tmp_var);
18966 if (IS_UNUSED == IS_UNUSED) {
18967 ZEND_VM_NEXT_OPCODE();
18968 #if 0 || IS_UNUSED != IS_UNUSED
18969 } else {
18970 return ZEND_ADD_ARRAY_ELEMENT_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
18971 #endif
18972 }
18973 }
18974
ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)18975 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
18976 {
18977 zend_op *opline = EX(opline);
18978 zend_free_op free_op2;
18979 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
18980 zval *offset;
18981
18982 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
18983 SEPARATE_ZVAL_IF_NOT_REF(container);
18984 }
18985 offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
18986
18987 if (IS_UNUSED != IS_VAR || container) {
18988 switch (Z_TYPE_PP(container)) {
18989 case IS_ARRAY: {
18990 HashTable *ht = Z_ARRVAL_PP(container);
18991
18992 switch (Z_TYPE_P(offset)) {
18993 case IS_DOUBLE:
18994 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
18995 break;
18996 case IS_RESOURCE:
18997 case IS_BOOL:
18998 case IS_LONG:
18999 zend_hash_index_del(ht, Z_LVAL_P(offset));
19000 break;
19001 case IS_STRING:
19002 if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) {
19003 Z_ADDREF_P(offset);
19004 }
19005 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
19006 ht == &EG(symbol_table)) {
19007 zend_execute_data *ex;
19008 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
19009
19010 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
19011 if (ex->op_array && ex->symbol_table == ht) {
19012 int i;
19013
19014 for (i = 0; i < ex->op_array->last_var; i++) {
19015 if (ex->op_array->vars[i].hash_value == hash_value &&
19016 ex->op_array->vars[i].name_len == offset->value.str.len &&
19017 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
19018 ex->CVs[i] = NULL;
19019 break;
19020 }
19021 }
19022 }
19023 }
19024 }
19025 if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) {
19026 zval_ptr_dtor(&offset);
19027 }
19028 break;
19029 case IS_NULL:
19030 zend_hash_del(ht, "", sizeof(""));
19031 break;
19032 default:
19033 zend_error(E_WARNING, "Illegal offset type in unset");
19034 break;
19035 }
19036 zval_dtor(free_op2.var);
19037 break;
19038 }
19039 case IS_OBJECT:
19040 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
19041 zend_error_noreturn(E_ERROR, "Cannot use object as array");
19042 }
19043 if (1) {
19044 MAKE_REAL_ZVAL_PTR(offset);
19045 }
19046 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
19047 if (1) {
19048 zval_ptr_dtor(&offset);
19049 } else {
19050 zval_dtor(free_op2.var);
19051 }
19052 break;
19053 case IS_STRING:
19054 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
19055 ZEND_VM_CONTINUE(); /* bailed out before */
19056 default:
19057 zval_dtor(free_op2.var);
19058 break;
19059 }
19060 } else {
19061 zval_dtor(free_op2.var);
19062 }
19063
19064 ZEND_VM_NEXT_OPCODE();
19065 }
19066
ZEND_UNSET_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19067 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19068 {
19069 zend_op *opline = EX(opline);
19070 zend_free_op free_op2;
19071 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19072 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19073
19074 if (IS_UNUSED != IS_VAR || container) {
19075 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
19076 SEPARATE_ZVAL_IF_NOT_REF(container);
19077 }
19078 if (Z_TYPE_PP(container) == IS_OBJECT) {
19079 if (1) {
19080 MAKE_REAL_ZVAL_PTR(offset);
19081 }
19082 if (Z_OBJ_HT_P(*container)->unset_property) {
19083 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
19084 } else {
19085 zend_error(E_NOTICE, "Trying to unset property of non-object");
19086 }
19087 if (1) {
19088 zval_ptr_dtor(&offset);
19089 } else {
19090 zval_dtor(free_op2.var);
19091 }
19092 } else {
19093 zval_dtor(free_op2.var);
19094 }
19095 } else {
19096 zval_dtor(free_op2.var);
19097 }
19098
19099 ZEND_VM_NEXT_OPCODE();
19100 }
19101
zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)19102 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
19103 {
19104 zend_op *opline = EX(opline);
19105
19106 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19107 zval **value = NULL;
19108 int result = 0;
19109
19110 if (IS_UNUSED != IS_VAR || container) {
19111 zend_free_op free_op2;
19112 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19113
19114 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
19115 HashTable *ht;
19116 int isset = 0;
19117
19118 ht = Z_ARRVAL_PP(container);
19119
19120 switch (Z_TYPE_P(offset)) {
19121 case IS_DOUBLE:
19122 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
19123 isset = 1;
19124 }
19125 break;
19126 case IS_RESOURCE:
19127 case IS_BOOL:
19128 case IS_LONG:
19129 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
19130 isset = 1;
19131 }
19132 break;
19133 case IS_STRING:
19134 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
19135 isset = 1;
19136 }
19137 break;
19138 case IS_NULL:
19139 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
19140 isset = 1;
19141 }
19142 break;
19143 default:
19144 zend_error(E_WARNING, "Illegal offset type in isset or empty");
19145
19146 break;
19147 }
19148
19149 switch (opline->extended_value) {
19150 case ZEND_ISSET:
19151 if (isset && Z_TYPE_PP(value) == IS_NULL) {
19152 result = 0;
19153 } else {
19154 result = isset;
19155 }
19156 break;
19157 case ZEND_ISEMPTY:
19158 if (!isset || !i_zend_is_true(*value)) {
19159 result = 0;
19160 } else {
19161 result = 1;
19162 }
19163 break;
19164 }
19165 zval_dtor(free_op2.var);
19166 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
19167 if (1) {
19168 MAKE_REAL_ZVAL_PTR(offset);
19169 }
19170 if (prop_dim) {
19171 if (Z_OBJ_HT_P(*container)->has_property) {
19172 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
19173 } else {
19174 zend_error(E_NOTICE, "Trying to check property of non-object");
19175 result = 0;
19176 }
19177 } else {
19178 if (Z_OBJ_HT_P(*container)->has_dimension) {
19179 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
19180 } else {
19181 zend_error(E_NOTICE, "Trying to check element of non-array");
19182 result = 0;
19183 }
19184 }
19185 if (1) {
19186 zval_ptr_dtor(&offset);
19187 } else {
19188 zval_dtor(free_op2.var);
19189 }
19190 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
19191 zval tmp;
19192
19193 if (Z_TYPE_P(offset) != IS_LONG) {
19194 tmp = *offset;
19195 zval_copy_ctor(&tmp);
19196 convert_to_long(&tmp);
19197 offset = &tmp;
19198 }
19199 if (Z_TYPE_P(offset) == IS_LONG) {
19200 switch (opline->extended_value) {
19201 case ZEND_ISSET:
19202 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
19203 result = 1;
19204 }
19205 break;
19206 case ZEND_ISEMPTY:
19207 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
19208 result = 1;
19209 }
19210 break;
19211 }
19212 }
19213 zval_dtor(free_op2.var);
19214 } else {
19215 zval_dtor(free_op2.var);
19216 }
19217 }
19218
19219 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
19220
19221 switch (opline->extended_value) {
19222 case ZEND_ISSET:
19223 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
19224 break;
19225 case ZEND_ISEMPTY:
19226 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
19227 break;
19228 }
19229
19230 ZEND_VM_NEXT_OPCODE();
19231 }
19232
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19233 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19234 {
19235 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19236 }
19237
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19238 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19239 {
19240 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19241 }
19242
zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)19243 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
19244 {
19245 zend_op *opline = EX(opline);
19246 zend_op *op_data = opline+1;
19247 zend_free_op free_op2, free_op_data1;
19248 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19249 zval *object;
19250 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19251 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
19252 znode *result = &opline->result;
19253 int have_get_ptr = 0;
19254
19255 if (IS_UNUSED == IS_VAR && !object_ptr) {
19256 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
19257 }
19258
19259 EX_T(result->u.var).var.ptr_ptr = NULL;
19260 make_real_object(object_ptr TSRMLS_CC);
19261 object = *object_ptr;
19262
19263 if (Z_TYPE_P(object) != IS_OBJECT) {
19264 zend_error(E_WARNING, "Attempt to assign property of non-object");
19265 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19266 FREE_OP(free_op_data1);
19267
19268 if (!RETURN_VALUE_UNUSED(result)) {
19269 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
19270 EX_T(result->u.var).var.ptr_ptr = NULL;
19271 PZVAL_LOCK(EG(uninitialized_zval_ptr));
19272 }
19273 } else {
19274 /* here we are sure we are dealing with an object */
19275 if (0) {
19276 MAKE_REAL_ZVAL_PTR(property);
19277 }
19278
19279 /* here property is a string */
19280 if (opline->extended_value == ZEND_ASSIGN_OBJ
19281 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
19282 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
19283 if (zptr != NULL) { /* NULL means no success in getting PTR */
19284 SEPARATE_ZVAL_IF_NOT_REF(zptr);
19285
19286 have_get_ptr = 1;
19287 binary_op(*zptr, *zptr, value TSRMLS_CC);
19288 if (!RETURN_VALUE_UNUSED(result)) {
19289 EX_T(result->u.var).var.ptr = *zptr;
19290 EX_T(result->u.var).var.ptr_ptr = NULL;
19291 PZVAL_LOCK(*zptr);
19292 }
19293 }
19294 }
19295
19296 if (!have_get_ptr) {
19297 zval *z = NULL;
19298
19299 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
19300 if (Z_OBJ_HT_P(object)->read_property) {
19301 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
19302 }
19303 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
19304 if (Z_OBJ_HT_P(object)->read_dimension) {
19305 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
19306 }
19307 }
19308 if (z) {
19309 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
19310 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
19311
19312 if (Z_REFCOUNT_P(z) == 0) {
19313 GC_REMOVE_ZVAL_FROM_BUFFER(z);
19314 zval_dtor(z);
19315 FREE_ZVAL(z);
19316 }
19317 z = value;
19318 }
19319 Z_ADDREF_P(z);
19320 SEPARATE_ZVAL_IF_NOT_REF(&z);
19321 binary_op(z, z, value TSRMLS_CC);
19322 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
19323 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
19324 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
19325 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
19326 }
19327 if (!RETURN_VALUE_UNUSED(result)) {
19328 EX_T(result->u.var).var.ptr = z;
19329 EX_T(result->u.var).var.ptr_ptr = NULL;
19330 PZVAL_LOCK(z);
19331 }
19332 zval_ptr_dtor(&z);
19333 } else {
19334 zend_error(E_WARNING, "Attempt to assign property of non-object");
19335 if (!RETURN_VALUE_UNUSED(result)) {
19336 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
19337 EX_T(result->u.var).var.ptr_ptr = NULL;
19338 PZVAL_LOCK(EG(uninitialized_zval_ptr));
19339 }
19340 }
19341 }
19342
19343 if (0) {
19344 zval_ptr_dtor(&property);
19345 } else {
19346 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19347 }
19348 FREE_OP(free_op_data1);
19349 }
19350
19351 /* assign_obj has two opcodes! */
19352 ZEND_VM_INC_OPCODE();
19353 ZEND_VM_NEXT_OPCODE();
19354 }
19355
zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)19356 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
19357 {
19358 zend_op *opline = EX(opline);
19359 zend_free_op free_op2, free_op_data2, free_op_data1;
19360 zval **var_ptr;
19361 zval *value;
19362
19363 switch (opline->extended_value) {
19364 case ZEND_ASSIGN_OBJ:
19365 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19366 break;
19367 case ZEND_ASSIGN_DIM: {
19368 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19369
19370 if (IS_UNUSED == IS_VAR && !container) {
19371 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
19372 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
19373 if (IS_UNUSED == IS_VAR && !0) {
19374 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
19375 }
19376 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19377 } else {
19378 zend_op *op_data = opline+1;
19379 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19380
19381 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
19382 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
19383 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
19384 ZEND_VM_INC_OPCODE();
19385 }
19386 }
19387 break;
19388 default:
19389 value = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19390 var_ptr = NULL;
19391 /* do nothing */
19392 break;
19393 }
19394
19395 if (!var_ptr) {
19396 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
19397 }
19398
19399 if (*var_ptr == EG(error_zval_ptr)) {
19400 if (!RETURN_VALUE_UNUSED(&opline->result)) {
19401 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
19402 PZVAL_LOCK(EG(uninitialized_zval_ptr));
19403 }
19404 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19405
19406 ZEND_VM_NEXT_OPCODE();
19407 }
19408
19409 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
19410
19411 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
19412 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
19413 /* proxy object */
19414 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
19415 Z_ADDREF_P(objval);
19416 binary_op(objval, objval, value TSRMLS_CC);
19417 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
19418 zval_ptr_dtor(&objval);
19419 } else {
19420 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
19421 }
19422
19423 if (!RETURN_VALUE_UNUSED(&opline->result)) {
19424 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
19425 PZVAL_LOCK(*var_ptr);
19426 }
19427 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19428
19429 if (opline->extended_value == ZEND_ASSIGN_DIM) {
19430 FREE_OP(free_op_data1);
19431 FREE_OP_VAR_PTR(free_op_data2);
19432 }
19433
19434 ZEND_VM_NEXT_OPCODE();
19435 }
19436
ZEND_ASSIGN_ADD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19437 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19438 {
19439 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19440 }
19441
ZEND_ASSIGN_SUB_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19442 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19443 {
19444 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19445 }
19446
ZEND_ASSIGN_MUL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19447 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19448 {
19449 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19450 }
19451
ZEND_ASSIGN_DIV_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19452 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19453 {
19454 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19455 }
19456
ZEND_ASSIGN_MOD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19457 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19458 {
19459 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19460 }
19461
ZEND_ASSIGN_SL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19462 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19463 {
19464 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19465 }
19466
ZEND_ASSIGN_SR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19467 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19468 {
19469 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19470 }
19471
ZEND_ASSIGN_CONCAT_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19472 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19473 {
19474 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19475 }
19476
ZEND_ASSIGN_BW_OR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19477 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19478 {
19479 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19480 }
19481
ZEND_ASSIGN_BW_AND_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19482 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19483 {
19484 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19485 }
19486
ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19487 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19488 {
19489 return zend_binary_assign_op_helper_SPEC_UNUSED_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19490 }
19491
zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)19492 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
19493 {
19494 zend_op *opline = EX(opline);
19495 zend_free_op free_op2;
19496 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19497 zval *object;
19498 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19499 zval **retval = &EX_T(opline->result.u.var).var.ptr;
19500 int have_get_ptr = 0;
19501
19502 if (IS_UNUSED == IS_VAR && !object_ptr) {
19503 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
19504 }
19505
19506 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
19507 object = *object_ptr;
19508
19509 if (Z_TYPE_P(object) != IS_OBJECT) {
19510 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
19511 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19512 if (!RETURN_VALUE_UNUSED(&opline->result)) {
19513 *retval = EG(uninitialized_zval_ptr);
19514 PZVAL_LOCK(*retval);
19515 }
19516
19517 ZEND_VM_NEXT_OPCODE();
19518 }
19519
19520 /* here we are sure we are dealing with an object */
19521
19522 if (0) {
19523 MAKE_REAL_ZVAL_PTR(property);
19524 }
19525
19526 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
19527 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
19528 if (zptr != NULL) { /* NULL means no success in getting PTR */
19529 SEPARATE_ZVAL_IF_NOT_REF(zptr);
19530
19531 have_get_ptr = 1;
19532 incdec_op(*zptr);
19533 if (!RETURN_VALUE_UNUSED(&opline->result)) {
19534 *retval = *zptr;
19535 PZVAL_LOCK(*retval);
19536 }
19537 }
19538 }
19539
19540 if (!have_get_ptr) {
19541 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
19542 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
19543
19544 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
19545 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
19546
19547 if (Z_REFCOUNT_P(z) == 0) {
19548 GC_REMOVE_ZVAL_FROM_BUFFER(z);
19549 zval_dtor(z);
19550 FREE_ZVAL(z);
19551 }
19552 z = value;
19553 }
19554 Z_ADDREF_P(z);
19555 SEPARATE_ZVAL_IF_NOT_REF(&z);
19556 incdec_op(z);
19557 *retval = z;
19558 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
19559 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
19560 zval_ptr_dtor(&z);
19561 } else {
19562 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
19563 if (!RETURN_VALUE_UNUSED(&opline->result)) {
19564 *retval = EG(uninitialized_zval_ptr);
19565 PZVAL_LOCK(*retval);
19566 }
19567 }
19568 }
19569
19570 if (0) {
19571 zval_ptr_dtor(&property);
19572 } else {
19573 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19574 }
19575
19576 ZEND_VM_NEXT_OPCODE();
19577 }
19578
ZEND_PRE_INC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19579 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19580 {
19581 return zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19582 }
19583
ZEND_PRE_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19584 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19585 {
19586 return zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19587 }
19588
zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)19589 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
19590 {
19591 zend_op *opline = EX(opline);
19592 zend_free_op free_op2;
19593 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19594 zval *object;
19595 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19596 zval *retval = &EX_T(opline->result.u.var).tmp_var;
19597 int have_get_ptr = 0;
19598
19599 if (IS_UNUSED == IS_VAR && !object_ptr) {
19600 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
19601 }
19602
19603 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
19604 object = *object_ptr;
19605
19606 if (Z_TYPE_P(object) != IS_OBJECT) {
19607 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
19608 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19609 *retval = *EG(uninitialized_zval_ptr);
19610
19611 ZEND_VM_NEXT_OPCODE();
19612 }
19613
19614 /* here we are sure we are dealing with an object */
19615
19616 if (0) {
19617 MAKE_REAL_ZVAL_PTR(property);
19618 }
19619
19620 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
19621 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
19622 if (zptr != NULL) { /* NULL means no success in getting PTR */
19623 have_get_ptr = 1;
19624 SEPARATE_ZVAL_IF_NOT_REF(zptr);
19625
19626 *retval = **zptr;
19627 zendi_zval_copy_ctor(*retval);
19628
19629 incdec_op(*zptr);
19630
19631 }
19632 }
19633
19634 if (!have_get_ptr) {
19635 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
19636 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
19637 zval *z_copy;
19638
19639 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
19640 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
19641
19642 if (Z_REFCOUNT_P(z) == 0) {
19643 GC_REMOVE_ZVAL_FROM_BUFFER(z);
19644 zval_dtor(z);
19645 FREE_ZVAL(z);
19646 }
19647 z = value;
19648 }
19649 *retval = *z;
19650 zendi_zval_copy_ctor(*retval);
19651 ALLOC_ZVAL(z_copy);
19652 *z_copy = *z;
19653 zendi_zval_copy_ctor(*z_copy);
19654 INIT_PZVAL(z_copy);
19655 incdec_op(z_copy);
19656 Z_ADDREF_P(z);
19657 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
19658 zval_ptr_dtor(&z_copy);
19659 zval_ptr_dtor(&z);
19660 } else {
19661 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
19662 *retval = *EG(uninitialized_zval_ptr);
19663 }
19664 }
19665
19666 if (0) {
19667 zval_ptr_dtor(&property);
19668 } else {
19669 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19670 }
19671
19672 ZEND_VM_NEXT_OPCODE();
19673 }
19674
ZEND_POST_INC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19675 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19676 {
19677 return zend_post_incdec_property_helper_SPEC_UNUSED_VAR(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19678 }
19679
ZEND_POST_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19680 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19681 {
19682 return zend_post_incdec_property_helper_SPEC_UNUSED_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19683 }
19684
zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(int type,ZEND_OPCODE_HANDLER_ARGS)19685 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(int type, ZEND_OPCODE_HANDLER_ARGS)
19686 {
19687 zend_op *opline = EX(opline);
19688
19689 zval *container = _get_obj_zval_ptr_unused(TSRMLS_C);
19690 zend_free_op free_op2;
19691 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19692
19693 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
19694 if (type != BP_VAR_IS) {
19695 zend_error(E_NOTICE, "Trying to get property of non-object");
19696 }
19697 if (!RETURN_VALUE_UNUSED(&opline->result)) {
19698 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
19699 PZVAL_LOCK(EG(uninitialized_zval_ptr));
19700 }
19701 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19702 } else {
19703 zval *retval;
19704
19705 if (0) {
19706 MAKE_REAL_ZVAL_PTR(offset);
19707 }
19708
19709 /* here we are sure we are dealing with an object */
19710 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
19711
19712 if (RETURN_VALUE_UNUSED(&opline->result)) {
19713 if (Z_REFCOUNT_P(retval) == 0) {
19714 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
19715 zval_dtor(retval);
19716 FREE_ZVAL(retval);
19717 }
19718 } else {
19719 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
19720 PZVAL_LOCK(retval);
19721 }
19722
19723 if (0) {
19724 zval_ptr_dtor(&offset);
19725 } else {
19726 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19727 }
19728 }
19729
19730 ZEND_VM_NEXT_OPCODE();
19731 }
19732
ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19733 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19734 {
19735 return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19736 }
19737
ZEND_FETCH_OBJ_W_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19738 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19739 {
19740 zend_op *opline = EX(opline);
19741 zend_free_op free_op1, free_op2;
19742 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19743 zval **container;
19744
19745 if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
19746 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
19747 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
19748 }
19749
19750 if (0) {
19751 MAKE_REAL_ZVAL_PTR(property);
19752 }
19753 container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19754 if (IS_UNUSED == IS_VAR && !container) {
19755 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
19756 }
19757 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
19758 if (0) {
19759 zval_ptr_dtor(&property);
19760 } else {
19761 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19762 }
19763 if (IS_UNUSED == IS_VAR && 0 &&
19764 READY_TO_DESTROY(free_op1.var)) {
19765 AI_USE_PTR(EX_T(opline->result.u.var).var);
19766 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
19767 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
19768 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
19769 }
19770 }
19771
19772 /* We are going to assign the result by reference */
19773 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
19774 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
19775 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
19776 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
19777 }
19778
19779 ZEND_VM_NEXT_OPCODE();
19780 }
19781
ZEND_FETCH_OBJ_RW_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19782 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19783 {
19784 zend_op *opline = EX(opline);
19785 zend_free_op free_op1, free_op2;
19786 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19787 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19788
19789 if (0) {
19790 MAKE_REAL_ZVAL_PTR(property);
19791 }
19792 if (IS_UNUSED == IS_VAR && !container) {
19793 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
19794 }
19795 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
19796 if (0) {
19797 zval_ptr_dtor(&property);
19798 } else {
19799 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19800 }
19801 if (IS_UNUSED == IS_VAR && 0 &&
19802 READY_TO_DESTROY(free_op1.var)) {
19803 AI_USE_PTR(EX_T(opline->result.u.var).var);
19804 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
19805 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
19806 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
19807 }
19808 }
19809
19810 ZEND_VM_NEXT_OPCODE();
19811 }
19812
ZEND_FETCH_OBJ_IS_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19813 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19814 {
19815 return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19816 }
19817
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19818 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19819 {
19820 zend_op *opline = EX(opline);
19821
19822 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
19823 /* Behave like FETCH_OBJ_W */
19824 zend_free_op free_op1, free_op2;
19825 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19826 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19827
19828 if (0) {
19829 MAKE_REAL_ZVAL_PTR(property);
19830 }
19831 if (IS_UNUSED == IS_VAR && !container) {
19832 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
19833 }
19834 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
19835 if (0) {
19836 zval_ptr_dtor(&property);
19837 } else {
19838 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19839 }
19840 if (IS_UNUSED == IS_VAR && 0 &&
19841 READY_TO_DESTROY(free_op1.var)) {
19842 AI_USE_PTR(EX_T(opline->result.u.var).var);
19843 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
19844 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
19845 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
19846 }
19847 }
19848
19849 ZEND_VM_NEXT_OPCODE();
19850 } else {
19851 return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
19852 }
19853 }
19854
ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19855 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19856 {
19857 zend_op *opline = EX(opline);
19858 zend_free_op free_op1, free_op2, free_res;
19859 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19860 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19861
19862 if (IS_UNUSED == IS_CV) {
19863 if (container != &EG(uninitialized_zval_ptr)) {
19864 SEPARATE_ZVAL_IF_NOT_REF(container);
19865 }
19866 }
19867 if (0) {
19868 MAKE_REAL_ZVAL_PTR(property);
19869 }
19870 if (IS_UNUSED == IS_VAR && !container) {
19871 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
19872 }
19873 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
19874 if (0) {
19875 zval_ptr_dtor(&property);
19876 } else {
19877 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19878 }
19879 if (IS_UNUSED == IS_VAR && 0 &&
19880 READY_TO_DESTROY(free_op1.var)) {
19881 AI_USE_PTR(EX_T(opline->result.u.var).var);
19882 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
19883 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
19884 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
19885 }
19886 }
19887
19888 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
19889 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
19890 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
19891 }
19892 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
19893 FREE_OP_VAR_PTR(free_res);
19894 ZEND_VM_NEXT_OPCODE();
19895 }
19896
ZEND_ASSIGN_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19897 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19898 {
19899 zend_op *opline = EX(opline);
19900 zend_op *op_data = opline+1;
19901 zend_free_op free_op2;
19902 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
19903 zval *property_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19904
19905 if (0) {
19906 MAKE_REAL_ZVAL_PTR(property_name);
19907 }
19908 if (IS_UNUSED == IS_VAR && !object_ptr) {
19909 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
19910 }
19911 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
19912 if (0) {
19913 zval_ptr_dtor(&property_name);
19914 } else {
19915 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19916 }
19917
19918 /* assign_obj has two opcodes! */
19919 ZEND_VM_INC_OPCODE();
19920 ZEND_VM_NEXT_OPCODE();
19921 }
19922
ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19923 static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19924 {
19925 zend_op *opline = EX(opline);
19926 zend_free_op free_op2;
19927 zval *str = &EX_T(opline->result.u.var).tmp_var;
19928 zval *var = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19929 zval var_copy;
19930 int use_copy = 0;
19931
19932 if (IS_UNUSED == IS_UNUSED) {
19933 /* Initialize for erealloc in add_string_to_string */
19934 Z_STRVAL_P(str) = NULL;
19935 Z_STRLEN_P(str) = 0;
19936 Z_TYPE_P(str) = IS_STRING;
19937
19938 INIT_PZVAL(str);
19939 }
19940
19941 if (Z_TYPE_P(var) != IS_STRING) {
19942 zend_make_printable_zval(var, &var_copy, &use_copy);
19943
19944 if (use_copy) {
19945 var = &var_copy;
19946 }
19947 }
19948 add_string_to_string(str, str, var);
19949
19950 if (use_copy) {
19951 zval_dtor(var);
19952 }
19953 /* original comment, possibly problematic:
19954 * FREE_OP is missing intentionally here - we're always working on the same temporary variable
19955 * (Zeev): I don't think it's problematic, we only use variables
19956 * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
19957 * string offsets or overloaded objects
19958 */
19959 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
19960
19961 ZEND_VM_NEXT_OPCODE();
19962 }
19963
ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)19964 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
19965 {
19966 zend_op *opline = EX(opline);
19967 zval *function_name;
19968 char *function_name_strval;
19969 int function_name_strlen;
19970 zend_free_op free_op2;
19971
19972 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
19973
19974 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
19975
19976 if (Z_TYPE_P(function_name)!=IS_STRING) {
19977 zend_error_noreturn(E_ERROR, "Method name must be a string");
19978 }
19979
19980 function_name_strval = Z_STRVAL_P(function_name);
19981 function_name_strlen = Z_STRLEN_P(function_name);
19982
19983 EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C);
19984
19985 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
19986 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
19987 zend_error_noreturn(E_ERROR, "Object does not support method calls");
19988 }
19989
19990 /* First, locate the function. */
19991 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
19992 if (!EX(fbc)) {
19993 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
19994 }
19995
19996 EX(called_scope) = Z_OBJCE_P(EX(object));
19997 } else {
19998 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
19999 }
20000
20001 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
20002 EX(object) = NULL;
20003 } else {
20004 if (!PZVAL_IS_REF(EX(object))) {
20005 Z_ADDREF_P(EX(object)); /* For $this pointer */
20006 } else {
20007 zval *this_ptr;
20008 ALLOC_ZVAL(this_ptr);
20009 INIT_PZVAL_COPY(this_ptr, EX(object));
20010 zval_copy_ctor(this_ptr);
20011 EX(object) = this_ptr;
20012 }
20013 }
20014
20015 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20016
20017 ZEND_VM_NEXT_OPCODE();
20018 }
20019
ZEND_INIT_ARRAY_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20020 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20021 {
20022 zend_op *opline = EX(opline);
20023
20024 array_init(&EX_T(opline->result.u.var).tmp_var);
20025 if (IS_UNUSED == IS_UNUSED) {
20026 ZEND_VM_NEXT_OPCODE();
20027 #if 0 || IS_UNUSED != IS_UNUSED
20028 } else {
20029 return ZEND_ADD_ARRAY_ELEMENT_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20030 #endif
20031 }
20032 }
20033
ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20034 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20035 {
20036 zend_op *opline = EX(opline);
20037 zend_free_op free_op2;
20038 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20039 zval *offset;
20040
20041 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
20042 SEPARATE_ZVAL_IF_NOT_REF(container);
20043 }
20044 offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
20045
20046 if (IS_UNUSED != IS_VAR || container) {
20047 switch (Z_TYPE_PP(container)) {
20048 case IS_ARRAY: {
20049 HashTable *ht = Z_ARRVAL_PP(container);
20050
20051 switch (Z_TYPE_P(offset)) {
20052 case IS_DOUBLE:
20053 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
20054 break;
20055 case IS_RESOURCE:
20056 case IS_BOOL:
20057 case IS_LONG:
20058 zend_hash_index_del(ht, Z_LVAL_P(offset));
20059 break;
20060 case IS_STRING:
20061 if (IS_VAR == IS_CV || IS_VAR == IS_VAR) {
20062 Z_ADDREF_P(offset);
20063 }
20064 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
20065 ht == &EG(symbol_table)) {
20066 zend_execute_data *ex;
20067 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
20068
20069 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
20070 if (ex->op_array && ex->symbol_table == ht) {
20071 int i;
20072
20073 for (i = 0; i < ex->op_array->last_var; i++) {
20074 if (ex->op_array->vars[i].hash_value == hash_value &&
20075 ex->op_array->vars[i].name_len == offset->value.str.len &&
20076 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
20077 ex->CVs[i] = NULL;
20078 break;
20079 }
20080 }
20081 }
20082 }
20083 }
20084 if (IS_VAR == IS_CV || IS_VAR == IS_VAR) {
20085 zval_ptr_dtor(&offset);
20086 }
20087 break;
20088 case IS_NULL:
20089 zend_hash_del(ht, "", sizeof(""));
20090 break;
20091 default:
20092 zend_error(E_WARNING, "Illegal offset type in unset");
20093 break;
20094 }
20095 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20096 break;
20097 }
20098 case IS_OBJECT:
20099 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
20100 zend_error_noreturn(E_ERROR, "Cannot use object as array");
20101 }
20102 if (0) {
20103 MAKE_REAL_ZVAL_PTR(offset);
20104 }
20105 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
20106 if (0) {
20107 zval_ptr_dtor(&offset);
20108 } else {
20109 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20110 }
20111 break;
20112 case IS_STRING:
20113 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
20114 ZEND_VM_CONTINUE(); /* bailed out before */
20115 default:
20116 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20117 break;
20118 }
20119 } else {
20120 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20121 }
20122
20123 ZEND_VM_NEXT_OPCODE();
20124 }
20125
ZEND_UNSET_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20126 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20127 {
20128 zend_op *opline = EX(opline);
20129 zend_free_op free_op2;
20130 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20131 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
20132
20133 if (IS_UNUSED != IS_VAR || container) {
20134 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
20135 SEPARATE_ZVAL_IF_NOT_REF(container);
20136 }
20137 if (Z_TYPE_PP(container) == IS_OBJECT) {
20138 if (0) {
20139 MAKE_REAL_ZVAL_PTR(offset);
20140 }
20141 if (Z_OBJ_HT_P(*container)->unset_property) {
20142 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
20143 } else {
20144 zend_error(E_NOTICE, "Trying to unset property of non-object");
20145 }
20146 if (0) {
20147 zval_ptr_dtor(&offset);
20148 } else {
20149 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20150 }
20151 } else {
20152 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20153 }
20154 } else {
20155 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20156 }
20157
20158 ZEND_VM_NEXT_OPCODE();
20159 }
20160
zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)20161 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
20162 {
20163 zend_op *opline = EX(opline);
20164
20165 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20166 zval **value = NULL;
20167 int result = 0;
20168
20169 if (IS_UNUSED != IS_VAR || container) {
20170 zend_free_op free_op2;
20171 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
20172
20173 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
20174 HashTable *ht;
20175 int isset = 0;
20176
20177 ht = Z_ARRVAL_PP(container);
20178
20179 switch (Z_TYPE_P(offset)) {
20180 case IS_DOUBLE:
20181 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
20182 isset = 1;
20183 }
20184 break;
20185 case IS_RESOURCE:
20186 case IS_BOOL:
20187 case IS_LONG:
20188 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
20189 isset = 1;
20190 }
20191 break;
20192 case IS_STRING:
20193 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
20194 isset = 1;
20195 }
20196 break;
20197 case IS_NULL:
20198 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
20199 isset = 1;
20200 }
20201 break;
20202 default:
20203 zend_error(E_WARNING, "Illegal offset type in isset or empty");
20204
20205 break;
20206 }
20207
20208 switch (opline->extended_value) {
20209 case ZEND_ISSET:
20210 if (isset && Z_TYPE_PP(value) == IS_NULL) {
20211 result = 0;
20212 } else {
20213 result = isset;
20214 }
20215 break;
20216 case ZEND_ISEMPTY:
20217 if (!isset || !i_zend_is_true(*value)) {
20218 result = 0;
20219 } else {
20220 result = 1;
20221 }
20222 break;
20223 }
20224 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20225 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
20226 if (0) {
20227 MAKE_REAL_ZVAL_PTR(offset);
20228 }
20229 if (prop_dim) {
20230 if (Z_OBJ_HT_P(*container)->has_property) {
20231 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
20232 } else {
20233 zend_error(E_NOTICE, "Trying to check property of non-object");
20234 result = 0;
20235 }
20236 } else {
20237 if (Z_OBJ_HT_P(*container)->has_dimension) {
20238 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
20239 } else {
20240 zend_error(E_NOTICE, "Trying to check element of non-array");
20241 result = 0;
20242 }
20243 }
20244 if (0) {
20245 zval_ptr_dtor(&offset);
20246 } else {
20247 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20248 }
20249 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
20250 zval tmp;
20251
20252 if (Z_TYPE_P(offset) != IS_LONG) {
20253 tmp = *offset;
20254 zval_copy_ctor(&tmp);
20255 convert_to_long(&tmp);
20256 offset = &tmp;
20257 }
20258 if (Z_TYPE_P(offset) == IS_LONG) {
20259 switch (opline->extended_value) {
20260 case ZEND_ISSET:
20261 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
20262 result = 1;
20263 }
20264 break;
20265 case ZEND_ISEMPTY:
20266 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
20267 result = 1;
20268 }
20269 break;
20270 }
20271 }
20272 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20273 } else {
20274 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
20275 }
20276 }
20277
20278 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
20279
20280 switch (opline->extended_value) {
20281 case ZEND_ISSET:
20282 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
20283 break;
20284 case ZEND_ISEMPTY:
20285 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
20286 break;
20287 }
20288
20289 ZEND_VM_NEXT_OPCODE();
20290 }
20291
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20292 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20293 {
20294 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20295 }
20296
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20297 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20298 {
20299 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20300 }
20301
zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)20302 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
20303 {
20304 zend_op *opline = EX(opline);
20305 zend_op *op_data = opline+1;
20306 zend_free_op free_op_data1;
20307 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20308 zval *object;
20309 zval *property = NULL;
20310 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
20311 znode *result = &opline->result;
20312 int have_get_ptr = 0;
20313
20314 if (IS_UNUSED == IS_VAR && !object_ptr) {
20315 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
20316 }
20317
20318 EX_T(result->u.var).var.ptr_ptr = NULL;
20319 make_real_object(object_ptr TSRMLS_CC);
20320 object = *object_ptr;
20321
20322 if (Z_TYPE_P(object) != IS_OBJECT) {
20323 zend_error(E_WARNING, "Attempt to assign property of non-object");
20324
20325 FREE_OP(free_op_data1);
20326
20327 if (!RETURN_VALUE_UNUSED(result)) {
20328 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
20329 EX_T(result->u.var).var.ptr_ptr = NULL;
20330 PZVAL_LOCK(EG(uninitialized_zval_ptr));
20331 }
20332 } else {
20333 /* here we are sure we are dealing with an object */
20334 if (0) {
20335 MAKE_REAL_ZVAL_PTR(property);
20336 }
20337
20338 /* here property is a string */
20339 if (opline->extended_value == ZEND_ASSIGN_OBJ
20340 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
20341 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
20342 if (zptr != NULL) { /* NULL means no success in getting PTR */
20343 SEPARATE_ZVAL_IF_NOT_REF(zptr);
20344
20345 have_get_ptr = 1;
20346 binary_op(*zptr, *zptr, value TSRMLS_CC);
20347 if (!RETURN_VALUE_UNUSED(result)) {
20348 EX_T(result->u.var).var.ptr = *zptr;
20349 EX_T(result->u.var).var.ptr_ptr = NULL;
20350 PZVAL_LOCK(*zptr);
20351 }
20352 }
20353 }
20354
20355 if (!have_get_ptr) {
20356 zval *z = NULL;
20357
20358 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
20359 if (Z_OBJ_HT_P(object)->read_property) {
20360 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
20361 }
20362 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
20363 if (Z_OBJ_HT_P(object)->read_dimension) {
20364 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
20365 }
20366 }
20367 if (z) {
20368 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
20369 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
20370
20371 if (Z_REFCOUNT_P(z) == 0) {
20372 GC_REMOVE_ZVAL_FROM_BUFFER(z);
20373 zval_dtor(z);
20374 FREE_ZVAL(z);
20375 }
20376 z = value;
20377 }
20378 Z_ADDREF_P(z);
20379 SEPARATE_ZVAL_IF_NOT_REF(&z);
20380 binary_op(z, z, value TSRMLS_CC);
20381 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
20382 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
20383 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
20384 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
20385 }
20386 if (!RETURN_VALUE_UNUSED(result)) {
20387 EX_T(result->u.var).var.ptr = z;
20388 EX_T(result->u.var).var.ptr_ptr = NULL;
20389 PZVAL_LOCK(z);
20390 }
20391 zval_ptr_dtor(&z);
20392 } else {
20393 zend_error(E_WARNING, "Attempt to assign property of non-object");
20394 if (!RETURN_VALUE_UNUSED(result)) {
20395 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
20396 EX_T(result->u.var).var.ptr_ptr = NULL;
20397 PZVAL_LOCK(EG(uninitialized_zval_ptr));
20398 }
20399 }
20400 }
20401
20402 if (0) {
20403 zval_ptr_dtor(&property);
20404 } else {
20405
20406 }
20407 FREE_OP(free_op_data1);
20408 }
20409
20410 /* assign_obj has two opcodes! */
20411 ZEND_VM_INC_OPCODE();
20412 ZEND_VM_NEXT_OPCODE();
20413 }
20414
zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)20415 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
20416 {
20417 zend_op *opline = EX(opline);
20418 zend_free_op free_op_data2, free_op_data1;
20419 zval **var_ptr;
20420 zval *value;
20421
20422 switch (opline->extended_value) {
20423 case ZEND_ASSIGN_OBJ:
20424 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20425 break;
20426 case ZEND_ASSIGN_DIM: {
20427 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20428
20429 if (IS_UNUSED == IS_VAR && !container) {
20430 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
20431 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
20432 if (IS_UNUSED == IS_VAR && !0) {
20433 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
20434 }
20435 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20436 } else {
20437 zend_op *op_data = opline+1;
20438 zval *dim = NULL;
20439
20440 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
20441 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
20442 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
20443 ZEND_VM_INC_OPCODE();
20444 }
20445 }
20446 break;
20447 default:
20448 value = NULL;
20449 var_ptr = NULL;
20450 /* do nothing */
20451 break;
20452 }
20453
20454 if (!var_ptr) {
20455 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
20456 }
20457
20458 if (*var_ptr == EG(error_zval_ptr)) {
20459 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20460 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
20461 PZVAL_LOCK(EG(uninitialized_zval_ptr));
20462 }
20463
20464
20465 ZEND_VM_NEXT_OPCODE();
20466 }
20467
20468 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
20469
20470 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
20471 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
20472 /* proxy object */
20473 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
20474 Z_ADDREF_P(objval);
20475 binary_op(objval, objval, value TSRMLS_CC);
20476 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
20477 zval_ptr_dtor(&objval);
20478 } else {
20479 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
20480 }
20481
20482 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20483 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
20484 PZVAL_LOCK(*var_ptr);
20485 }
20486
20487 if (opline->extended_value == ZEND_ASSIGN_DIM) {
20488 FREE_OP(free_op_data1);
20489 FREE_OP_VAR_PTR(free_op_data2);
20490 }
20491
20492 ZEND_VM_NEXT_OPCODE();
20493 }
20494
ZEND_ASSIGN_ADD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20495 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20496 {
20497 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20498 }
20499
ZEND_ASSIGN_SUB_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20500 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20501 {
20502 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20503 }
20504
ZEND_ASSIGN_MUL_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20505 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20506 {
20507 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20508 }
20509
ZEND_ASSIGN_DIV_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20510 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20511 {
20512 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20513 }
20514
ZEND_ASSIGN_MOD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20515 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20516 {
20517 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20518 }
20519
ZEND_ASSIGN_SL_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20520 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20521 {
20522 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20523 }
20524
ZEND_ASSIGN_SR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20525 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20526 {
20527 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20528 }
20529
ZEND_ASSIGN_CONCAT_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20530 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20531 {
20532 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20533 }
20534
ZEND_ASSIGN_BW_OR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20535 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20536 {
20537 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20538 }
20539
ZEND_ASSIGN_BW_AND_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20540 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20541 {
20542 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20543 }
20544
ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20545 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20546 {
20547 return zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20548 }
20549
ZEND_INIT_ARRAY_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20550 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20551 {
20552 zend_op *opline = EX(opline);
20553
20554 array_init(&EX_T(opline->result.u.var).tmp_var);
20555 if (IS_UNUSED == IS_UNUSED) {
20556 ZEND_VM_NEXT_OPCODE();
20557 #if 0 || IS_UNUSED != IS_UNUSED
20558 } else {
20559 return ZEND_ADD_ARRAY_ELEMENT_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20560 #endif
20561 }
20562 }
20563
zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)20564 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
20565 {
20566 zend_op *opline = EX(opline);
20567 zend_op *op_data = opline+1;
20568 zend_free_op free_op_data1;
20569 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20570 zval *object;
20571 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
20572 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
20573 znode *result = &opline->result;
20574 int have_get_ptr = 0;
20575
20576 if (IS_UNUSED == IS_VAR && !object_ptr) {
20577 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
20578 }
20579
20580 EX_T(result->u.var).var.ptr_ptr = NULL;
20581 make_real_object(object_ptr TSRMLS_CC);
20582 object = *object_ptr;
20583
20584 if (Z_TYPE_P(object) != IS_OBJECT) {
20585 zend_error(E_WARNING, "Attempt to assign property of non-object");
20586
20587 FREE_OP(free_op_data1);
20588
20589 if (!RETURN_VALUE_UNUSED(result)) {
20590 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
20591 EX_T(result->u.var).var.ptr_ptr = NULL;
20592 PZVAL_LOCK(EG(uninitialized_zval_ptr));
20593 }
20594 } else {
20595 /* here we are sure we are dealing with an object */
20596 if (0) {
20597 MAKE_REAL_ZVAL_PTR(property);
20598 }
20599
20600 /* here property is a string */
20601 if (opline->extended_value == ZEND_ASSIGN_OBJ
20602 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
20603 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
20604 if (zptr != NULL) { /* NULL means no success in getting PTR */
20605 SEPARATE_ZVAL_IF_NOT_REF(zptr);
20606
20607 have_get_ptr = 1;
20608 binary_op(*zptr, *zptr, value TSRMLS_CC);
20609 if (!RETURN_VALUE_UNUSED(result)) {
20610 EX_T(result->u.var).var.ptr = *zptr;
20611 EX_T(result->u.var).var.ptr_ptr = NULL;
20612 PZVAL_LOCK(*zptr);
20613 }
20614 }
20615 }
20616
20617 if (!have_get_ptr) {
20618 zval *z = NULL;
20619
20620 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
20621 if (Z_OBJ_HT_P(object)->read_property) {
20622 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
20623 }
20624 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
20625 if (Z_OBJ_HT_P(object)->read_dimension) {
20626 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
20627 }
20628 }
20629 if (z) {
20630 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
20631 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
20632
20633 if (Z_REFCOUNT_P(z) == 0) {
20634 GC_REMOVE_ZVAL_FROM_BUFFER(z);
20635 zval_dtor(z);
20636 FREE_ZVAL(z);
20637 }
20638 z = value;
20639 }
20640 Z_ADDREF_P(z);
20641 SEPARATE_ZVAL_IF_NOT_REF(&z);
20642 binary_op(z, z, value TSRMLS_CC);
20643 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
20644 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
20645 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
20646 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
20647 }
20648 if (!RETURN_VALUE_UNUSED(result)) {
20649 EX_T(result->u.var).var.ptr = z;
20650 EX_T(result->u.var).var.ptr_ptr = NULL;
20651 PZVAL_LOCK(z);
20652 }
20653 zval_ptr_dtor(&z);
20654 } else {
20655 zend_error(E_WARNING, "Attempt to assign property of non-object");
20656 if (!RETURN_VALUE_UNUSED(result)) {
20657 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
20658 EX_T(result->u.var).var.ptr_ptr = NULL;
20659 PZVAL_LOCK(EG(uninitialized_zval_ptr));
20660 }
20661 }
20662 }
20663
20664 if (0) {
20665 zval_ptr_dtor(&property);
20666 } else {
20667
20668 }
20669 FREE_OP(free_op_data1);
20670 }
20671
20672 /* assign_obj has two opcodes! */
20673 ZEND_VM_INC_OPCODE();
20674 ZEND_VM_NEXT_OPCODE();
20675 }
20676
zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)20677 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
20678 {
20679 zend_op *opline = EX(opline);
20680 zend_free_op free_op_data2, free_op_data1;
20681 zval **var_ptr;
20682 zval *value;
20683
20684 switch (opline->extended_value) {
20685 case ZEND_ASSIGN_OBJ:
20686 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20687 break;
20688 case ZEND_ASSIGN_DIM: {
20689 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20690
20691 if (IS_UNUSED == IS_VAR && !container) {
20692 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
20693 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
20694 if (IS_UNUSED == IS_VAR && !0) {
20695 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
20696 }
20697 return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20698 } else {
20699 zend_op *op_data = opline+1;
20700 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
20701
20702 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
20703 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
20704 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
20705 ZEND_VM_INC_OPCODE();
20706 }
20707 }
20708 break;
20709 default:
20710 value = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
20711 var_ptr = NULL;
20712 /* do nothing */
20713 break;
20714 }
20715
20716 if (!var_ptr) {
20717 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
20718 }
20719
20720 if (*var_ptr == EG(error_zval_ptr)) {
20721 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20722 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
20723 PZVAL_LOCK(EG(uninitialized_zval_ptr));
20724 }
20725
20726
20727 ZEND_VM_NEXT_OPCODE();
20728 }
20729
20730 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
20731
20732 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
20733 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
20734 /* proxy object */
20735 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
20736 Z_ADDREF_P(objval);
20737 binary_op(objval, objval, value TSRMLS_CC);
20738 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
20739 zval_ptr_dtor(&objval);
20740 } else {
20741 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
20742 }
20743
20744 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20745 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
20746 PZVAL_LOCK(*var_ptr);
20747 }
20748
20749 if (opline->extended_value == ZEND_ASSIGN_DIM) {
20750 FREE_OP(free_op_data1);
20751 FREE_OP_VAR_PTR(free_op_data2);
20752 }
20753
20754 ZEND_VM_NEXT_OPCODE();
20755 }
20756
ZEND_ASSIGN_ADD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20757 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20758 {
20759 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20760 }
20761
ZEND_ASSIGN_SUB_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20762 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20763 {
20764 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20765 }
20766
ZEND_ASSIGN_MUL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20767 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20768 {
20769 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20770 }
20771
ZEND_ASSIGN_DIV_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20772 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20773 {
20774 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20775 }
20776
ZEND_ASSIGN_MOD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20777 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20778 {
20779 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20780 }
20781
ZEND_ASSIGN_SL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20782 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20783 {
20784 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20785 }
20786
ZEND_ASSIGN_SR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20787 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20788 {
20789 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20790 }
20791
ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20792 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20793 {
20794 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20795 }
20796
ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20797 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20798 {
20799 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20800 }
20801
ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20802 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20803 {
20804 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20805 }
20806
ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20807 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20808 {
20809 return zend_binary_assign_op_helper_SPEC_UNUSED_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20810 }
20811
zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)20812 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
20813 {
20814 zend_op *opline = EX(opline);
20815
20816 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20817 zval *object;
20818 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
20819 zval **retval = &EX_T(opline->result.u.var).var.ptr;
20820 int have_get_ptr = 0;
20821
20822 if (IS_UNUSED == IS_VAR && !object_ptr) {
20823 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
20824 }
20825
20826 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
20827 object = *object_ptr;
20828
20829 if (Z_TYPE_P(object) != IS_OBJECT) {
20830 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
20831
20832 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20833 *retval = EG(uninitialized_zval_ptr);
20834 PZVAL_LOCK(*retval);
20835 }
20836
20837 ZEND_VM_NEXT_OPCODE();
20838 }
20839
20840 /* here we are sure we are dealing with an object */
20841
20842 if (0) {
20843 MAKE_REAL_ZVAL_PTR(property);
20844 }
20845
20846 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
20847 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
20848 if (zptr != NULL) { /* NULL means no success in getting PTR */
20849 SEPARATE_ZVAL_IF_NOT_REF(zptr);
20850
20851 have_get_ptr = 1;
20852 incdec_op(*zptr);
20853 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20854 *retval = *zptr;
20855 PZVAL_LOCK(*retval);
20856 }
20857 }
20858 }
20859
20860 if (!have_get_ptr) {
20861 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
20862 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
20863
20864 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
20865 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
20866
20867 if (Z_REFCOUNT_P(z) == 0) {
20868 GC_REMOVE_ZVAL_FROM_BUFFER(z);
20869 zval_dtor(z);
20870 FREE_ZVAL(z);
20871 }
20872 z = value;
20873 }
20874 Z_ADDREF_P(z);
20875 SEPARATE_ZVAL_IF_NOT_REF(&z);
20876 incdec_op(z);
20877 *retval = z;
20878 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
20879 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
20880 zval_ptr_dtor(&z);
20881 } else {
20882 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
20883 if (!RETURN_VALUE_UNUSED(&opline->result)) {
20884 *retval = EG(uninitialized_zval_ptr);
20885 PZVAL_LOCK(*retval);
20886 }
20887 }
20888 }
20889
20890 if (0) {
20891 zval_ptr_dtor(&property);
20892 } else {
20893
20894 }
20895
20896 ZEND_VM_NEXT_OPCODE();
20897 }
20898
ZEND_PRE_INC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20899 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20900 {
20901 return zend_pre_incdec_property_helper_SPEC_UNUSED_CV(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20902 }
20903
ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20904 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20905 {
20906 return zend_pre_incdec_property_helper_SPEC_UNUSED_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20907 }
20908
zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)20909 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
20910 {
20911 zend_op *opline = EX(opline);
20912
20913 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
20914 zval *object;
20915 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
20916 zval *retval = &EX_T(opline->result.u.var).tmp_var;
20917 int have_get_ptr = 0;
20918
20919 if (IS_UNUSED == IS_VAR && !object_ptr) {
20920 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
20921 }
20922
20923 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
20924 object = *object_ptr;
20925
20926 if (Z_TYPE_P(object) != IS_OBJECT) {
20927 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
20928
20929 *retval = *EG(uninitialized_zval_ptr);
20930
20931 ZEND_VM_NEXT_OPCODE();
20932 }
20933
20934 /* here we are sure we are dealing with an object */
20935
20936 if (0) {
20937 MAKE_REAL_ZVAL_PTR(property);
20938 }
20939
20940 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
20941 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
20942 if (zptr != NULL) { /* NULL means no success in getting PTR */
20943 have_get_ptr = 1;
20944 SEPARATE_ZVAL_IF_NOT_REF(zptr);
20945
20946 *retval = **zptr;
20947 zendi_zval_copy_ctor(*retval);
20948
20949 incdec_op(*zptr);
20950
20951 }
20952 }
20953
20954 if (!have_get_ptr) {
20955 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
20956 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
20957 zval *z_copy;
20958
20959 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
20960 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
20961
20962 if (Z_REFCOUNT_P(z) == 0) {
20963 GC_REMOVE_ZVAL_FROM_BUFFER(z);
20964 zval_dtor(z);
20965 FREE_ZVAL(z);
20966 }
20967 z = value;
20968 }
20969 *retval = *z;
20970 zendi_zval_copy_ctor(*retval);
20971 ALLOC_ZVAL(z_copy);
20972 *z_copy = *z;
20973 zendi_zval_copy_ctor(*z_copy);
20974 INIT_PZVAL(z_copy);
20975 incdec_op(z_copy);
20976 Z_ADDREF_P(z);
20977 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
20978 zval_ptr_dtor(&z_copy);
20979 zval_ptr_dtor(&z);
20980 } else {
20981 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
20982 *retval = *EG(uninitialized_zval_ptr);
20983 }
20984 }
20985
20986 if (0) {
20987 zval_ptr_dtor(&property);
20988 } else {
20989
20990 }
20991
20992 ZEND_VM_NEXT_OPCODE();
20993 }
20994
ZEND_POST_INC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)20995 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
20996 {
20997 return zend_post_incdec_property_helper_SPEC_UNUSED_CV(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
20998 }
20999
ZEND_POST_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21000 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21001 {
21002 return zend_post_incdec_property_helper_SPEC_UNUSED_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21003 }
21004
zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(int type,ZEND_OPCODE_HANDLER_ARGS)21005 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(int type, ZEND_OPCODE_HANDLER_ARGS)
21006 {
21007 zend_op *opline = EX(opline);
21008
21009 zval *container = _get_obj_zval_ptr_unused(TSRMLS_C);
21010
21011 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21012
21013 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
21014 if (type != BP_VAR_IS) {
21015 zend_error(E_NOTICE, "Trying to get property of non-object");
21016 }
21017 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21018 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
21019 PZVAL_LOCK(EG(uninitialized_zval_ptr));
21020 }
21021
21022 } else {
21023 zval *retval;
21024
21025 if (0) {
21026 MAKE_REAL_ZVAL_PTR(offset);
21027 }
21028
21029 /* here we are sure we are dealing with an object */
21030 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
21031
21032 if (RETURN_VALUE_UNUSED(&opline->result)) {
21033 if (Z_REFCOUNT_P(retval) == 0) {
21034 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
21035 zval_dtor(retval);
21036 FREE_ZVAL(retval);
21037 }
21038 } else {
21039 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
21040 PZVAL_LOCK(retval);
21041 }
21042
21043 if (0) {
21044 zval_ptr_dtor(&offset);
21045 } else {
21046
21047 }
21048 }
21049
21050 ZEND_VM_NEXT_OPCODE();
21051 }
21052
ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21053 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21054 {
21055 return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21056 }
21057
ZEND_FETCH_OBJ_W_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21058 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21059 {
21060 zend_op *opline = EX(opline);
21061 zend_free_op free_op1;
21062 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21063 zval **container;
21064
21065 if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
21066 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
21067 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
21068 }
21069
21070 if (0) {
21071 MAKE_REAL_ZVAL_PTR(property);
21072 }
21073 container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21074 if (IS_UNUSED == IS_VAR && !container) {
21075 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
21076 }
21077 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
21078 if (0) {
21079 zval_ptr_dtor(&property);
21080 } else {
21081
21082 }
21083 if (IS_UNUSED == IS_VAR && 0 &&
21084 READY_TO_DESTROY(free_op1.var)) {
21085 AI_USE_PTR(EX_T(opline->result.u.var).var);
21086 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
21087 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
21088 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
21089 }
21090 }
21091
21092 /* We are going to assign the result by reference */
21093 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
21094 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
21095 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
21096 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
21097 }
21098
21099 ZEND_VM_NEXT_OPCODE();
21100 }
21101
ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21102 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21103 {
21104 zend_op *opline = EX(opline);
21105 zend_free_op free_op1;
21106 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21107 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21108
21109 if (0) {
21110 MAKE_REAL_ZVAL_PTR(property);
21111 }
21112 if (IS_UNUSED == IS_VAR && !container) {
21113 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
21114 }
21115 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
21116 if (0) {
21117 zval_ptr_dtor(&property);
21118 } else {
21119
21120 }
21121 if (IS_UNUSED == IS_VAR && 0 &&
21122 READY_TO_DESTROY(free_op1.var)) {
21123 AI_USE_PTR(EX_T(opline->result.u.var).var);
21124 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
21125 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
21126 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
21127 }
21128 }
21129
21130 ZEND_VM_NEXT_OPCODE();
21131 }
21132
ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21133 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21134 {
21135 return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21136 }
21137
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21138 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21139 {
21140 zend_op *opline = EX(opline);
21141
21142 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
21143 /* Behave like FETCH_OBJ_W */
21144 zend_free_op free_op1;
21145 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21146 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21147
21148 if (0) {
21149 MAKE_REAL_ZVAL_PTR(property);
21150 }
21151 if (IS_UNUSED == IS_VAR && !container) {
21152 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
21153 }
21154 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
21155 if (0) {
21156 zval_ptr_dtor(&property);
21157 } else {
21158
21159 }
21160 if (IS_UNUSED == IS_VAR && 0 &&
21161 READY_TO_DESTROY(free_op1.var)) {
21162 AI_USE_PTR(EX_T(opline->result.u.var).var);
21163 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
21164 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
21165 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
21166 }
21167 }
21168
21169 ZEND_VM_NEXT_OPCODE();
21170 } else {
21171 return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21172 }
21173 }
21174
ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21175 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21176 {
21177 zend_op *opline = EX(opline);
21178 zend_free_op free_op1, free_res;
21179 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21180 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21181
21182 if (IS_UNUSED == IS_CV) {
21183 if (container != &EG(uninitialized_zval_ptr)) {
21184 SEPARATE_ZVAL_IF_NOT_REF(container);
21185 }
21186 }
21187 if (0) {
21188 MAKE_REAL_ZVAL_PTR(property);
21189 }
21190 if (IS_UNUSED == IS_VAR && !container) {
21191 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
21192 }
21193 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
21194 if (0) {
21195 zval_ptr_dtor(&property);
21196 } else {
21197
21198 }
21199 if (IS_UNUSED == IS_VAR && 0 &&
21200 READY_TO_DESTROY(free_op1.var)) {
21201 AI_USE_PTR(EX_T(opline->result.u.var).var);
21202 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
21203 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
21204 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
21205 }
21206 }
21207
21208 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
21209 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
21210 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
21211 }
21212 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
21213 FREE_OP_VAR_PTR(free_res);
21214 ZEND_VM_NEXT_OPCODE();
21215 }
21216
ZEND_ASSIGN_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21217 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21218 {
21219 zend_op *opline = EX(opline);
21220 zend_op *op_data = opline+1;
21221
21222 zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21223 zval *property_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21224
21225 if (0) {
21226 MAKE_REAL_ZVAL_PTR(property_name);
21227 }
21228 if (IS_UNUSED == IS_VAR && !object_ptr) {
21229 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
21230 }
21231 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
21232 if (0) {
21233 zval_ptr_dtor(&property_name);
21234 } else {
21235
21236 }
21237
21238 /* assign_obj has two opcodes! */
21239 ZEND_VM_INC_OPCODE();
21240 ZEND_VM_NEXT_OPCODE();
21241 }
21242
ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21243 static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21244 {
21245 zend_op *opline = EX(opline);
21246
21247 zval *str = &EX_T(opline->result.u.var).tmp_var;
21248 zval *var = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21249 zval var_copy;
21250 int use_copy = 0;
21251
21252 if (IS_UNUSED == IS_UNUSED) {
21253 /* Initialize for erealloc in add_string_to_string */
21254 Z_STRVAL_P(str) = NULL;
21255 Z_STRLEN_P(str) = 0;
21256 Z_TYPE_P(str) = IS_STRING;
21257
21258 INIT_PZVAL(str);
21259 }
21260
21261 if (Z_TYPE_P(var) != IS_STRING) {
21262 zend_make_printable_zval(var, &var_copy, &use_copy);
21263
21264 if (use_copy) {
21265 var = &var_copy;
21266 }
21267 }
21268 add_string_to_string(str, str, var);
21269
21270 if (use_copy) {
21271 zval_dtor(var);
21272 }
21273 /* original comment, possibly problematic:
21274 * FREE_OP is missing intentionally here - we're always working on the same temporary variable
21275 * (Zeev): I don't think it's problematic, we only use variables
21276 * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
21277 * string offsets or overloaded objects
21278 */
21279
21280 ZEND_VM_NEXT_OPCODE();
21281 }
21282
ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21283 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21284 {
21285 zend_op *opline = EX(opline);
21286 zval *function_name;
21287 char *function_name_strval;
21288 int function_name_strlen;
21289
21290
21291 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
21292
21293 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21294
21295 if (Z_TYPE_P(function_name)!=IS_STRING) {
21296 zend_error_noreturn(E_ERROR, "Method name must be a string");
21297 }
21298
21299 function_name_strval = Z_STRVAL_P(function_name);
21300 function_name_strlen = Z_STRLEN_P(function_name);
21301
21302 EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C);
21303
21304 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
21305 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
21306 zend_error_noreturn(E_ERROR, "Object does not support method calls");
21307 }
21308
21309 /* First, locate the function. */
21310 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
21311 if (!EX(fbc)) {
21312 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
21313 }
21314
21315 EX(called_scope) = Z_OBJCE_P(EX(object));
21316 } else {
21317 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
21318 }
21319
21320 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
21321 EX(object) = NULL;
21322 } else {
21323 if (!PZVAL_IS_REF(EX(object))) {
21324 Z_ADDREF_P(EX(object)); /* For $this pointer */
21325 } else {
21326 zval *this_ptr;
21327 ALLOC_ZVAL(this_ptr);
21328 INIT_PZVAL_COPY(this_ptr, EX(object));
21329 zval_copy_ctor(this_ptr);
21330 EX(object) = this_ptr;
21331 }
21332 }
21333
21334
21335 ZEND_VM_NEXT_OPCODE();
21336 }
21337
ZEND_INIT_ARRAY_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21338 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21339 {
21340 zend_op *opline = EX(opline);
21341
21342 array_init(&EX_T(opline->result.u.var).tmp_var);
21343 if (IS_UNUSED == IS_UNUSED) {
21344 ZEND_VM_NEXT_OPCODE();
21345 #if 0 || IS_UNUSED != IS_UNUSED
21346 } else {
21347 return ZEND_ADD_ARRAY_ELEMENT_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21348 #endif
21349 }
21350 }
21351
ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21352 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21353 {
21354 zend_op *opline = EX(opline);
21355
21356 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21357 zval *offset;
21358
21359 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
21360 SEPARATE_ZVAL_IF_NOT_REF(container);
21361 }
21362 offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21363
21364 if (IS_UNUSED != IS_VAR || container) {
21365 switch (Z_TYPE_PP(container)) {
21366 case IS_ARRAY: {
21367 HashTable *ht = Z_ARRVAL_PP(container);
21368
21369 switch (Z_TYPE_P(offset)) {
21370 case IS_DOUBLE:
21371 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
21372 break;
21373 case IS_RESOURCE:
21374 case IS_BOOL:
21375 case IS_LONG:
21376 zend_hash_index_del(ht, Z_LVAL_P(offset));
21377 break;
21378 case IS_STRING:
21379 if (IS_CV == IS_CV || IS_CV == IS_VAR) {
21380 Z_ADDREF_P(offset);
21381 }
21382 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
21383 ht == &EG(symbol_table)) {
21384 zend_execute_data *ex;
21385 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
21386
21387 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
21388 if (ex->op_array && ex->symbol_table == ht) {
21389 int i;
21390
21391 for (i = 0; i < ex->op_array->last_var; i++) {
21392 if (ex->op_array->vars[i].hash_value == hash_value &&
21393 ex->op_array->vars[i].name_len == offset->value.str.len &&
21394 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
21395 ex->CVs[i] = NULL;
21396 break;
21397 }
21398 }
21399 }
21400 }
21401 }
21402 if (IS_CV == IS_CV || IS_CV == IS_VAR) {
21403 zval_ptr_dtor(&offset);
21404 }
21405 break;
21406 case IS_NULL:
21407 zend_hash_del(ht, "", sizeof(""));
21408 break;
21409 default:
21410 zend_error(E_WARNING, "Illegal offset type in unset");
21411 break;
21412 }
21413
21414 break;
21415 }
21416 case IS_OBJECT:
21417 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
21418 zend_error_noreturn(E_ERROR, "Cannot use object as array");
21419 }
21420 if (0) {
21421 MAKE_REAL_ZVAL_PTR(offset);
21422 }
21423 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
21424 if (0) {
21425 zval_ptr_dtor(&offset);
21426 } else {
21427
21428 }
21429 break;
21430 case IS_STRING:
21431 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
21432 ZEND_VM_CONTINUE(); /* bailed out before */
21433 default:
21434
21435 break;
21436 }
21437 } else {
21438
21439 }
21440
21441 ZEND_VM_NEXT_OPCODE();
21442 }
21443
ZEND_UNSET_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21444 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21445 {
21446 zend_op *opline = EX(opline);
21447
21448 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21449 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21450
21451 if (IS_UNUSED != IS_VAR || container) {
21452 if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) {
21453 SEPARATE_ZVAL_IF_NOT_REF(container);
21454 }
21455 if (Z_TYPE_PP(container) == IS_OBJECT) {
21456 if (0) {
21457 MAKE_REAL_ZVAL_PTR(offset);
21458 }
21459 if (Z_OBJ_HT_P(*container)->unset_property) {
21460 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
21461 } else {
21462 zend_error(E_NOTICE, "Trying to unset property of non-object");
21463 }
21464 if (0) {
21465 zval_ptr_dtor(&offset);
21466 } else {
21467
21468 }
21469 } else {
21470
21471 }
21472 } else {
21473
21474 }
21475
21476 ZEND_VM_NEXT_OPCODE();
21477 }
21478
zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)21479 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
21480 {
21481 zend_op *opline = EX(opline);
21482
21483 zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C);
21484 zval **value = NULL;
21485 int result = 0;
21486
21487 if (IS_UNUSED != IS_VAR || container) {
21488
21489 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
21490
21491 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
21492 HashTable *ht;
21493 int isset = 0;
21494
21495 ht = Z_ARRVAL_PP(container);
21496
21497 switch (Z_TYPE_P(offset)) {
21498 case IS_DOUBLE:
21499 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
21500 isset = 1;
21501 }
21502 break;
21503 case IS_RESOURCE:
21504 case IS_BOOL:
21505 case IS_LONG:
21506 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
21507 isset = 1;
21508 }
21509 break;
21510 case IS_STRING:
21511 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
21512 isset = 1;
21513 }
21514 break;
21515 case IS_NULL:
21516 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
21517 isset = 1;
21518 }
21519 break;
21520 default:
21521 zend_error(E_WARNING, "Illegal offset type in isset or empty");
21522
21523 break;
21524 }
21525
21526 switch (opline->extended_value) {
21527 case ZEND_ISSET:
21528 if (isset && Z_TYPE_PP(value) == IS_NULL) {
21529 result = 0;
21530 } else {
21531 result = isset;
21532 }
21533 break;
21534 case ZEND_ISEMPTY:
21535 if (!isset || !i_zend_is_true(*value)) {
21536 result = 0;
21537 } else {
21538 result = 1;
21539 }
21540 break;
21541 }
21542
21543 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
21544 if (0) {
21545 MAKE_REAL_ZVAL_PTR(offset);
21546 }
21547 if (prop_dim) {
21548 if (Z_OBJ_HT_P(*container)->has_property) {
21549 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
21550 } else {
21551 zend_error(E_NOTICE, "Trying to check property of non-object");
21552 result = 0;
21553 }
21554 } else {
21555 if (Z_OBJ_HT_P(*container)->has_dimension) {
21556 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
21557 } else {
21558 zend_error(E_NOTICE, "Trying to check element of non-array");
21559 result = 0;
21560 }
21561 }
21562 if (0) {
21563 zval_ptr_dtor(&offset);
21564 } else {
21565
21566 }
21567 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
21568 zval tmp;
21569
21570 if (Z_TYPE_P(offset) != IS_LONG) {
21571 tmp = *offset;
21572 zval_copy_ctor(&tmp);
21573 convert_to_long(&tmp);
21574 offset = &tmp;
21575 }
21576 if (Z_TYPE_P(offset) == IS_LONG) {
21577 switch (opline->extended_value) {
21578 case ZEND_ISSET:
21579 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
21580 result = 1;
21581 }
21582 break;
21583 case ZEND_ISEMPTY:
21584 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
21585 result = 1;
21586 }
21587 break;
21588 }
21589 }
21590
21591 } else {
21592
21593 }
21594 }
21595
21596 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
21597
21598 switch (opline->extended_value) {
21599 case ZEND_ISSET:
21600 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
21601 break;
21602 case ZEND_ISEMPTY:
21603 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
21604 break;
21605 }
21606
21607 ZEND_VM_NEXT_OPCODE();
21608 }
21609
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21610 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21611 {
21612 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21613 }
21614
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21615 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21616 {
21617 return zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21618 }
21619
ZEND_BW_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21620 static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21621 {
21622 zend_op *opline = EX(opline);
21623
21624
21625 bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
21626 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
21627
21628 ZEND_VM_NEXT_OPCODE();
21629 }
21630
ZEND_BOOL_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21631 static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21632 {
21633 zend_op *opline = EX(opline);
21634
21635
21636 boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
21637 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
21638
21639 ZEND_VM_NEXT_OPCODE();
21640 }
21641
ZEND_PRE_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21642 static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21643 {
21644 zend_op *opline = EX(opline);
21645
21646 zval **var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
21647
21648 if (IS_CV == IS_VAR && !var_ptr) {
21649 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
21650 }
21651 if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
21652 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21653 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
21654 PZVAL_LOCK(EG(uninitialized_zval_ptr));
21655 }
21656
21657 ZEND_VM_NEXT_OPCODE();
21658 }
21659
21660 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
21661
21662 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
21663 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
21664 /* proxy object */
21665 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
21666 Z_ADDREF_P(val);
21667 increment_function(val);
21668 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
21669 zval_ptr_dtor(&val);
21670 } else {
21671 increment_function(*var_ptr);
21672 }
21673
21674 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21675 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
21676 PZVAL_LOCK(*var_ptr);
21677 }
21678
21679 ZEND_VM_NEXT_OPCODE();
21680 }
21681
ZEND_PRE_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21682 static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21683 {
21684 zend_op *opline = EX(opline);
21685
21686 zval **var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
21687
21688 if (IS_CV == IS_VAR && !var_ptr) {
21689 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
21690 }
21691 if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
21692 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21693 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
21694 PZVAL_LOCK(EG(uninitialized_zval_ptr));
21695 }
21696
21697 ZEND_VM_NEXT_OPCODE();
21698 }
21699
21700 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
21701
21702 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
21703 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
21704 /* proxy object */
21705 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
21706 Z_ADDREF_P(val);
21707 decrement_function(val);
21708 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
21709 zval_ptr_dtor(&val);
21710 } else {
21711 decrement_function(*var_ptr);
21712 }
21713
21714 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21715 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
21716 PZVAL_LOCK(*var_ptr);
21717 }
21718
21719 ZEND_VM_NEXT_OPCODE();
21720 }
21721
ZEND_POST_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21722 static int ZEND_FASTCALL ZEND_POST_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21723 {
21724 zend_op *opline = EX(opline);
21725
21726 zval **var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
21727
21728 if (IS_CV == IS_VAR && !var_ptr) {
21729 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
21730 }
21731 if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
21732 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21733 EX_T(opline->result.u.var).tmp_var = *EG(uninitialized_zval_ptr);
21734 }
21735
21736 ZEND_VM_NEXT_OPCODE();
21737 }
21738
21739 EX_T(opline->result.u.var).tmp_var = **var_ptr;
21740 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
21741
21742 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
21743
21744 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
21745 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
21746 /* proxy object */
21747 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
21748 Z_ADDREF_P(val);
21749 increment_function(val);
21750 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
21751 zval_ptr_dtor(&val);
21752 } else {
21753 increment_function(*var_ptr);
21754 }
21755
21756 ZEND_VM_NEXT_OPCODE();
21757 }
21758
ZEND_POST_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21759 static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21760 {
21761 zend_op *opline = EX(opline);
21762
21763 zval **var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
21764
21765 if (IS_CV == IS_VAR && !var_ptr) {
21766 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
21767 }
21768 if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
21769 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21770 EX_T(opline->result.u.var).tmp_var = *EG(uninitialized_zval_ptr);
21771 }
21772
21773 ZEND_VM_NEXT_OPCODE();
21774 }
21775
21776 EX_T(opline->result.u.var).tmp_var = **var_ptr;
21777 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
21778
21779 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
21780
21781 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
21782 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
21783 /* proxy object */
21784 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
21785 Z_ADDREF_P(val);
21786 decrement_function(val);
21787 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
21788 zval_ptr_dtor(&val);
21789 } else {
21790 decrement_function(*var_ptr);
21791 }
21792
21793 ZEND_VM_NEXT_OPCODE();
21794 }
21795
ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21796 static int ZEND_FASTCALL ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21797 {
21798 zend_op *opline = EX(opline);
21799
21800 zval *z = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
21801
21802 if (IS_CV == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
21803 INIT_PZVAL(z);
21804 }
21805 zend_print_variable(z);
21806
21807 ZEND_VM_NEXT_OPCODE();
21808 }
21809
ZEND_PRINT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21810 static int ZEND_FASTCALL ZEND_PRINT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21811 {
21812 zend_op *opline = EX(opline);
21813
21814 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
21815 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
21816
21817 return ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21818 }
21819
zend_fetch_var_address_helper_SPEC_CV(int type,ZEND_OPCODE_HANDLER_ARGS)21820 static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV(int type, ZEND_OPCODE_HANDLER_ARGS)
21821 {
21822 zend_op *opline = EX(opline);
21823 zend_free_op free_op1;
21824 zval *varname = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
21825 zval **retval;
21826 zval tmp_varname;
21827 HashTable *target_symbol_table;
21828
21829 if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
21830 tmp_varname = *varname;
21831 zval_copy_ctor(&tmp_varname);
21832 convert_to_string(&tmp_varname);
21833 varname = &tmp_varname;
21834 }
21835
21836 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
21837 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
21838
21839 } else {
21840 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
21841 /*
21842 if (!target_symbol_table) {
21843 ZEND_VM_NEXT_OPCODE();
21844 }
21845 */
21846 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
21847 switch (type) {
21848 case BP_VAR_R:
21849 case BP_VAR_UNSET:
21850 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
21851 /* break missing intentionally */
21852 case BP_VAR_IS:
21853 retval = &EG(uninitialized_zval_ptr);
21854 break;
21855 case BP_VAR_RW:
21856 zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
21857 /* break missing intentionally */
21858 case BP_VAR_W: {
21859 zval *new_zval = &EG(uninitialized_zval);
21860
21861 Z_ADDREF_P(new_zval);
21862 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
21863 }
21864 break;
21865 EMPTY_SWITCH_DEFAULT_CASE()
21866 }
21867 }
21868 switch (opline->op2.u.EA.type) {
21869 case ZEND_FETCH_GLOBAL:
21870 if (IS_CV != IS_TMP_VAR) {
21871
21872 }
21873 break;
21874 case ZEND_FETCH_LOCAL:
21875
21876 break;
21877 case ZEND_FETCH_STATIC:
21878 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
21879 break;
21880 case ZEND_FETCH_GLOBAL_LOCK:
21881 if (IS_CV == IS_VAR && !free_op1.var) {
21882 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
21883 }
21884 break;
21885 }
21886 }
21887
21888
21889 if (IS_CV != IS_CONST && varname == &tmp_varname) {
21890 zval_dtor(varname);
21891 }
21892 if (!RETURN_VALUE_UNUSED(&opline->result)) {
21893 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
21894 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
21895 }
21896 PZVAL_LOCK(*retval);
21897 switch (type) {
21898 case BP_VAR_R:
21899 case BP_VAR_IS:
21900 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
21901 break;
21902 case BP_VAR_UNSET: {
21903 zend_free_op free_res;
21904
21905 EX_T(opline->result.u.var).var.ptr_ptr = retval;
21906 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
21907 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
21908 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
21909 }
21910 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
21911 FREE_OP_VAR_PTR(free_res);
21912 break;
21913 default:
21914 EX_T(opline->result.u.var).var.ptr_ptr = retval;
21915 break;
21916 }
21917 }
21918 }
21919 ZEND_VM_NEXT_OPCODE();
21920 }
21921
ZEND_FETCH_R_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21922 static int ZEND_FASTCALL ZEND_FETCH_R_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21923 {
21924 return zend_fetch_var_address_helper_SPEC_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21925 }
21926
ZEND_FETCH_W_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21927 static int ZEND_FASTCALL ZEND_FETCH_W_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21928 {
21929 return zend_fetch_var_address_helper_SPEC_CV(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21930 }
21931
ZEND_FETCH_RW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21932 static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21933 {
21934 return zend_fetch_var_address_helper_SPEC_CV(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21935 }
21936
ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21937 static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21938 {
21939 return zend_fetch_var_address_helper_SPEC_CV(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21940 }
21941
ZEND_FETCH_UNSET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21942 static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21943 {
21944 return zend_fetch_var_address_helper_SPEC_CV(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21945 }
21946
ZEND_FETCH_IS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21947 static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21948 {
21949 return zend_fetch_var_address_helper_SPEC_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
21950 }
21951
ZEND_JMPZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21952 static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21953 {
21954 zend_op *opline = EX(opline);
21955
21956 zval *val = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
21957 int ret;
21958
21959 if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
21960 ret = Z_LVAL_P(val);
21961 } else {
21962 ret = i_zend_is_true(val);
21963
21964 if (UNEXPECTED(EG(exception) != NULL)) {
21965 ZEND_VM_CONTINUE();
21966 }
21967 }
21968 if (!ret) {
21969 #if DEBUG_ZEND>=2
21970 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
21971 #endif
21972 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
21973 ZEND_VM_CONTINUE();
21974 }
21975
21976 ZEND_VM_NEXT_OPCODE();
21977 }
21978
ZEND_JMPNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)21979 static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
21980 {
21981 zend_op *opline = EX(opline);
21982
21983 zval *val = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
21984 int ret;
21985
21986 if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
21987 ret = Z_LVAL_P(val);
21988 } else {
21989 ret = i_zend_is_true(val);
21990
21991 if (UNEXPECTED(EG(exception) != NULL)) {
21992 ZEND_VM_CONTINUE();
21993 }
21994 }
21995 if (ret) {
21996 #if DEBUG_ZEND>=2
21997 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
21998 #endif
21999 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
22000 ZEND_VM_CONTINUE();
22001 }
22002
22003 ZEND_VM_NEXT_OPCODE();
22004 }
22005
ZEND_JMPZNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22006 static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22007 {
22008 zend_op *opline = EX(opline);
22009
22010 zval *val = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22011 int retval;
22012
22013 if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
22014 retval = Z_LVAL_P(val);
22015 } else {
22016 retval = i_zend_is_true(val);
22017
22018 if (UNEXPECTED(EG(exception) != NULL)) {
22019 ZEND_VM_CONTINUE();
22020 }
22021 }
22022 if (EXPECTED(retval != 0)) {
22023 #if DEBUG_ZEND>=2
22024 printf("Conditional jmp on true to %d\n", opline->extended_value);
22025 #endif
22026 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
22027 ZEND_VM_CONTINUE(); /* CHECK_ME */
22028 } else {
22029 #if DEBUG_ZEND>=2
22030 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
22031 #endif
22032 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
22033 ZEND_VM_CONTINUE(); /* CHECK_ME */
22034 }
22035 }
22036
ZEND_JMPZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22037 static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22038 {
22039 zend_op *opline = EX(opline);
22040
22041 zval *val = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22042 int retval;
22043
22044 if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
22045 retval = Z_LVAL_P(val);
22046 } else {
22047 retval = i_zend_is_true(val);
22048
22049 if (UNEXPECTED(EG(exception) != NULL)) {
22050 ZEND_VM_CONTINUE();
22051 }
22052 }
22053 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
22054 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
22055 if (!retval) {
22056 #if DEBUG_ZEND>=2
22057 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
22058 #endif
22059 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
22060 ZEND_VM_CONTINUE();
22061 }
22062 ZEND_VM_NEXT_OPCODE();
22063 }
22064
ZEND_JMPNZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22065 static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22066 {
22067 zend_op *opline = EX(opline);
22068
22069 zval *val = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22070 int retval;
22071
22072 if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
22073 retval = Z_LVAL_P(val);
22074 } else {
22075 retval = i_zend_is_true(val);
22076
22077 if (UNEXPECTED(EG(exception) != NULL)) {
22078 ZEND_VM_CONTINUE();
22079 }
22080 }
22081 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
22082 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
22083 if (retval) {
22084 #if DEBUG_ZEND>=2
22085 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
22086 #endif
22087 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
22088 ZEND_VM_CONTINUE();
22089 }
22090 ZEND_VM_NEXT_OPCODE();
22091 }
22092
ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22093 static int ZEND_FASTCALL ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22094 {
22095 zend_op *opline = EX(opline);
22096 zval *retval_ptr;
22097 zval **retval_ptr_ptr;
22098
22099
22100 if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
22101
22102 if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) {
22103 /* Not supposed to happen, but we'll allow it */
22104 zend_error(E_NOTICE, "Only variable references should be returned by reference");
22105 goto return_by_value;
22106 }
22107
22108 retval_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
22109
22110 if (IS_CV == IS_VAR && !retval_ptr_ptr) {
22111 zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
22112 }
22113
22114 if (IS_CV == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
22115 if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
22116 EX_T(opline->op1.u.var).var.fcall_returned_reference) {
22117 } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
22118 if (IS_CV == IS_VAR && !0) {
22119 PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
22120 }
22121 zend_error(E_NOTICE, "Only variable references should be returned by reference");
22122 goto return_by_value;
22123 }
22124 }
22125
22126 if (EG(return_value_ptr_ptr)) {
22127 SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
22128 Z_ADDREF_PP(retval_ptr_ptr);
22129
22130 (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
22131 }
22132 } else {
22133 return_by_value:
22134
22135 retval_ptr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22136
22137 if (!EG(return_value_ptr_ptr)) {
22138 if (IS_CV == IS_TMP_VAR) {
22139
22140 }
22141 } else if (!0) { /* Not a temp var */
22142 if (IS_CV == IS_CONST ||
22143 EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
22144 (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
22145 zval *ret;
22146
22147 ALLOC_ZVAL(ret);
22148 INIT_PZVAL_COPY(ret, retval_ptr);
22149 zval_copy_ctor(ret);
22150 *EG(return_value_ptr_ptr) = ret;
22151 } else if ((IS_CV == IS_CV || IS_CV == IS_VAR) &&
22152 retval_ptr == &EG(uninitialized_zval)) {
22153 zval *ret;
22154
22155 ALLOC_INIT_ZVAL(ret);
22156 *EG(return_value_ptr_ptr) = ret;
22157 } else {
22158 *EG(return_value_ptr_ptr) = retval_ptr;
22159 Z_ADDREF_P(retval_ptr);
22160 }
22161 } else {
22162 zval *ret;
22163
22164 ALLOC_ZVAL(ret);
22165 INIT_PZVAL_COPY(ret, retval_ptr);
22166 *EG(return_value_ptr_ptr) = ret;
22167 }
22168 }
22169
22170 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
22171 }
22172
ZEND_THROW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22173 static int ZEND_FASTCALL ZEND_THROW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22174 {
22175 zend_op *opline = EX(opline);
22176 zval *value;
22177 zval *exception;
22178
22179
22180 value = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22181
22182 if (IS_CV == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
22183 zend_error_noreturn(E_ERROR, "Can only throw objects");
22184 }
22185 zend_exception_save(TSRMLS_C);
22186 /* Not sure if a complete copy is what we want here */
22187 ALLOC_ZVAL(exception);
22188 INIT_PZVAL_COPY(exception, value);
22189 if (!0) {
22190 zval_copy_ctor(exception);
22191 }
22192
22193 zend_throw_exception_object(exception TSRMLS_CC);
22194 zend_exception_restore(TSRMLS_C);
22195
22196 ZEND_VM_NEXT_OPCODE();
22197 }
22198
ZEND_SEND_VAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22199 static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22200 {
22201 zend_op *opline = EX(opline);
22202 if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
22203 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
22204 zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
22205 }
22206 {
22207 zval *valptr;
22208 zval *value;
22209
22210
22211 value = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22212
22213 ALLOC_ZVAL(valptr);
22214 INIT_PZVAL_COPY(valptr, value);
22215 if (!0) {
22216 zval_copy_ctor(valptr);
22217 }
22218 zend_vm_stack_push(valptr TSRMLS_CC);
22219
22220 }
22221 ZEND_VM_NEXT_OPCODE();
22222 }
22223
zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS)22224 static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS)
22225 {
22226 zend_op *opline = EX(opline);
22227 zval *varptr;
22228
22229 varptr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22230
22231 if (varptr == &EG(uninitialized_zval)) {
22232 ALLOC_ZVAL(varptr);
22233 INIT_ZVAL(*varptr);
22234 Z_SET_REFCOUNT_P(varptr, 0);
22235 } else if (PZVAL_IS_REF(varptr)) {
22236 zval *original_var = varptr;
22237
22238 ALLOC_ZVAL(varptr);
22239 *varptr = *original_var;
22240 Z_UNSET_ISREF_P(varptr);
22241 Z_SET_REFCOUNT_P(varptr, 0);
22242 zval_copy_ctor(varptr);
22243 }
22244 Z_ADDREF_P(varptr);
22245 zend_vm_stack_push(varptr TSRMLS_CC);
22246 ; /* for string offsets */
22247
22248 ZEND_VM_NEXT_OPCODE();
22249 }
22250
ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22251 static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22252 {
22253 zend_op *opline = EX(opline);
22254 zend_free_op free_op1;
22255 zval *varptr;
22256
22257 if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */
22258 if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) {
22259 return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
22260 }
22261 } else if (!ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
22262 return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
22263 }
22264
22265 if (IS_CV == IS_VAR &&
22266 (opline->extended_value & ZEND_ARG_SEND_FUNCTION) &&
22267 EX_T(opline->op1.u.var).var.fcall_returned_reference &&
22268 EX_T(opline->op1.u.var).var.ptr) {
22269 varptr = EX_T(opline->op1.u.var).var.ptr;
22270 PZVAL_UNLOCK_EX(varptr, &free_op1, 0);
22271 } else {
22272 varptr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22273 }
22274 if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) ||
22275 EX_T(opline->op1.u.var).var.fcall_returned_reference) &&
22276 varptr != &EG(uninitialized_zval) &&
22277 (PZVAL_IS_REF(varptr) ||
22278 (Z_REFCOUNT_P(varptr) == 1 && (IS_CV == IS_CV || free_op1.var)))) {
22279 Z_SET_ISREF_P(varptr);
22280 Z_ADDREF_P(varptr);
22281 zend_vm_stack_push(varptr TSRMLS_CC);
22282 } else {
22283 zval *valptr;
22284
22285 if ((opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) ?
22286 !(opline->extended_value & ZEND_ARG_SEND_SILENT) :
22287 !ARG_MAY_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
22288 zend_error(E_STRICT, "Only variables should be passed by reference");
22289 }
22290 ALLOC_ZVAL(valptr);
22291 INIT_PZVAL_COPY(valptr, varptr);
22292 if (!0) {
22293 zval_copy_ctor(valptr);
22294 }
22295 zend_vm_stack_push(valptr TSRMLS_CC);
22296 }
22297
22298 ZEND_VM_NEXT_OPCODE();
22299 }
22300
ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22301 static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22302 {
22303 zend_op *opline = EX(opline);
22304
22305 zval **varptr_ptr;
22306 zval *varptr;
22307 varptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
22308
22309 if (IS_CV == IS_VAR && !varptr_ptr) {
22310 zend_error_noreturn(E_ERROR, "Only variables can be passed by reference");
22311 }
22312
22313 if (IS_CV == IS_VAR && *varptr_ptr == EG(error_zval_ptr)) {
22314 ALLOC_INIT_ZVAL(varptr);
22315 zend_vm_stack_push(varptr TSRMLS_CC);
22316 ZEND_VM_NEXT_OPCODE();
22317 }
22318
22319 if (opline->extended_value == ZEND_DO_FCALL_BY_NAME &&
22320 EX(function_state).function->type == ZEND_INTERNAL_FUNCTION &&
22321 !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
22322 return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
22323 }
22324
22325 SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr);
22326 varptr = *varptr_ptr;
22327 Z_ADDREF_P(varptr);
22328 zend_vm_stack_push(varptr TSRMLS_CC);
22329
22330 ZEND_VM_NEXT_OPCODE();
22331 }
22332
ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22333 static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22334 {
22335 zend_op *opline = EX(opline);
22336
22337 if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME)
22338 && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
22339 return ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
22340 }
22341 return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
22342 }
22343
ZEND_BOOL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22344 static int ZEND_FASTCALL ZEND_BOOL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22345 {
22346 zend_op *opline = EX(opline);
22347
22348
22349 /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
22350 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC));
22351 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
22352
22353 ZEND_VM_NEXT_OPCODE();
22354 }
22355
ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22356 static int ZEND_FASTCALL ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22357 {
22358 zend_op *opline = EX(opline);
22359
22360 zval *obj = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22361 zend_class_entry *ce;
22362 zend_function *clone;
22363 zend_object_clone_obj_t clone_call;
22364
22365 if (IS_CV == IS_CONST ||
22366 (IS_CV == IS_VAR && !obj) ||
22367 Z_TYPE_P(obj) != IS_OBJECT) {
22368 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
22369 }
22370
22371 ce = Z_OBJCE_P(obj);
22372 clone = ce ? ce->clone : NULL;
22373 clone_call = Z_OBJ_HT_P(obj)->clone_obj;
22374 if (!clone_call) {
22375 if (ce) {
22376 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
22377 } else {
22378 zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
22379 }
22380 }
22381
22382 if (ce && clone) {
22383 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
22384 /* Ensure that if we're calling a private function, we're allowed to do so.
22385 */
22386 if (ce != EG(scope)) {
22387 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
22388 }
22389 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
22390 /* Ensure that if we're calling a protected function, we're allowed to do so.
22391 */
22392 if (!zend_check_protected(clone->common.scope, EG(scope))) {
22393 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
22394 }
22395 }
22396 }
22397
22398 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
22399 if (!EG(exception)) {
22400 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
22401 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
22402 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
22403 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
22404 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
22405 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
22406 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
22407 }
22408 }
22409
22410 ZEND_VM_NEXT_OPCODE();
22411 }
22412
ZEND_CAST_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22413 static int ZEND_FASTCALL ZEND_CAST_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22414 {
22415 zend_op *opline = EX(opline);
22416
22417 zval *expr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22418 zval *result = &EX_T(opline->result.u.var).tmp_var;
22419
22420 if (opline->extended_value != IS_STRING) {
22421 *result = *expr;
22422 if (!0) {
22423 zendi_zval_copy_ctor(*result);
22424 }
22425 }
22426 switch (opline->extended_value) {
22427 case IS_NULL:
22428 convert_to_null(result);
22429 break;
22430 case IS_BOOL:
22431 convert_to_boolean(result);
22432 break;
22433 case IS_LONG:
22434 convert_to_long(result);
22435 break;
22436 case IS_DOUBLE:
22437 convert_to_double(result);
22438 break;
22439 case IS_STRING: {
22440 zval var_copy;
22441 int use_copy;
22442
22443 zend_make_printable_zval(expr, &var_copy, &use_copy);
22444 if (use_copy) {
22445 *result = var_copy;
22446 if (0) {
22447
22448 }
22449 } else {
22450 *result = *expr;
22451 if (!0) {
22452 zendi_zval_copy_ctor(*result);
22453 }
22454 }
22455 break;
22456 }
22457 case IS_ARRAY:
22458 convert_to_array(result);
22459 break;
22460 case IS_OBJECT:
22461 convert_to_object(result);
22462 break;
22463 }
22464
22465 ZEND_VM_NEXT_OPCODE();
22466 }
22467
ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22468 static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22469 {
22470 zend_op *opline = EX(opline);
22471 zend_op_array *new_op_array=NULL;
22472 int return_value_used;
22473
22474 zval *inc_filename = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22475 zval *tmp_inc_filename = NULL;
22476 zend_bool failure_retval=0;
22477
22478 if (inc_filename->type!=IS_STRING) {
22479 MAKE_STD_ZVAL(tmp_inc_filename);
22480 *tmp_inc_filename = *inc_filename;
22481 zval_copy_ctor(tmp_inc_filename);
22482 convert_to_string(tmp_inc_filename);
22483 inc_filename = tmp_inc_filename;
22484 }
22485
22486 return_value_used = RETURN_VALUE_USED(opline);
22487
22488 if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
22489 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
22490 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
22491 } else {
22492 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
22493 }
22494 } else {
22495 switch (Z_LVAL(opline->op2.u.constant)) {
22496 case ZEND_INCLUDE_ONCE:
22497 case ZEND_REQUIRE_ONCE: {
22498 zend_file_handle file_handle;
22499 char *resolved_path;
22500
22501 resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
22502 if (resolved_path) {
22503 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
22504 } else {
22505 resolved_path = Z_STRVAL_P(inc_filename);
22506 }
22507
22508 if (failure_retval) {
22509 /* do nothing, file already included */
22510 } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
22511
22512 if (!file_handle.opened_path) {
22513 file_handle.opened_path = estrdup(resolved_path);
22514 }
22515
22516 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
22517 new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
22518 zend_destroy_file_handle(&file_handle TSRMLS_CC);
22519 } else {
22520 zend_file_handle_dtor(&file_handle TSRMLS_CC);
22521 failure_retval=1;
22522 }
22523 } else {
22524 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
22525 zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
22526 } else {
22527 zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
22528 }
22529 }
22530 if (resolved_path != Z_STRVAL_P(inc_filename)) {
22531 efree(resolved_path);
22532 }
22533 }
22534 break;
22535 case ZEND_INCLUDE:
22536 case ZEND_REQUIRE:
22537 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
22538 break;
22539 case ZEND_EVAL: {
22540 char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
22541
22542 new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
22543 efree(eval_desc);
22544 }
22545 break;
22546 EMPTY_SWITCH_DEFAULT_CASE()
22547 }
22548 }
22549 if (tmp_inc_filename) {
22550 zval_ptr_dtor(&tmp_inc_filename);
22551 }
22552
22553 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
22554 if (new_op_array && !EG(exception)) {
22555 EX(original_return_value) = EG(return_value_ptr_ptr);
22556 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
22557 EG(active_op_array) = new_op_array;
22558 EX_T(opline->result.u.var).var.ptr = NULL;
22559
22560 EX(current_object) = EX(object);
22561
22562 EX(function_state).function = (zend_function *) new_op_array;
22563 EX(object) = NULL;
22564
22565 if (!EG(active_symbol_table)) {
22566 zend_rebuild_symbol_table(TSRMLS_C);
22567 }
22568
22569 if (zend_execute == execute) {
22570 EX(call_opline) = opline;
22571 ZEND_VM_ENTER();
22572 } else {
22573 zend_execute(new_op_array TSRMLS_CC);
22574 }
22575
22576 EX(function_state).function = (zend_function *) EX(op_array);
22577 EX(object) = EX(current_object);
22578
22579 if (return_value_used) {
22580 if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
22581 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
22582 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
22583 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
22584 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
22585 }
22586 }
22587
22588 EG(opline_ptr) = &EX(opline);
22589 EG(active_op_array) = EX(op_array);
22590 EG(return_value_ptr_ptr) = EX(original_return_value);
22591 destroy_op_array(new_op_array TSRMLS_CC);
22592 efree(new_op_array);
22593 if (EG(exception)) {
22594 zend_throw_exception_internal(NULL TSRMLS_CC);
22595 }
22596 } else {
22597 if (return_value_used) {
22598 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
22599 INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
22600 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
22601 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
22602 }
22603 }
22604 ZEND_VM_NEXT_OPCODE();
22605 }
22606
ZEND_UNSET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22607 static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22608 {
22609 zend_op *opline = EX(opline);
22610 zval tmp, *varname;
22611 HashTable *target_symbol_table;
22612
22613
22614 if (IS_CV == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
22615 if (EG(active_symbol_table)) {
22616 zend_execute_data *ex = EX(prev_execute_data);
22617 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
22618
22619 if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
22620 while (ex && ex->symbol_table == EG(active_symbol_table)) {
22621 int i;
22622
22623 if (ex->op_array) {
22624 for (i = 0; i < ex->op_array->last_var; i++) {
22625 if (ex->op_array->vars[i].hash_value == cv->hash_value &&
22626 ex->op_array->vars[i].name_len == cv->name_len &&
22627 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
22628 ex->CVs[i] = NULL;
22629 break;
22630 }
22631 }
22632 }
22633 ex = ex->prev_execute_data;
22634 }
22635 }
22636 EX(CVs)[opline->op1.u.var] = NULL;
22637 } else if (EX(CVs)[opline->op1.u.var]) {
22638 zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
22639 EX(CVs)[opline->op1.u.var] = NULL;
22640 }
22641 ZEND_VM_NEXT_OPCODE();
22642 }
22643
22644 varname = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22645
22646 if (Z_TYPE_P(varname) != IS_STRING) {
22647 tmp = *varname;
22648 zval_copy_ctor(&tmp);
22649 convert_to_string(&tmp);
22650 varname = &tmp;
22651 } else if (IS_CV == IS_VAR || IS_CV == IS_CV) {
22652 Z_ADDREF_P(varname);
22653 }
22654
22655 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
22656 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
22657 } else {
22658 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
22659
22660 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
22661 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
22662 zend_execute_data *ex = execute_data;
22663
22664 do {
22665 int i;
22666
22667 if (ex->op_array) {
22668 for (i = 0; i < ex->op_array->last_var; i++) {
22669 if (ex->op_array->vars[i].hash_value == hash_value &&
22670 ex->op_array->vars[i].name_len == varname->value.str.len &&
22671 !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
22672 ex->CVs[i] = NULL;
22673 break;
22674 }
22675 }
22676 }
22677 ex = ex->prev_execute_data;
22678 } while (ex && ex->symbol_table == target_symbol_table);
22679 }
22680 }
22681
22682 if (varname == &tmp) {
22683 zval_dtor(&tmp);
22684 } else if (IS_CV == IS_VAR || IS_CV == IS_CV) {
22685 zval_ptr_dtor(&varname);
22686 }
22687
22688 ZEND_VM_NEXT_OPCODE();
22689 }
22690
ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22691 static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22692 {
22693 zend_op *opline = EX(opline);
22694
22695 zval *array_ptr, **array_ptr_ptr;
22696 HashTable *fe_ht;
22697 zend_object_iterator *iter = NULL;
22698 zend_class_entry *ce = NULL;
22699 zend_bool is_empty = 0;
22700
22701 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
22702 array_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22703 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
22704 ALLOC_INIT_ZVAL(array_ptr);
22705 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
22706 if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
22707 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
22708 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
22709 }
22710
22711 ce = Z_OBJCE_PP(array_ptr_ptr);
22712 if (!ce || ce->get_iterator == NULL) {
22713 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
22714 Z_ADDREF_PP(array_ptr_ptr);
22715 }
22716 array_ptr = *array_ptr_ptr;
22717 } else {
22718 if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
22719 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
22720 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
22721 Z_SET_ISREF_PP(array_ptr_ptr);
22722 }
22723 }
22724 array_ptr = *array_ptr_ptr;
22725 Z_ADDREF_P(array_ptr);
22726 }
22727 } else {
22728 array_ptr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22729 if (0) { /* IS_TMP_VAR */
22730 zval *tmp;
22731
22732 ALLOC_ZVAL(tmp);
22733 INIT_PZVAL_COPY(tmp, array_ptr);
22734 array_ptr = tmp;
22735 if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
22736 ce = Z_OBJCE_P(array_ptr);
22737 if (ce && ce->get_iterator) {
22738 Z_DELREF_P(array_ptr);
22739 }
22740 }
22741 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
22742 ce = Z_OBJCE_P(array_ptr);
22743 if (!ce || !ce->get_iterator) {
22744 Z_ADDREF_P(array_ptr);
22745 }
22746 } else if (IS_CV == IS_CONST ||
22747 ((IS_CV == IS_CV || IS_CV == IS_VAR) &&
22748 !Z_ISREF_P(array_ptr) &&
22749 Z_REFCOUNT_P(array_ptr) > 1)) {
22750 zval *tmp;
22751
22752 ALLOC_ZVAL(tmp);
22753 INIT_PZVAL_COPY(tmp, array_ptr);
22754 zval_copy_ctor(tmp);
22755 array_ptr = tmp;
22756 } else {
22757 Z_ADDREF_P(array_ptr);
22758 }
22759 }
22760
22761 if (ce && ce->get_iterator) {
22762 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
22763
22764 if (iter && !EG(exception)) {
22765 array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
22766 } else {
22767 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
22768
22769 } else {
22770
22771 }
22772 if (!EG(exception)) {
22773 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
22774 }
22775 zend_throw_exception_internal(NULL TSRMLS_CC);
22776 ZEND_VM_NEXT_OPCODE();
22777 }
22778 }
22779
22780 AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
22781 PZVAL_LOCK(array_ptr);
22782
22783 if (iter) {
22784 iter->index = 0;
22785 if (iter->funcs->rewind) {
22786 iter->funcs->rewind(iter TSRMLS_CC);
22787 if (EG(exception)) {
22788 Z_DELREF_P(array_ptr);
22789 zval_ptr_dtor(&array_ptr);
22790 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
22791
22792 } else {
22793
22794 }
22795 ZEND_VM_NEXT_OPCODE();
22796 }
22797 }
22798 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
22799 if (EG(exception)) {
22800 Z_DELREF_P(array_ptr);
22801 zval_ptr_dtor(&array_ptr);
22802 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
22803
22804 } else {
22805
22806 }
22807 ZEND_VM_NEXT_OPCODE();
22808 }
22809 iter->index = -1; /* will be set to 0 before using next handler */
22810 } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
22811 zend_hash_internal_pointer_reset(fe_ht);
22812 if (ce) {
22813 zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
22814 while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
22815 char *str_key;
22816 uint str_key_len;
22817 ulong int_key;
22818 zend_uchar key_type;
22819
22820 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
22821 if (key_type != HASH_KEY_NON_EXISTANT &&
22822 (key_type == HASH_KEY_IS_LONG ||
22823 zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
22824 break;
22825 }
22826 zend_hash_move_forward(fe_ht);
22827 }
22828 }
22829 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
22830 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
22831 } else {
22832 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
22833 is_empty = 1;
22834 }
22835
22836 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
22837
22838 } else {
22839
22840 }
22841 if (is_empty) {
22842 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
22843 } else {
22844 ZEND_VM_NEXT_OPCODE();
22845 }
22846 }
22847
ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22848 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22849 {
22850 zend_op *opline = EX(opline);
22851 zval **value;
22852 zend_bool isset = 1;
22853
22854 if (IS_CV == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
22855 if (EX(CVs)[opline->op1.u.var]) {
22856 value = EX(CVs)[opline->op1.u.var];
22857 } else if (EG(active_symbol_table)) {
22858 zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
22859
22860 if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
22861 isset = 0;
22862 }
22863 } else {
22864 isset = 0;
22865 }
22866 } else {
22867 HashTable *target_symbol_table;
22868
22869 zval tmp, *varname = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
22870
22871 if (Z_TYPE_P(varname) != IS_STRING) {
22872 tmp = *varname;
22873 zval_copy_ctor(&tmp);
22874 convert_to_string(&tmp);
22875 varname = &tmp;
22876 }
22877
22878 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
22879 value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
22880 if (!value) {
22881 isset = 0;
22882 }
22883 } else {
22884 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
22885 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
22886 isset = 0;
22887 }
22888 }
22889
22890 if (varname == &tmp) {
22891 zval_dtor(&tmp);
22892 }
22893
22894 }
22895
22896 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
22897
22898 switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
22899 case ZEND_ISSET:
22900 if (isset && Z_TYPE_PP(value) == IS_NULL) {
22901 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
22902 } else {
22903 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
22904 }
22905 break;
22906 case ZEND_ISEMPTY:
22907 if (!isset || !i_zend_is_true(*value)) {
22908 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
22909 } else {
22910 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
22911 }
22912 break;
22913 }
22914
22915 ZEND_VM_NEXT_OPCODE();
22916 }
22917
ZEND_EXIT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22918 static int ZEND_FASTCALL ZEND_EXIT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22919 {
22920 #if 0 || (IS_CV != IS_UNUSED)
22921 zend_op *opline = EX(opline);
22922 if (IS_CV != IS_UNUSED) {
22923
22924 zval *ptr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22925
22926 if (Z_TYPE_P(ptr) == IS_LONG) {
22927 EG(exit_status) = Z_LVAL_P(ptr);
22928 } else {
22929 zend_print_variable(ptr);
22930 }
22931
22932 }
22933 #endif
22934 zend_bailout();
22935 ZEND_VM_NEXT_OPCODE();
22936 }
22937
ZEND_JMP_SET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22938 static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22939 {
22940 zend_op *opline = EX(opline);
22941
22942 zval *value = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22943
22944 if (i_zend_is_true(value)) {
22945 EX_T(opline->result.u.var).tmp_var = *value;
22946 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
22947
22948 #if DEBUG_ZEND>=2
22949 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
22950 #endif
22951 ZEND_VM_JMP(opline->op2.u.jmp_addr);
22952 }
22953
22954 ZEND_VM_NEXT_OPCODE();
22955 }
22956
ZEND_QM_ASSIGN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22957 static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22958 {
22959 zend_op *opline = EX(opline);
22960
22961 zval *value = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22962
22963 EX_T(opline->result.u.var).tmp_var = *value;
22964 if (!0) {
22965 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
22966 }
22967
22968 ZEND_VM_NEXT_OPCODE();
22969 }
22970
ZEND_INSTANCEOF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22971 static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22972 {
22973 zend_op *opline = EX(opline);
22974
22975 zval *expr = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
22976 zend_bool result;
22977
22978 if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) {
22979 result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.u.var).class_entry TSRMLS_CC);
22980 } else {
22981 result = 0;
22982 }
22983 ZVAL_BOOL(&EX_T(opline->result.u.var).tmp_var, result);
22984
22985 ZEND_VM_NEXT_OPCODE();
22986 }
22987
ZEND_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)22988 static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
22989 {
22990 zend_op *opline = EX(opline);
22991
22992
22993 add_function(&EX_T(opline->result.u.var).tmp_var,
22994 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
22995 &opline->op2.u.constant TSRMLS_CC);
22996
22997
22998 ZEND_VM_NEXT_OPCODE();
22999 }
23000
ZEND_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23001 static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23002 {
23003 zend_op *opline = EX(opline);
23004
23005
23006 sub_function(&EX_T(opline->result.u.var).tmp_var,
23007 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23008 &opline->op2.u.constant TSRMLS_CC);
23009
23010
23011 ZEND_VM_NEXT_OPCODE();
23012 }
23013
ZEND_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23014 static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23015 {
23016 zend_op *opline = EX(opline);
23017
23018
23019 mul_function(&EX_T(opline->result.u.var).tmp_var,
23020 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23021 &opline->op2.u.constant TSRMLS_CC);
23022
23023
23024 ZEND_VM_NEXT_OPCODE();
23025 }
23026
ZEND_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23027 static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23028 {
23029 zend_op *opline = EX(opline);
23030
23031
23032 div_function(&EX_T(opline->result.u.var).tmp_var,
23033 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23034 &opline->op2.u.constant TSRMLS_CC);
23035
23036
23037 ZEND_VM_NEXT_OPCODE();
23038 }
23039
ZEND_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23040 static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23041 {
23042 zend_op *opline = EX(opline);
23043
23044
23045 mod_function(&EX_T(opline->result.u.var).tmp_var,
23046 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23047 &opline->op2.u.constant TSRMLS_CC);
23048
23049
23050 ZEND_VM_NEXT_OPCODE();
23051 }
23052
ZEND_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23053 static int ZEND_FASTCALL ZEND_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23054 {
23055 zend_op *opline = EX(opline);
23056
23057
23058 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
23059 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23060 &opline->op2.u.constant TSRMLS_CC);
23061
23062
23063 ZEND_VM_NEXT_OPCODE();
23064 }
23065
ZEND_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23066 static int ZEND_FASTCALL ZEND_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23067 {
23068 zend_op *opline = EX(opline);
23069
23070
23071 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
23072 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23073 &opline->op2.u.constant TSRMLS_CC);
23074
23075
23076 ZEND_VM_NEXT_OPCODE();
23077 }
23078
ZEND_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23079 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23080 {
23081 zend_op *opline = EX(opline);
23082
23083
23084 concat_function(&EX_T(opline->result.u.var).tmp_var,
23085 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23086 &opline->op2.u.constant TSRMLS_CC);
23087
23088
23089 ZEND_VM_NEXT_OPCODE();
23090 }
23091
ZEND_IS_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23092 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23093 {
23094 zend_op *opline = EX(opline);
23095
23096
23097 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
23098 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23099 &opline->op2.u.constant TSRMLS_CC);
23100
23101
23102 ZEND_VM_NEXT_OPCODE();
23103 }
23104
ZEND_IS_NOT_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23105 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23106 {
23107 zend_op *opline = EX(opline);
23108
23109 zval *result = &EX_T(opline->result.u.var).tmp_var;
23110
23111 is_identical_function(result,
23112 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23113 &opline->op2.u.constant TSRMLS_CC);
23114 Z_LVAL_P(result) = !Z_LVAL_P(result);
23115
23116
23117 ZEND_VM_NEXT_OPCODE();
23118 }
23119
ZEND_IS_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23120 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23121 {
23122 zend_op *opline = EX(opline);
23123
23124 zval *result = &EX_T(opline->result.u.var).tmp_var;
23125
23126 compare_function(result,
23127 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23128 &opline->op2.u.constant TSRMLS_CC);
23129 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
23130
23131
23132 ZEND_VM_NEXT_OPCODE();
23133 }
23134
ZEND_IS_NOT_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23135 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23136 {
23137 zend_op *opline = EX(opline);
23138
23139 zval *result = &EX_T(opline->result.u.var).tmp_var;
23140
23141 compare_function(result,
23142 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23143 &opline->op2.u.constant TSRMLS_CC);
23144 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
23145
23146
23147 ZEND_VM_NEXT_OPCODE();
23148 }
23149
ZEND_IS_SMALLER_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23150 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23151 {
23152 zend_op *opline = EX(opline);
23153
23154 zval *result = &EX_T(opline->result.u.var).tmp_var;
23155
23156 compare_function(result,
23157 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23158 &opline->op2.u.constant TSRMLS_CC);
23159 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
23160
23161
23162 ZEND_VM_NEXT_OPCODE();
23163 }
23164
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23165 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23166 {
23167 zend_op *opline = EX(opline);
23168
23169 zval *result = &EX_T(opline->result.u.var).tmp_var;
23170
23171 compare_function(result,
23172 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23173 &opline->op2.u.constant TSRMLS_CC);
23174 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
23175
23176
23177 ZEND_VM_NEXT_OPCODE();
23178 }
23179
ZEND_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23180 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23181 {
23182 zend_op *opline = EX(opline);
23183
23184
23185 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
23186 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23187 &opline->op2.u.constant TSRMLS_CC);
23188
23189
23190 ZEND_VM_NEXT_OPCODE();
23191 }
23192
ZEND_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23193 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23194 {
23195 zend_op *opline = EX(opline);
23196
23197
23198 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
23199 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23200 &opline->op2.u.constant TSRMLS_CC);
23201
23202
23203 ZEND_VM_NEXT_OPCODE();
23204 }
23205
ZEND_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23206 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23207 {
23208 zend_op *opline = EX(opline);
23209
23210
23211 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
23212 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23213 &opline->op2.u.constant TSRMLS_CC);
23214
23215
23216 ZEND_VM_NEXT_OPCODE();
23217 }
23218
ZEND_BOOL_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23219 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23220 {
23221 zend_op *opline = EX(opline);
23222
23223
23224 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
23225 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
23226 &opline->op2.u.constant TSRMLS_CC);
23227
23228
23229 ZEND_VM_NEXT_OPCODE();
23230 }
23231
zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)23232 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
23233 {
23234 zend_op *opline = EX(opline);
23235 zend_op *op_data = opline+1;
23236 zend_free_op free_op_data1;
23237 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23238 zval *object;
23239 zval *property = &opline->op2.u.constant;
23240 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
23241 znode *result = &opline->result;
23242 int have_get_ptr = 0;
23243
23244 if (IS_CV == IS_VAR && !object_ptr) {
23245 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
23246 }
23247
23248 EX_T(result->u.var).var.ptr_ptr = NULL;
23249 make_real_object(object_ptr TSRMLS_CC);
23250 object = *object_ptr;
23251
23252 if (Z_TYPE_P(object) != IS_OBJECT) {
23253 zend_error(E_WARNING, "Attempt to assign property of non-object");
23254
23255 FREE_OP(free_op_data1);
23256
23257 if (!RETURN_VALUE_UNUSED(result)) {
23258 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
23259 EX_T(result->u.var).var.ptr_ptr = NULL;
23260 PZVAL_LOCK(EG(uninitialized_zval_ptr));
23261 }
23262 } else {
23263 /* here we are sure we are dealing with an object */
23264 if (0) {
23265 MAKE_REAL_ZVAL_PTR(property);
23266 }
23267
23268 /* here property is a string */
23269 if (opline->extended_value == ZEND_ASSIGN_OBJ
23270 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
23271 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
23272 if (zptr != NULL) { /* NULL means no success in getting PTR */
23273 SEPARATE_ZVAL_IF_NOT_REF(zptr);
23274
23275 have_get_ptr = 1;
23276 binary_op(*zptr, *zptr, value TSRMLS_CC);
23277 if (!RETURN_VALUE_UNUSED(result)) {
23278 EX_T(result->u.var).var.ptr = *zptr;
23279 EX_T(result->u.var).var.ptr_ptr = NULL;
23280 PZVAL_LOCK(*zptr);
23281 }
23282 }
23283 }
23284
23285 if (!have_get_ptr) {
23286 zval *z = NULL;
23287
23288 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
23289 if (Z_OBJ_HT_P(object)->read_property) {
23290 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
23291 }
23292 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
23293 if (Z_OBJ_HT_P(object)->read_dimension) {
23294 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
23295 }
23296 }
23297 if (z) {
23298 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
23299 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
23300
23301 if (Z_REFCOUNT_P(z) == 0) {
23302 GC_REMOVE_ZVAL_FROM_BUFFER(z);
23303 zval_dtor(z);
23304 FREE_ZVAL(z);
23305 }
23306 z = value;
23307 }
23308 Z_ADDREF_P(z);
23309 SEPARATE_ZVAL_IF_NOT_REF(&z);
23310 binary_op(z, z, value TSRMLS_CC);
23311 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
23312 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
23313 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
23314 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
23315 }
23316 if (!RETURN_VALUE_UNUSED(result)) {
23317 EX_T(result->u.var).var.ptr = z;
23318 EX_T(result->u.var).var.ptr_ptr = NULL;
23319 PZVAL_LOCK(z);
23320 }
23321 zval_ptr_dtor(&z);
23322 } else {
23323 zend_error(E_WARNING, "Attempt to assign property of non-object");
23324 if (!RETURN_VALUE_UNUSED(result)) {
23325 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
23326 EX_T(result->u.var).var.ptr_ptr = NULL;
23327 PZVAL_LOCK(EG(uninitialized_zval_ptr));
23328 }
23329 }
23330 }
23331
23332 if (0) {
23333 zval_ptr_dtor(&property);
23334 } else {
23335
23336 }
23337 FREE_OP(free_op_data1);
23338 }
23339
23340 /* assign_obj has two opcodes! */
23341 ZEND_VM_INC_OPCODE();
23342 ZEND_VM_NEXT_OPCODE();
23343 }
23344
zend_binary_assign_op_helper_SPEC_CV_CONST(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)23345 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
23346 {
23347 zend_op *opline = EX(opline);
23348 zend_free_op free_op_data2, free_op_data1;
23349 zval **var_ptr;
23350 zval *value;
23351
23352 switch (opline->extended_value) {
23353 case ZEND_ASSIGN_OBJ:
23354 return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23355 break;
23356 case ZEND_ASSIGN_DIM: {
23357 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
23358
23359 if (IS_CV == IS_VAR && !container) {
23360 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23361 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
23362 if (IS_CV == IS_VAR && !0) {
23363 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
23364 }
23365 return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23366 } else {
23367 zend_op *op_data = opline+1;
23368 zval *dim = &opline->op2.u.constant;
23369
23370 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
23371 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
23372 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
23373 ZEND_VM_INC_OPCODE();
23374 }
23375 }
23376 break;
23377 default:
23378 value = &opline->op2.u.constant;
23379 var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
23380 /* do nothing */
23381 break;
23382 }
23383
23384 if (!var_ptr) {
23385 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
23386 }
23387
23388 if (*var_ptr == EG(error_zval_ptr)) {
23389 if (!RETURN_VALUE_UNUSED(&opline->result)) {
23390 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
23391 PZVAL_LOCK(EG(uninitialized_zval_ptr));
23392 }
23393
23394
23395 ZEND_VM_NEXT_OPCODE();
23396 }
23397
23398 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
23399
23400 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
23401 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
23402 /* proxy object */
23403 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
23404 Z_ADDREF_P(objval);
23405 binary_op(objval, objval, value TSRMLS_CC);
23406 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
23407 zval_ptr_dtor(&objval);
23408 } else {
23409 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
23410 }
23411
23412 if (!RETURN_VALUE_UNUSED(&opline->result)) {
23413 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
23414 PZVAL_LOCK(*var_ptr);
23415 }
23416
23417 if (opline->extended_value == ZEND_ASSIGN_DIM) {
23418 FREE_OP(free_op_data1);
23419 FREE_OP_VAR_PTR(free_op_data2);
23420 }
23421
23422 ZEND_VM_NEXT_OPCODE();
23423 }
23424
ZEND_ASSIGN_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23425 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23426 {
23427 return zend_binary_assign_op_helper_SPEC_CV_CONST(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23428 }
23429
ZEND_ASSIGN_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23430 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23431 {
23432 return zend_binary_assign_op_helper_SPEC_CV_CONST(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23433 }
23434
ZEND_ASSIGN_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23435 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23436 {
23437 return zend_binary_assign_op_helper_SPEC_CV_CONST(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23438 }
23439
ZEND_ASSIGN_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23440 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23441 {
23442 return zend_binary_assign_op_helper_SPEC_CV_CONST(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23443 }
23444
ZEND_ASSIGN_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23445 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23446 {
23447 return zend_binary_assign_op_helper_SPEC_CV_CONST(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23448 }
23449
ZEND_ASSIGN_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23450 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23451 {
23452 return zend_binary_assign_op_helper_SPEC_CV_CONST(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23453 }
23454
ZEND_ASSIGN_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23455 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23456 {
23457 return zend_binary_assign_op_helper_SPEC_CV_CONST(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23458 }
23459
ZEND_ASSIGN_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23460 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23461 {
23462 return zend_binary_assign_op_helper_SPEC_CV_CONST(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23463 }
23464
ZEND_ASSIGN_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23465 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23466 {
23467 return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23468 }
23469
ZEND_ASSIGN_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23470 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23471 {
23472 return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23473 }
23474
ZEND_ASSIGN_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23475 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23476 {
23477 return zend_binary_assign_op_helper_SPEC_CV_CONST(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23478 }
23479
zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)23480 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
23481 {
23482 zend_op *opline = EX(opline);
23483
23484 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23485 zval *object;
23486 zval *property = &opline->op2.u.constant;
23487 zval **retval = &EX_T(opline->result.u.var).var.ptr;
23488 int have_get_ptr = 0;
23489
23490 if (IS_CV == IS_VAR && !object_ptr) {
23491 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
23492 }
23493
23494 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
23495 object = *object_ptr;
23496
23497 if (Z_TYPE_P(object) != IS_OBJECT) {
23498 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
23499
23500 if (!RETURN_VALUE_UNUSED(&opline->result)) {
23501 *retval = EG(uninitialized_zval_ptr);
23502 PZVAL_LOCK(*retval);
23503 }
23504
23505 ZEND_VM_NEXT_OPCODE();
23506 }
23507
23508 /* here we are sure we are dealing with an object */
23509
23510 if (0) {
23511 MAKE_REAL_ZVAL_PTR(property);
23512 }
23513
23514 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
23515 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
23516 if (zptr != NULL) { /* NULL means no success in getting PTR */
23517 SEPARATE_ZVAL_IF_NOT_REF(zptr);
23518
23519 have_get_ptr = 1;
23520 incdec_op(*zptr);
23521 if (!RETURN_VALUE_UNUSED(&opline->result)) {
23522 *retval = *zptr;
23523 PZVAL_LOCK(*retval);
23524 }
23525 }
23526 }
23527
23528 if (!have_get_ptr) {
23529 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
23530 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
23531
23532 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
23533 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
23534
23535 if (Z_REFCOUNT_P(z) == 0) {
23536 GC_REMOVE_ZVAL_FROM_BUFFER(z);
23537 zval_dtor(z);
23538 FREE_ZVAL(z);
23539 }
23540 z = value;
23541 }
23542 Z_ADDREF_P(z);
23543 SEPARATE_ZVAL_IF_NOT_REF(&z);
23544 incdec_op(z);
23545 *retval = z;
23546 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
23547 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
23548 zval_ptr_dtor(&z);
23549 } else {
23550 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
23551 if (!RETURN_VALUE_UNUSED(&opline->result)) {
23552 *retval = EG(uninitialized_zval_ptr);
23553 PZVAL_LOCK(*retval);
23554 }
23555 }
23556 }
23557
23558 if (0) {
23559 zval_ptr_dtor(&property);
23560 } else {
23561
23562 }
23563
23564 ZEND_VM_NEXT_OPCODE();
23565 }
23566
ZEND_PRE_INC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23567 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23568 {
23569 return zend_pre_incdec_property_helper_SPEC_CV_CONST(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23570 }
23571
ZEND_PRE_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23572 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23573 {
23574 return zend_pre_incdec_property_helper_SPEC_CV_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23575 }
23576
zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)23577 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
23578 {
23579 zend_op *opline = EX(opline);
23580
23581 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23582 zval *object;
23583 zval *property = &opline->op2.u.constant;
23584 zval *retval = &EX_T(opline->result.u.var).tmp_var;
23585 int have_get_ptr = 0;
23586
23587 if (IS_CV == IS_VAR && !object_ptr) {
23588 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
23589 }
23590
23591 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
23592 object = *object_ptr;
23593
23594 if (Z_TYPE_P(object) != IS_OBJECT) {
23595 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
23596
23597 *retval = *EG(uninitialized_zval_ptr);
23598
23599 ZEND_VM_NEXT_OPCODE();
23600 }
23601
23602 /* here we are sure we are dealing with an object */
23603
23604 if (0) {
23605 MAKE_REAL_ZVAL_PTR(property);
23606 }
23607
23608 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
23609 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
23610 if (zptr != NULL) { /* NULL means no success in getting PTR */
23611 have_get_ptr = 1;
23612 SEPARATE_ZVAL_IF_NOT_REF(zptr);
23613
23614 *retval = **zptr;
23615 zendi_zval_copy_ctor(*retval);
23616
23617 incdec_op(*zptr);
23618
23619 }
23620 }
23621
23622 if (!have_get_ptr) {
23623 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
23624 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
23625 zval *z_copy;
23626
23627 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
23628 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
23629
23630 if (Z_REFCOUNT_P(z) == 0) {
23631 GC_REMOVE_ZVAL_FROM_BUFFER(z);
23632 zval_dtor(z);
23633 FREE_ZVAL(z);
23634 }
23635 z = value;
23636 }
23637 *retval = *z;
23638 zendi_zval_copy_ctor(*retval);
23639 ALLOC_ZVAL(z_copy);
23640 *z_copy = *z;
23641 zendi_zval_copy_ctor(*z_copy);
23642 INIT_PZVAL(z_copy);
23643 incdec_op(z_copy);
23644 Z_ADDREF_P(z);
23645 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
23646 zval_ptr_dtor(&z_copy);
23647 zval_ptr_dtor(&z);
23648 } else {
23649 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
23650 *retval = *EG(uninitialized_zval_ptr);
23651 }
23652 }
23653
23654 if (0) {
23655 zval_ptr_dtor(&property);
23656 } else {
23657
23658 }
23659
23660 ZEND_VM_NEXT_OPCODE();
23661 }
23662
ZEND_POST_INC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23663 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23664 {
23665 return zend_post_incdec_property_helper_SPEC_CV_CONST(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23666 }
23667
ZEND_POST_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23668 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23669 {
23670 return zend_post_incdec_property_helper_SPEC_CV_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23671 }
23672
ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23673 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23674 {
23675 zend_op *opline = EX(opline);
23676
23677 zval *dim = &opline->op2.u.constant;
23678 zval **container;
23679
23680 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
23681 IS_CV != IS_CV &&
23682 EX_T(opline->op1.u.var).var.ptr_ptr) {
23683 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
23684 }
23685 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
23686 if (IS_CV == IS_VAR && !container) {
23687 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23688 }
23689 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
23690
23691
23692 ZEND_VM_NEXT_OPCODE();
23693 }
23694
ZEND_FETCH_DIM_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23695 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23696 {
23697 zend_op *opline = EX(opline);
23698 zend_free_op free_op1;
23699 zval *dim = &opline->op2.u.constant;
23700 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23701
23702 if (IS_CV == IS_VAR && !container) {
23703 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23704 }
23705 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
23706
23707 if (IS_CV == IS_VAR && 0 &&
23708 READY_TO_DESTROY(free_op1.var)) {
23709 AI_USE_PTR(EX_T(opline->result.u.var).var);
23710 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
23711 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
23712 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
23713 }
23714 }
23715
23716 /* We are going to assign the result by reference */
23717 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
23718 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
23719 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
23720 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
23721 }
23722
23723 ZEND_VM_NEXT_OPCODE();
23724 }
23725
ZEND_FETCH_DIM_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23726 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23727 {
23728 zend_op *opline = EX(opline);
23729 zend_free_op free_op1;
23730 zval *dim = &opline->op2.u.constant;
23731 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
23732
23733 if (IS_CV == IS_VAR && !container) {
23734 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23735 }
23736 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
23737
23738 if (IS_CV == IS_VAR && 0 &&
23739 READY_TO_DESTROY(free_op1.var)) {
23740 AI_USE_PTR(EX_T(opline->result.u.var).var);
23741 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
23742 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
23743 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
23744 }
23745 }
23746
23747 ZEND_VM_NEXT_OPCODE();
23748 }
23749
ZEND_FETCH_DIM_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23750 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23751 {
23752 zend_op *opline = EX(opline);
23753
23754 zval *dim = &opline->op2.u.constant;
23755 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
23756
23757 if (IS_CV == IS_VAR && !container) {
23758 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23759 }
23760 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_IS TSRMLS_CC);
23761
23762
23763 ZEND_VM_NEXT_OPCODE();
23764 }
23765
ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23766 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23767 {
23768 zend_op *opline = EX(opline);
23769 zend_free_op free_op1;
23770 zval *dim = &opline->op2.u.constant;
23771 zval **container;
23772
23773 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
23774 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23775 if (IS_CV == IS_VAR && !container) {
23776 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23777 }
23778 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
23779 if (IS_CV == IS_VAR && 0 &&
23780 READY_TO_DESTROY(free_op1.var)) {
23781 AI_USE_PTR(EX_T(opline->result.u.var).var);
23782 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
23783 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
23784 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
23785 }
23786 }
23787 } else {
23788 if (IS_CONST == IS_UNUSED) {
23789 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
23790 }
23791 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
23792 if (IS_CV == IS_VAR && !container) {
23793 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23794 }
23795 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
23796 }
23797
23798
23799 ZEND_VM_NEXT_OPCODE();
23800 }
23801
ZEND_FETCH_DIM_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23802 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23803 {
23804 zend_op *opline = EX(opline);
23805 zend_free_op free_op1;
23806 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
23807 zval *dim = &opline->op2.u.constant;
23808
23809 /* Not needed in DIM_UNSET
23810 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
23811 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
23812 }
23813 */
23814 if (IS_CV == IS_CV) {
23815 if (container != &EG(uninitialized_zval_ptr)) {
23816 SEPARATE_ZVAL_IF_NOT_REF(container);
23817 }
23818 }
23819 if (IS_CV == IS_VAR && !container) {
23820 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
23821 }
23822 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_UNSET TSRMLS_CC);
23823
23824 if (IS_CV == IS_VAR && 0 &&
23825 READY_TO_DESTROY(free_op1.var)) {
23826 AI_USE_PTR(EX_T(opline->result.u.var).var);
23827 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
23828 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
23829 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
23830 }
23831 }
23832
23833 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
23834 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
23835 } else {
23836 zend_free_op free_res;
23837
23838 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
23839 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
23840 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
23841 }
23842 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
23843 FREE_OP_VAR_PTR(free_res);
23844 }
23845 ZEND_VM_NEXT_OPCODE();
23846 }
23847
zend_fetch_property_address_read_helper_SPEC_CV_CONST(int type,ZEND_OPCODE_HANDLER_ARGS)23848 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(int type, ZEND_OPCODE_HANDLER_ARGS)
23849 {
23850 zend_op *opline = EX(opline);
23851
23852 zval *container = _get_zval_ptr_cv(&opline->op1, EX(Ts), type TSRMLS_CC);
23853
23854 zval *offset = &opline->op2.u.constant;
23855
23856 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
23857 if (type != BP_VAR_IS) {
23858 zend_error(E_NOTICE, "Trying to get property of non-object");
23859 }
23860 if (!RETURN_VALUE_UNUSED(&opline->result)) {
23861 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
23862 PZVAL_LOCK(EG(uninitialized_zval_ptr));
23863 }
23864
23865 } else {
23866 zval *retval;
23867
23868 if (0) {
23869 MAKE_REAL_ZVAL_PTR(offset);
23870 }
23871
23872 /* here we are sure we are dealing with an object */
23873 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
23874
23875 if (RETURN_VALUE_UNUSED(&opline->result)) {
23876 if (Z_REFCOUNT_P(retval) == 0) {
23877 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
23878 zval_dtor(retval);
23879 FREE_ZVAL(retval);
23880 }
23881 } else {
23882 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
23883 PZVAL_LOCK(retval);
23884 }
23885
23886 if (0) {
23887 zval_ptr_dtor(&offset);
23888 } else {
23889
23890 }
23891 }
23892
23893 ZEND_VM_NEXT_OPCODE();
23894 }
23895
ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23896 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23897 {
23898 return zend_fetch_property_address_read_helper_SPEC_CV_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23899 }
23900
ZEND_FETCH_OBJ_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23901 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23902 {
23903 zend_op *opline = EX(opline);
23904 zend_free_op free_op1;
23905 zval *property = &opline->op2.u.constant;
23906 zval **container;
23907
23908 if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
23909 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
23910 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
23911 }
23912
23913 if (0) {
23914 MAKE_REAL_ZVAL_PTR(property);
23915 }
23916 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23917 if (IS_CV == IS_VAR && !container) {
23918 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
23919 }
23920 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
23921 if (0) {
23922 zval_ptr_dtor(&property);
23923 } else {
23924
23925 }
23926 if (IS_CV == IS_VAR && 0 &&
23927 READY_TO_DESTROY(free_op1.var)) {
23928 AI_USE_PTR(EX_T(opline->result.u.var).var);
23929 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
23930 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
23931 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
23932 }
23933 }
23934
23935 /* We are going to assign the result by reference */
23936 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
23937 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
23938 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
23939 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
23940 }
23941
23942 ZEND_VM_NEXT_OPCODE();
23943 }
23944
ZEND_FETCH_OBJ_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23945 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23946 {
23947 zend_op *opline = EX(opline);
23948 zend_free_op free_op1;
23949 zval *property = &opline->op2.u.constant;
23950 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
23951
23952 if (0) {
23953 MAKE_REAL_ZVAL_PTR(property);
23954 }
23955 if (IS_CV == IS_VAR && !container) {
23956 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
23957 }
23958 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
23959 if (0) {
23960 zval_ptr_dtor(&property);
23961 } else {
23962
23963 }
23964 if (IS_CV == IS_VAR && 0 &&
23965 READY_TO_DESTROY(free_op1.var)) {
23966 AI_USE_PTR(EX_T(opline->result.u.var).var);
23967 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
23968 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
23969 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
23970 }
23971 }
23972
23973 ZEND_VM_NEXT_OPCODE();
23974 }
23975
ZEND_FETCH_OBJ_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23976 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23977 {
23978 return zend_fetch_property_address_read_helper_SPEC_CV_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
23979 }
23980
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)23981 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
23982 {
23983 zend_op *opline = EX(opline);
23984
23985 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
23986 /* Behave like FETCH_OBJ_W */
23987 zend_free_op free_op1;
23988 zval *property = &opline->op2.u.constant;
23989 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
23990
23991 if (0) {
23992 MAKE_REAL_ZVAL_PTR(property);
23993 }
23994 if (IS_CV == IS_VAR && !container) {
23995 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
23996 }
23997 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
23998 if (0) {
23999 zval_ptr_dtor(&property);
24000 } else {
24001
24002 }
24003 if (IS_CV == IS_VAR && 0 &&
24004 READY_TO_DESTROY(free_op1.var)) {
24005 AI_USE_PTR(EX_T(opline->result.u.var).var);
24006 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
24007 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
24008 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
24009 }
24010 }
24011
24012 ZEND_VM_NEXT_OPCODE();
24013 } else {
24014 return zend_fetch_property_address_read_helper_SPEC_CV_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
24015 }
24016 }
24017
ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24018 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24019 {
24020 zend_op *opline = EX(opline);
24021 zend_free_op free_op1, free_res;
24022 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
24023 zval *property = &opline->op2.u.constant;
24024
24025 if (IS_CV == IS_CV) {
24026 if (container != &EG(uninitialized_zval_ptr)) {
24027 SEPARATE_ZVAL_IF_NOT_REF(container);
24028 }
24029 }
24030 if (0) {
24031 MAKE_REAL_ZVAL_PTR(property);
24032 }
24033 if (IS_CV == IS_VAR && !container) {
24034 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
24035 }
24036 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
24037 if (0) {
24038 zval_ptr_dtor(&property);
24039 } else {
24040
24041 }
24042 if (IS_CV == IS_VAR && 0 &&
24043 READY_TO_DESTROY(free_op1.var)) {
24044 AI_USE_PTR(EX_T(opline->result.u.var).var);
24045 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
24046 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
24047 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
24048 }
24049 }
24050
24051 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
24052 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
24053 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
24054 }
24055 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
24056 FREE_OP_VAR_PTR(free_res);
24057 ZEND_VM_NEXT_OPCODE();
24058 }
24059
ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24060 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24061 {
24062 zend_op *opline = EX(opline);
24063 zend_op *op_data = opline+1;
24064
24065 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
24066 zval *property_name = &opline->op2.u.constant;
24067
24068 if (0) {
24069 MAKE_REAL_ZVAL_PTR(property_name);
24070 }
24071 if (IS_CV == IS_VAR && !object_ptr) {
24072 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
24073 }
24074 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
24075 if (0) {
24076 zval_ptr_dtor(&property_name);
24077 } else {
24078
24079 }
24080
24081 /* assign_obj has two opcodes! */
24082 ZEND_VM_INC_OPCODE();
24083 ZEND_VM_NEXT_OPCODE();
24084 }
24085
ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24086 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24087 {
24088 zend_op *opline = EX(opline);
24089 zend_op *op_data = opline+1;
24090
24091 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
24092
24093 if (IS_CV == IS_VAR && !object_ptr) {
24094 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
24095 }
24096 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
24097
24098 zval *property_name = &opline->op2.u.constant;
24099
24100 if (0) {
24101 MAKE_REAL_ZVAL_PTR(property_name);
24102 }
24103 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
24104 if (0) {
24105 zval_ptr_dtor(&property_name);
24106 } else {
24107
24108 }
24109 } else {
24110 zend_free_op free_op_data1, free_op_data2;
24111 zval *value;
24112 zval *dim = &opline->op2.u.constant;
24113 zval **variable_ptr_ptr;
24114
24115 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
24116
24117 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
24118 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
24119 if (!variable_ptr_ptr) {
24120 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
24121 if (!RETURN_VALUE_UNUSED(&opline->result)) {
24122 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
24123 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
24124 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
24125 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
24126 }
24127 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
24128 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
24129 PZVAL_LOCK(EG(uninitialized_zval_ptr));
24130 }
24131 } else {
24132 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
24133 if (!RETURN_VALUE_UNUSED(&opline->result)) {
24134 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
24135 PZVAL_LOCK(value);
24136 }
24137 }
24138 FREE_OP_VAR_PTR(free_op_data2);
24139 FREE_OP_IF_VAR(free_op_data1);
24140 }
24141
24142 /* assign_dim has two opcodes! */
24143 ZEND_VM_INC_OPCODE();
24144 ZEND_VM_NEXT_OPCODE();
24145 }
24146
ZEND_ASSIGN_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24147 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24148 {
24149 zend_op *opline = EX(opline);
24150
24151 zval *value = &opline->op2.u.constant;
24152 zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
24153
24154 if (IS_CV == IS_VAR && !variable_ptr_ptr) {
24155 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_CONST TSRMLS_CC)) {
24156 if (!RETURN_VALUE_UNUSED(&opline->result)) {
24157 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
24158 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
24159 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
24160 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
24161 }
24162 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
24163 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
24164 PZVAL_LOCK(EG(uninitialized_zval_ptr));
24165 }
24166 } else {
24167 value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC);
24168 if (!RETURN_VALUE_UNUSED(&opline->result)) {
24169 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
24170 PZVAL_LOCK(value);
24171 }
24172 }
24173
24174 /* zend_assign_to_variable() always takes care of op2, never free it! */
24175
24176 ZEND_VM_NEXT_OPCODE();
24177 }
24178
ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24179 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24180 {
24181 zend_op *opline = EX(opline);
24182 zval *function_name;
24183 char *function_name_strval;
24184 int function_name_strlen;
24185
24186
24187 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
24188
24189 function_name = &opline->op2.u.constant;
24190
24191 if (Z_TYPE_P(function_name)!=IS_STRING) {
24192 zend_error_noreturn(E_ERROR, "Method name must be a string");
24193 }
24194
24195 function_name_strval = Z_STRVAL_P(function_name);
24196 function_name_strlen = Z_STRLEN_P(function_name);
24197
24198 EX(object) = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
24199
24200 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
24201 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
24202 zend_error_noreturn(E_ERROR, "Object does not support method calls");
24203 }
24204
24205 /* First, locate the function. */
24206 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
24207 if (!EX(fbc)) {
24208 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
24209 }
24210
24211 EX(called_scope) = Z_OBJCE_P(EX(object));
24212 } else {
24213 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
24214 }
24215
24216 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
24217 EX(object) = NULL;
24218 } else {
24219 if (!PZVAL_IS_REF(EX(object))) {
24220 Z_ADDREF_P(EX(object)); /* For $this pointer */
24221 } else {
24222 zval *this_ptr;
24223 ALLOC_ZVAL(this_ptr);
24224 INIT_PZVAL_COPY(this_ptr, EX(object));
24225 zval_copy_ctor(this_ptr);
24226 EX(object) = this_ptr;
24227 }
24228 }
24229
24230
24231 ZEND_VM_NEXT_OPCODE();
24232 }
24233
ZEND_CASE_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24234 static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24235 {
24236 zend_op *opline = EX(opline);
24237 int switch_expr_is_overloaded=0;
24238
24239
24240 if (IS_CV==IS_VAR) {
24241 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
24242 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
24243 } else {
24244 switch_expr_is_overloaded = 1;
24245 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
24246 }
24247 }
24248 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
24249 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24250 &opline->op2.u.constant TSRMLS_CC);
24251
24252 if (switch_expr_is_overloaded) {
24253 /* We only free op1 if this is a string offset,
24254 * Since if it is a TMP_VAR, it'll be reused by
24255 * other CASE opcodes (whereas string offsets
24256 * are allocated at each get_zval_ptr())
24257 */
24258
24259 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
24260 EX_T(opline->op1.u.var).var.ptr = NULL;
24261 }
24262 ZEND_VM_NEXT_OPCODE();
24263 }
24264
ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24265 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24266 {
24267 zend_op *opline = EX(opline);
24268
24269 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
24270 zval *expr_ptr;
24271 zval *offset=&opline->op2.u.constant;
24272
24273 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
24274 zval **expr_ptr_ptr = NULL;
24275
24276 if (opline->extended_value) {
24277 expr_ptr_ptr=_get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
24278 expr_ptr = *expr_ptr_ptr;
24279 } else {
24280 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
24281 }
24282 #else
24283 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
24284 #endif
24285
24286 if (0) { /* temporary variable */
24287 zval *new_expr;
24288
24289 ALLOC_ZVAL(new_expr);
24290 INIT_PZVAL_COPY(new_expr, expr_ptr);
24291 expr_ptr = new_expr;
24292 } else {
24293 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
24294 if (opline->extended_value) {
24295 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
24296 expr_ptr = *expr_ptr_ptr;
24297 Z_ADDREF_P(expr_ptr);
24298 } else
24299 #endif
24300 if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
24301 zval *new_expr;
24302
24303 ALLOC_ZVAL(new_expr);
24304 INIT_PZVAL_COPY(new_expr, expr_ptr);
24305 expr_ptr = new_expr;
24306 zendi_zval_copy_ctor(*expr_ptr);
24307 } else {
24308 Z_ADDREF_P(expr_ptr);
24309 }
24310 }
24311 if (offset) {
24312 switch (Z_TYPE_P(offset)) {
24313 case IS_DOUBLE:
24314 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
24315 break;
24316 case IS_LONG:
24317 case IS_BOOL:
24318 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
24319 break;
24320 case IS_STRING:
24321 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
24322 break;
24323 case IS_NULL:
24324 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
24325 break;
24326 default:
24327 zend_error(E_WARNING, "Illegal offset type");
24328 zval_ptr_dtor(&expr_ptr);
24329 /* do nothing */
24330 break;
24331 }
24332
24333 } else {
24334 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
24335 }
24336 if (opline->extended_value) {
24337
24338 } else {
24339
24340 }
24341 ZEND_VM_NEXT_OPCODE();
24342 }
24343
ZEND_INIT_ARRAY_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24344 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24345 {
24346 zend_op *opline = EX(opline);
24347
24348 array_init(&EX_T(opline->result.u.var).tmp_var);
24349 if (IS_CV == IS_UNUSED) {
24350 ZEND_VM_NEXT_OPCODE();
24351 #if 0 || IS_CV != IS_UNUSED
24352 } else {
24353 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
24354 #endif
24355 }
24356 }
24357
ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24358 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24359 {
24360 zend_op *opline = EX(opline);
24361
24362 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
24363 zval *offset;
24364
24365 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
24366 SEPARATE_ZVAL_IF_NOT_REF(container);
24367 }
24368 offset = &opline->op2.u.constant;
24369
24370 if (IS_CV != IS_VAR || container) {
24371 switch (Z_TYPE_PP(container)) {
24372 case IS_ARRAY: {
24373 HashTable *ht = Z_ARRVAL_PP(container);
24374
24375 switch (Z_TYPE_P(offset)) {
24376 case IS_DOUBLE:
24377 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
24378 break;
24379 case IS_RESOURCE:
24380 case IS_BOOL:
24381 case IS_LONG:
24382 zend_hash_index_del(ht, Z_LVAL_P(offset));
24383 break;
24384 case IS_STRING:
24385 if (IS_CONST == IS_CV || IS_CONST == IS_VAR) {
24386 Z_ADDREF_P(offset);
24387 }
24388 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
24389 ht == &EG(symbol_table)) {
24390 zend_execute_data *ex;
24391 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
24392
24393 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
24394 if (ex->op_array && ex->symbol_table == ht) {
24395 int i;
24396
24397 for (i = 0; i < ex->op_array->last_var; i++) {
24398 if (ex->op_array->vars[i].hash_value == hash_value &&
24399 ex->op_array->vars[i].name_len == offset->value.str.len &&
24400 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
24401 ex->CVs[i] = NULL;
24402 break;
24403 }
24404 }
24405 }
24406 }
24407 }
24408 if (IS_CONST == IS_CV || IS_CONST == IS_VAR) {
24409 zval_ptr_dtor(&offset);
24410 }
24411 break;
24412 case IS_NULL:
24413 zend_hash_del(ht, "", sizeof(""));
24414 break;
24415 default:
24416 zend_error(E_WARNING, "Illegal offset type in unset");
24417 break;
24418 }
24419
24420 break;
24421 }
24422 case IS_OBJECT:
24423 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
24424 zend_error_noreturn(E_ERROR, "Cannot use object as array");
24425 }
24426 if (0) {
24427 MAKE_REAL_ZVAL_PTR(offset);
24428 }
24429 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
24430 if (0) {
24431 zval_ptr_dtor(&offset);
24432 } else {
24433
24434 }
24435 break;
24436 case IS_STRING:
24437 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
24438 ZEND_VM_CONTINUE(); /* bailed out before */
24439 default:
24440
24441 break;
24442 }
24443 } else {
24444
24445 }
24446
24447 ZEND_VM_NEXT_OPCODE();
24448 }
24449
ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24450 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24451 {
24452 zend_op *opline = EX(opline);
24453
24454 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
24455 zval *offset = &opline->op2.u.constant;
24456
24457 if (IS_CV != IS_VAR || container) {
24458 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
24459 SEPARATE_ZVAL_IF_NOT_REF(container);
24460 }
24461 if (Z_TYPE_PP(container) == IS_OBJECT) {
24462 if (0) {
24463 MAKE_REAL_ZVAL_PTR(offset);
24464 }
24465 if (Z_OBJ_HT_P(*container)->unset_property) {
24466 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
24467 } else {
24468 zend_error(E_NOTICE, "Trying to unset property of non-object");
24469 }
24470 if (0) {
24471 zval_ptr_dtor(&offset);
24472 } else {
24473
24474 }
24475 } else {
24476
24477 }
24478 } else {
24479
24480 }
24481
24482 ZEND_VM_NEXT_OPCODE();
24483 }
24484
zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)24485 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
24486 {
24487 zend_op *opline = EX(opline);
24488
24489 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
24490 zval **value = NULL;
24491 int result = 0;
24492
24493 if (IS_CV != IS_VAR || container) {
24494
24495 zval *offset = &opline->op2.u.constant;
24496
24497 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
24498 HashTable *ht;
24499 int isset = 0;
24500
24501 ht = Z_ARRVAL_PP(container);
24502
24503 switch (Z_TYPE_P(offset)) {
24504 case IS_DOUBLE:
24505 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
24506 isset = 1;
24507 }
24508 break;
24509 case IS_RESOURCE:
24510 case IS_BOOL:
24511 case IS_LONG:
24512 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
24513 isset = 1;
24514 }
24515 break;
24516 case IS_STRING:
24517 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
24518 isset = 1;
24519 }
24520 break;
24521 case IS_NULL:
24522 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
24523 isset = 1;
24524 }
24525 break;
24526 default:
24527 zend_error(E_WARNING, "Illegal offset type in isset or empty");
24528
24529 break;
24530 }
24531
24532 switch (opline->extended_value) {
24533 case ZEND_ISSET:
24534 if (isset && Z_TYPE_PP(value) == IS_NULL) {
24535 result = 0;
24536 } else {
24537 result = isset;
24538 }
24539 break;
24540 case ZEND_ISEMPTY:
24541 if (!isset || !i_zend_is_true(*value)) {
24542 result = 0;
24543 } else {
24544 result = 1;
24545 }
24546 break;
24547 }
24548
24549 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
24550 if (0) {
24551 MAKE_REAL_ZVAL_PTR(offset);
24552 }
24553 if (prop_dim) {
24554 if (Z_OBJ_HT_P(*container)->has_property) {
24555 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
24556 } else {
24557 zend_error(E_NOTICE, "Trying to check property of non-object");
24558 result = 0;
24559 }
24560 } else {
24561 if (Z_OBJ_HT_P(*container)->has_dimension) {
24562 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
24563 } else {
24564 zend_error(E_NOTICE, "Trying to check element of non-array");
24565 result = 0;
24566 }
24567 }
24568 if (0) {
24569 zval_ptr_dtor(&offset);
24570 } else {
24571
24572 }
24573 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
24574 zval tmp;
24575
24576 if (Z_TYPE_P(offset) != IS_LONG) {
24577 tmp = *offset;
24578 zval_copy_ctor(&tmp);
24579 convert_to_long(&tmp);
24580 offset = &tmp;
24581 }
24582 if (Z_TYPE_P(offset) == IS_LONG) {
24583 switch (opline->extended_value) {
24584 case ZEND_ISSET:
24585 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
24586 result = 1;
24587 }
24588 break;
24589 case ZEND_ISEMPTY:
24590 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
24591 result = 1;
24592 }
24593 break;
24594 }
24595 }
24596
24597 } else {
24598
24599 }
24600 }
24601
24602 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
24603
24604 switch (opline->extended_value) {
24605 case ZEND_ISSET:
24606 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
24607 break;
24608 case ZEND_ISEMPTY:
24609 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
24610 break;
24611 }
24612
24613 ZEND_VM_NEXT_OPCODE();
24614 }
24615
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24616 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24617 {
24618 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
24619 }
24620
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24621 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24622 {
24623 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
24624 }
24625
ZEND_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24626 static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24627 {
24628 zend_op *opline = EX(opline);
24629 zend_free_op free_op2;
24630
24631 add_function(&EX_T(opline->result.u.var).tmp_var,
24632 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24633 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24634
24635 zval_dtor(free_op2.var);
24636 ZEND_VM_NEXT_OPCODE();
24637 }
24638
ZEND_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24639 static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24640 {
24641 zend_op *opline = EX(opline);
24642 zend_free_op free_op2;
24643
24644 sub_function(&EX_T(opline->result.u.var).tmp_var,
24645 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24646 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24647
24648 zval_dtor(free_op2.var);
24649 ZEND_VM_NEXT_OPCODE();
24650 }
24651
ZEND_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24652 static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24653 {
24654 zend_op *opline = EX(opline);
24655 zend_free_op free_op2;
24656
24657 mul_function(&EX_T(opline->result.u.var).tmp_var,
24658 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24659 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24660
24661 zval_dtor(free_op2.var);
24662 ZEND_VM_NEXT_OPCODE();
24663 }
24664
ZEND_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24665 static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24666 {
24667 zend_op *opline = EX(opline);
24668 zend_free_op free_op2;
24669
24670 div_function(&EX_T(opline->result.u.var).tmp_var,
24671 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24672 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24673
24674 zval_dtor(free_op2.var);
24675 ZEND_VM_NEXT_OPCODE();
24676 }
24677
ZEND_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24678 static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24679 {
24680 zend_op *opline = EX(opline);
24681 zend_free_op free_op2;
24682
24683 mod_function(&EX_T(opline->result.u.var).tmp_var,
24684 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24685 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24686
24687 zval_dtor(free_op2.var);
24688 ZEND_VM_NEXT_OPCODE();
24689 }
24690
ZEND_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24691 static int ZEND_FASTCALL ZEND_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24692 {
24693 zend_op *opline = EX(opline);
24694 zend_free_op free_op2;
24695
24696 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
24697 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24698 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24699
24700 zval_dtor(free_op2.var);
24701 ZEND_VM_NEXT_OPCODE();
24702 }
24703
ZEND_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24704 static int ZEND_FASTCALL ZEND_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24705 {
24706 zend_op *opline = EX(opline);
24707 zend_free_op free_op2;
24708
24709 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
24710 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24711 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24712
24713 zval_dtor(free_op2.var);
24714 ZEND_VM_NEXT_OPCODE();
24715 }
24716
ZEND_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24717 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24718 {
24719 zend_op *opline = EX(opline);
24720 zend_free_op free_op2;
24721
24722 concat_function(&EX_T(opline->result.u.var).tmp_var,
24723 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24724 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24725
24726 zval_dtor(free_op2.var);
24727 ZEND_VM_NEXT_OPCODE();
24728 }
24729
ZEND_IS_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24730 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24731 {
24732 zend_op *opline = EX(opline);
24733 zend_free_op free_op2;
24734
24735 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
24736 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24737 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24738
24739 zval_dtor(free_op2.var);
24740 ZEND_VM_NEXT_OPCODE();
24741 }
24742
ZEND_IS_NOT_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24743 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24744 {
24745 zend_op *opline = EX(opline);
24746 zend_free_op free_op2;
24747 zval *result = &EX_T(opline->result.u.var).tmp_var;
24748
24749 is_identical_function(result,
24750 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24751 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24752 Z_LVAL_P(result) = !Z_LVAL_P(result);
24753
24754 zval_dtor(free_op2.var);
24755 ZEND_VM_NEXT_OPCODE();
24756 }
24757
ZEND_IS_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24758 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24759 {
24760 zend_op *opline = EX(opline);
24761 zend_free_op free_op2;
24762 zval *result = &EX_T(opline->result.u.var).tmp_var;
24763
24764 compare_function(result,
24765 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24766 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24767 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
24768
24769 zval_dtor(free_op2.var);
24770 ZEND_VM_NEXT_OPCODE();
24771 }
24772
ZEND_IS_NOT_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24773 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24774 {
24775 zend_op *opline = EX(opline);
24776 zend_free_op free_op2;
24777 zval *result = &EX_T(opline->result.u.var).tmp_var;
24778
24779 compare_function(result,
24780 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24781 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24782 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
24783
24784 zval_dtor(free_op2.var);
24785 ZEND_VM_NEXT_OPCODE();
24786 }
24787
ZEND_IS_SMALLER_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24788 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24789 {
24790 zend_op *opline = EX(opline);
24791 zend_free_op free_op2;
24792 zval *result = &EX_T(opline->result.u.var).tmp_var;
24793
24794 compare_function(result,
24795 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24796 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24797 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
24798
24799 zval_dtor(free_op2.var);
24800 ZEND_VM_NEXT_OPCODE();
24801 }
24802
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24803 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24804 {
24805 zend_op *opline = EX(opline);
24806 zend_free_op free_op2;
24807 zval *result = &EX_T(opline->result.u.var).tmp_var;
24808
24809 compare_function(result,
24810 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24811 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24812 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
24813
24814 zval_dtor(free_op2.var);
24815 ZEND_VM_NEXT_OPCODE();
24816 }
24817
ZEND_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24818 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24819 {
24820 zend_op *opline = EX(opline);
24821 zend_free_op free_op2;
24822
24823 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
24824 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24825 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24826
24827 zval_dtor(free_op2.var);
24828 ZEND_VM_NEXT_OPCODE();
24829 }
24830
ZEND_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24831 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24832 {
24833 zend_op *opline = EX(opline);
24834 zend_free_op free_op2;
24835
24836 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
24837 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24838 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24839
24840 zval_dtor(free_op2.var);
24841 ZEND_VM_NEXT_OPCODE();
24842 }
24843
ZEND_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24844 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24845 {
24846 zend_op *opline = EX(opline);
24847 zend_free_op free_op2;
24848
24849 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
24850 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24851 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24852
24853 zval_dtor(free_op2.var);
24854 ZEND_VM_NEXT_OPCODE();
24855 }
24856
ZEND_BOOL_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)24857 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
24858 {
24859 zend_op *opline = EX(opline);
24860 zend_free_op free_op2;
24861
24862 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
24863 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
24864 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
24865
24866 zval_dtor(free_op2.var);
24867 ZEND_VM_NEXT_OPCODE();
24868 }
24869
zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)24870 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
24871 {
24872 zend_op *opline = EX(opline);
24873 zend_op *op_data = opline+1;
24874 zend_free_op free_op2, free_op_data1;
24875 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
24876 zval *object;
24877 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
24878 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
24879 znode *result = &opline->result;
24880 int have_get_ptr = 0;
24881
24882 if (IS_CV == IS_VAR && !object_ptr) {
24883 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
24884 }
24885
24886 EX_T(result->u.var).var.ptr_ptr = NULL;
24887 make_real_object(object_ptr TSRMLS_CC);
24888 object = *object_ptr;
24889
24890 if (Z_TYPE_P(object) != IS_OBJECT) {
24891 zend_error(E_WARNING, "Attempt to assign property of non-object");
24892 zval_dtor(free_op2.var);
24893 FREE_OP(free_op_data1);
24894
24895 if (!RETURN_VALUE_UNUSED(result)) {
24896 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
24897 EX_T(result->u.var).var.ptr_ptr = NULL;
24898 PZVAL_LOCK(EG(uninitialized_zval_ptr));
24899 }
24900 } else {
24901 /* here we are sure we are dealing with an object */
24902 if (1) {
24903 MAKE_REAL_ZVAL_PTR(property);
24904 }
24905
24906 /* here property is a string */
24907 if (opline->extended_value == ZEND_ASSIGN_OBJ
24908 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
24909 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
24910 if (zptr != NULL) { /* NULL means no success in getting PTR */
24911 SEPARATE_ZVAL_IF_NOT_REF(zptr);
24912
24913 have_get_ptr = 1;
24914 binary_op(*zptr, *zptr, value TSRMLS_CC);
24915 if (!RETURN_VALUE_UNUSED(result)) {
24916 EX_T(result->u.var).var.ptr = *zptr;
24917 EX_T(result->u.var).var.ptr_ptr = NULL;
24918 PZVAL_LOCK(*zptr);
24919 }
24920 }
24921 }
24922
24923 if (!have_get_ptr) {
24924 zval *z = NULL;
24925
24926 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
24927 if (Z_OBJ_HT_P(object)->read_property) {
24928 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
24929 }
24930 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
24931 if (Z_OBJ_HT_P(object)->read_dimension) {
24932 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
24933 }
24934 }
24935 if (z) {
24936 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
24937 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
24938
24939 if (Z_REFCOUNT_P(z) == 0) {
24940 GC_REMOVE_ZVAL_FROM_BUFFER(z);
24941 zval_dtor(z);
24942 FREE_ZVAL(z);
24943 }
24944 z = value;
24945 }
24946 Z_ADDREF_P(z);
24947 SEPARATE_ZVAL_IF_NOT_REF(&z);
24948 binary_op(z, z, value TSRMLS_CC);
24949 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
24950 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
24951 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
24952 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
24953 }
24954 if (!RETURN_VALUE_UNUSED(result)) {
24955 EX_T(result->u.var).var.ptr = z;
24956 EX_T(result->u.var).var.ptr_ptr = NULL;
24957 PZVAL_LOCK(z);
24958 }
24959 zval_ptr_dtor(&z);
24960 } else {
24961 zend_error(E_WARNING, "Attempt to assign property of non-object");
24962 if (!RETURN_VALUE_UNUSED(result)) {
24963 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
24964 EX_T(result->u.var).var.ptr_ptr = NULL;
24965 PZVAL_LOCK(EG(uninitialized_zval_ptr));
24966 }
24967 }
24968 }
24969
24970 if (1) {
24971 zval_ptr_dtor(&property);
24972 } else {
24973 zval_dtor(free_op2.var);
24974 }
24975 FREE_OP(free_op_data1);
24976 }
24977
24978 /* assign_obj has two opcodes! */
24979 ZEND_VM_INC_OPCODE();
24980 ZEND_VM_NEXT_OPCODE();
24981 }
24982
zend_binary_assign_op_helper_SPEC_CV_TMP(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)24983 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
24984 {
24985 zend_op *opline = EX(opline);
24986 zend_free_op free_op2, free_op_data2, free_op_data1;
24987 zval **var_ptr;
24988 zval *value;
24989
24990 switch (opline->extended_value) {
24991 case ZEND_ASSIGN_OBJ:
24992 return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
24993 break;
24994 case ZEND_ASSIGN_DIM: {
24995 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
24996
24997 if (IS_CV == IS_VAR && !container) {
24998 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
24999 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
25000 if (IS_CV == IS_VAR && !0) {
25001 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
25002 }
25003 return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25004 } else {
25005 zend_op *op_data = opline+1;
25006 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25007
25008 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 1, BP_VAR_RW TSRMLS_CC);
25009 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
25010 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
25011 ZEND_VM_INC_OPCODE();
25012 }
25013 }
25014 break;
25015 default:
25016 value = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25017 var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
25018 /* do nothing */
25019 break;
25020 }
25021
25022 if (!var_ptr) {
25023 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
25024 }
25025
25026 if (*var_ptr == EG(error_zval_ptr)) {
25027 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25028 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
25029 PZVAL_LOCK(EG(uninitialized_zval_ptr));
25030 }
25031 zval_dtor(free_op2.var);
25032
25033 ZEND_VM_NEXT_OPCODE();
25034 }
25035
25036 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
25037
25038 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
25039 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
25040 /* proxy object */
25041 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
25042 Z_ADDREF_P(objval);
25043 binary_op(objval, objval, value TSRMLS_CC);
25044 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
25045 zval_ptr_dtor(&objval);
25046 } else {
25047 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
25048 }
25049
25050 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25051 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
25052 PZVAL_LOCK(*var_ptr);
25053 }
25054 zval_dtor(free_op2.var);
25055
25056 if (opline->extended_value == ZEND_ASSIGN_DIM) {
25057 FREE_OP(free_op_data1);
25058 FREE_OP_VAR_PTR(free_op_data2);
25059 }
25060
25061 ZEND_VM_NEXT_OPCODE();
25062 }
25063
ZEND_ASSIGN_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25064 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25065 {
25066 return zend_binary_assign_op_helper_SPEC_CV_TMP(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25067 }
25068
ZEND_ASSIGN_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25069 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25070 {
25071 return zend_binary_assign_op_helper_SPEC_CV_TMP(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25072 }
25073
ZEND_ASSIGN_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25074 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25075 {
25076 return zend_binary_assign_op_helper_SPEC_CV_TMP(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25077 }
25078
ZEND_ASSIGN_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25079 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25080 {
25081 return zend_binary_assign_op_helper_SPEC_CV_TMP(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25082 }
25083
ZEND_ASSIGN_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25084 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25085 {
25086 return zend_binary_assign_op_helper_SPEC_CV_TMP(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25087 }
25088
ZEND_ASSIGN_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25089 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25090 {
25091 return zend_binary_assign_op_helper_SPEC_CV_TMP(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25092 }
25093
ZEND_ASSIGN_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25094 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25095 {
25096 return zend_binary_assign_op_helper_SPEC_CV_TMP(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25097 }
25098
ZEND_ASSIGN_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25099 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25100 {
25101 return zend_binary_assign_op_helper_SPEC_CV_TMP(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25102 }
25103
ZEND_ASSIGN_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25104 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25105 {
25106 return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25107 }
25108
ZEND_ASSIGN_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25109 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25110 {
25111 return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25112 }
25113
ZEND_ASSIGN_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25114 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25115 {
25116 return zend_binary_assign_op_helper_SPEC_CV_TMP(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25117 }
25118
zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)25119 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
25120 {
25121 zend_op *opline = EX(opline);
25122 zend_free_op free_op2;
25123 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25124 zval *object;
25125 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25126 zval **retval = &EX_T(opline->result.u.var).var.ptr;
25127 int have_get_ptr = 0;
25128
25129 if (IS_CV == IS_VAR && !object_ptr) {
25130 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
25131 }
25132
25133 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
25134 object = *object_ptr;
25135
25136 if (Z_TYPE_P(object) != IS_OBJECT) {
25137 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
25138 zval_dtor(free_op2.var);
25139 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25140 *retval = EG(uninitialized_zval_ptr);
25141 PZVAL_LOCK(*retval);
25142 }
25143
25144 ZEND_VM_NEXT_OPCODE();
25145 }
25146
25147 /* here we are sure we are dealing with an object */
25148
25149 if (1) {
25150 MAKE_REAL_ZVAL_PTR(property);
25151 }
25152
25153 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
25154 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
25155 if (zptr != NULL) { /* NULL means no success in getting PTR */
25156 SEPARATE_ZVAL_IF_NOT_REF(zptr);
25157
25158 have_get_ptr = 1;
25159 incdec_op(*zptr);
25160 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25161 *retval = *zptr;
25162 PZVAL_LOCK(*retval);
25163 }
25164 }
25165 }
25166
25167 if (!have_get_ptr) {
25168 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
25169 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
25170
25171 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
25172 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
25173
25174 if (Z_REFCOUNT_P(z) == 0) {
25175 GC_REMOVE_ZVAL_FROM_BUFFER(z);
25176 zval_dtor(z);
25177 FREE_ZVAL(z);
25178 }
25179 z = value;
25180 }
25181 Z_ADDREF_P(z);
25182 SEPARATE_ZVAL_IF_NOT_REF(&z);
25183 incdec_op(z);
25184 *retval = z;
25185 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
25186 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
25187 zval_ptr_dtor(&z);
25188 } else {
25189 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
25190 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25191 *retval = EG(uninitialized_zval_ptr);
25192 PZVAL_LOCK(*retval);
25193 }
25194 }
25195 }
25196
25197 if (1) {
25198 zval_ptr_dtor(&property);
25199 } else {
25200 zval_dtor(free_op2.var);
25201 }
25202
25203 ZEND_VM_NEXT_OPCODE();
25204 }
25205
ZEND_PRE_INC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25206 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25207 {
25208 return zend_pre_incdec_property_helper_SPEC_CV_TMP(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25209 }
25210
ZEND_PRE_DEC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25211 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25212 {
25213 return zend_pre_incdec_property_helper_SPEC_CV_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25214 }
25215
zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)25216 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
25217 {
25218 zend_op *opline = EX(opline);
25219 zend_free_op free_op2;
25220 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25221 zval *object;
25222 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25223 zval *retval = &EX_T(opline->result.u.var).tmp_var;
25224 int have_get_ptr = 0;
25225
25226 if (IS_CV == IS_VAR && !object_ptr) {
25227 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
25228 }
25229
25230 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
25231 object = *object_ptr;
25232
25233 if (Z_TYPE_P(object) != IS_OBJECT) {
25234 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
25235 zval_dtor(free_op2.var);
25236 *retval = *EG(uninitialized_zval_ptr);
25237
25238 ZEND_VM_NEXT_OPCODE();
25239 }
25240
25241 /* here we are sure we are dealing with an object */
25242
25243 if (1) {
25244 MAKE_REAL_ZVAL_PTR(property);
25245 }
25246
25247 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
25248 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
25249 if (zptr != NULL) { /* NULL means no success in getting PTR */
25250 have_get_ptr = 1;
25251 SEPARATE_ZVAL_IF_NOT_REF(zptr);
25252
25253 *retval = **zptr;
25254 zendi_zval_copy_ctor(*retval);
25255
25256 incdec_op(*zptr);
25257
25258 }
25259 }
25260
25261 if (!have_get_ptr) {
25262 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
25263 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
25264 zval *z_copy;
25265
25266 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
25267 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
25268
25269 if (Z_REFCOUNT_P(z) == 0) {
25270 GC_REMOVE_ZVAL_FROM_BUFFER(z);
25271 zval_dtor(z);
25272 FREE_ZVAL(z);
25273 }
25274 z = value;
25275 }
25276 *retval = *z;
25277 zendi_zval_copy_ctor(*retval);
25278 ALLOC_ZVAL(z_copy);
25279 *z_copy = *z;
25280 zendi_zval_copy_ctor(*z_copy);
25281 INIT_PZVAL(z_copy);
25282 incdec_op(z_copy);
25283 Z_ADDREF_P(z);
25284 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
25285 zval_ptr_dtor(&z_copy);
25286 zval_ptr_dtor(&z);
25287 } else {
25288 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
25289 *retval = *EG(uninitialized_zval_ptr);
25290 }
25291 }
25292
25293 if (1) {
25294 zval_ptr_dtor(&property);
25295 } else {
25296 zval_dtor(free_op2.var);
25297 }
25298
25299 ZEND_VM_NEXT_OPCODE();
25300 }
25301
ZEND_POST_INC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25302 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25303 {
25304 return zend_post_incdec_property_helper_SPEC_CV_TMP(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25305 }
25306
ZEND_POST_DEC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25307 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25308 {
25309 return zend_post_incdec_property_helper_SPEC_CV_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25310 }
25311
ZEND_FETCH_DIM_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25312 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25313 {
25314 zend_op *opline = EX(opline);
25315 zend_free_op free_op2;
25316 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25317 zval **container;
25318
25319 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
25320 IS_CV != IS_CV &&
25321 EX_T(opline->op1.u.var).var.ptr_ptr) {
25322 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
25323 }
25324 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
25325 if (IS_CV == IS_VAR && !container) {
25326 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25327 }
25328 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_R TSRMLS_CC);
25329 zval_dtor(free_op2.var);
25330
25331 ZEND_VM_NEXT_OPCODE();
25332 }
25333
ZEND_FETCH_DIM_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25334 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25335 {
25336 zend_op *opline = EX(opline);
25337 zend_free_op free_op1, free_op2;
25338 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25339 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25340
25341 if (IS_CV == IS_VAR && !container) {
25342 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25343 }
25344 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_W TSRMLS_CC);
25345 zval_dtor(free_op2.var);
25346 if (IS_CV == IS_VAR && 0 &&
25347 READY_TO_DESTROY(free_op1.var)) {
25348 AI_USE_PTR(EX_T(opline->result.u.var).var);
25349 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25350 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25351 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25352 }
25353 }
25354
25355 /* We are going to assign the result by reference */
25356 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
25357 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
25358 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
25359 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
25360 }
25361
25362 ZEND_VM_NEXT_OPCODE();
25363 }
25364
ZEND_FETCH_DIM_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25365 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25366 {
25367 zend_op *opline = EX(opline);
25368 zend_free_op free_op1, free_op2;
25369 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25370 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
25371
25372 if (IS_CV == IS_VAR && !container) {
25373 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25374 }
25375 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_RW TSRMLS_CC);
25376 zval_dtor(free_op2.var);
25377 if (IS_CV == IS_VAR && 0 &&
25378 READY_TO_DESTROY(free_op1.var)) {
25379 AI_USE_PTR(EX_T(opline->result.u.var).var);
25380 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25381 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25382 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25383 }
25384 }
25385
25386 ZEND_VM_NEXT_OPCODE();
25387 }
25388
ZEND_FETCH_DIM_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25389 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25390 {
25391 zend_op *opline = EX(opline);
25392 zend_free_op free_op2;
25393 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25394 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
25395
25396 if (IS_CV == IS_VAR && !container) {
25397 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25398 }
25399 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_IS TSRMLS_CC);
25400 zval_dtor(free_op2.var);
25401
25402 ZEND_VM_NEXT_OPCODE();
25403 }
25404
ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25405 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25406 {
25407 zend_op *opline = EX(opline);
25408 zend_free_op free_op1, free_op2;
25409 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25410 zval **container;
25411
25412 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
25413 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25414 if (IS_CV == IS_VAR && !container) {
25415 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25416 }
25417 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_W TSRMLS_CC);
25418 if (IS_CV == IS_VAR && 0 &&
25419 READY_TO_DESTROY(free_op1.var)) {
25420 AI_USE_PTR(EX_T(opline->result.u.var).var);
25421 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25422 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25423 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25424 }
25425 }
25426 } else {
25427 if (IS_TMP_VAR == IS_UNUSED) {
25428 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
25429 }
25430 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
25431 if (IS_CV == IS_VAR && !container) {
25432 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25433 }
25434 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_R TSRMLS_CC);
25435 }
25436 zval_dtor(free_op2.var);
25437
25438 ZEND_VM_NEXT_OPCODE();
25439 }
25440
ZEND_FETCH_DIM_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25441 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25442 {
25443 zend_op *opline = EX(opline);
25444 zend_free_op free_op1, free_op2;
25445 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
25446 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25447
25448 /* Not needed in DIM_UNSET
25449 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
25450 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
25451 }
25452 */
25453 if (IS_CV == IS_CV) {
25454 if (container != &EG(uninitialized_zval_ptr)) {
25455 SEPARATE_ZVAL_IF_NOT_REF(container);
25456 }
25457 }
25458 if (IS_CV == IS_VAR && !container) {
25459 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25460 }
25461 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 1, BP_VAR_UNSET TSRMLS_CC);
25462 zval_dtor(free_op2.var);
25463 if (IS_CV == IS_VAR && 0 &&
25464 READY_TO_DESTROY(free_op1.var)) {
25465 AI_USE_PTR(EX_T(opline->result.u.var).var);
25466 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25467 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25468 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25469 }
25470 }
25471
25472 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
25473 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
25474 } else {
25475 zend_free_op free_res;
25476
25477 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
25478 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
25479 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
25480 }
25481 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
25482 FREE_OP_VAR_PTR(free_res);
25483 }
25484 ZEND_VM_NEXT_OPCODE();
25485 }
25486
zend_fetch_property_address_read_helper_SPEC_CV_TMP(int type,ZEND_OPCODE_HANDLER_ARGS)25487 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(int type, ZEND_OPCODE_HANDLER_ARGS)
25488 {
25489 zend_op *opline = EX(opline);
25490
25491 zval *container = _get_zval_ptr_cv(&opline->op1, EX(Ts), type TSRMLS_CC);
25492 zend_free_op free_op2;
25493 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25494
25495 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
25496 if (type != BP_VAR_IS) {
25497 zend_error(E_NOTICE, "Trying to get property of non-object");
25498 }
25499 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25500 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
25501 PZVAL_LOCK(EG(uninitialized_zval_ptr));
25502 }
25503 zval_dtor(free_op2.var);
25504 } else {
25505 zval *retval;
25506
25507 if (1) {
25508 MAKE_REAL_ZVAL_PTR(offset);
25509 }
25510
25511 /* here we are sure we are dealing with an object */
25512 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
25513
25514 if (RETURN_VALUE_UNUSED(&opline->result)) {
25515 if (Z_REFCOUNT_P(retval) == 0) {
25516 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
25517 zval_dtor(retval);
25518 FREE_ZVAL(retval);
25519 }
25520 } else {
25521 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
25522 PZVAL_LOCK(retval);
25523 }
25524
25525 if (1) {
25526 zval_ptr_dtor(&offset);
25527 } else {
25528 zval_dtor(free_op2.var);
25529 }
25530 }
25531
25532 ZEND_VM_NEXT_OPCODE();
25533 }
25534
ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25535 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25536 {
25537 return zend_fetch_property_address_read_helper_SPEC_CV_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25538 }
25539
ZEND_FETCH_OBJ_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25540 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25541 {
25542 zend_op *opline = EX(opline);
25543 zend_free_op free_op1, free_op2;
25544 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25545 zval **container;
25546
25547 if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
25548 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
25549 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
25550 }
25551
25552 if (1) {
25553 MAKE_REAL_ZVAL_PTR(property);
25554 }
25555 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25556 if (IS_CV == IS_VAR && !container) {
25557 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
25558 }
25559 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
25560 if (1) {
25561 zval_ptr_dtor(&property);
25562 } else {
25563 zval_dtor(free_op2.var);
25564 }
25565 if (IS_CV == IS_VAR && 0 &&
25566 READY_TO_DESTROY(free_op1.var)) {
25567 AI_USE_PTR(EX_T(opline->result.u.var).var);
25568 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25569 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25570 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25571 }
25572 }
25573
25574 /* We are going to assign the result by reference */
25575 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
25576 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
25577 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
25578 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
25579 }
25580
25581 ZEND_VM_NEXT_OPCODE();
25582 }
25583
ZEND_FETCH_OBJ_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25584 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25585 {
25586 zend_op *opline = EX(opline);
25587 zend_free_op free_op1, free_op2;
25588 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25589 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
25590
25591 if (1) {
25592 MAKE_REAL_ZVAL_PTR(property);
25593 }
25594 if (IS_CV == IS_VAR && !container) {
25595 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
25596 }
25597 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
25598 if (1) {
25599 zval_ptr_dtor(&property);
25600 } else {
25601 zval_dtor(free_op2.var);
25602 }
25603 if (IS_CV == IS_VAR && 0 &&
25604 READY_TO_DESTROY(free_op1.var)) {
25605 AI_USE_PTR(EX_T(opline->result.u.var).var);
25606 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25607 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25608 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25609 }
25610 }
25611
25612 ZEND_VM_NEXT_OPCODE();
25613 }
25614
ZEND_FETCH_OBJ_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25615 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25616 {
25617 return zend_fetch_property_address_read_helper_SPEC_CV_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25618 }
25619
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25620 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25621 {
25622 zend_op *opline = EX(opline);
25623
25624 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
25625 /* Behave like FETCH_OBJ_W */
25626 zend_free_op free_op1, free_op2;
25627 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25628 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25629
25630 if (1) {
25631 MAKE_REAL_ZVAL_PTR(property);
25632 }
25633 if (IS_CV == IS_VAR && !container) {
25634 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
25635 }
25636 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
25637 if (1) {
25638 zval_ptr_dtor(&property);
25639 } else {
25640 zval_dtor(free_op2.var);
25641 }
25642 if (IS_CV == IS_VAR && 0 &&
25643 READY_TO_DESTROY(free_op1.var)) {
25644 AI_USE_PTR(EX_T(opline->result.u.var).var);
25645 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25646 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25647 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25648 }
25649 }
25650
25651 ZEND_VM_NEXT_OPCODE();
25652 } else {
25653 return zend_fetch_property_address_read_helper_SPEC_CV_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25654 }
25655 }
25656
ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25657 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25658 {
25659 zend_op *opline = EX(opline);
25660 zend_free_op free_op1, free_op2, free_res;
25661 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
25662 zval *property = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25663
25664 if (IS_CV == IS_CV) {
25665 if (container != &EG(uninitialized_zval_ptr)) {
25666 SEPARATE_ZVAL_IF_NOT_REF(container);
25667 }
25668 }
25669 if (1) {
25670 MAKE_REAL_ZVAL_PTR(property);
25671 }
25672 if (IS_CV == IS_VAR && !container) {
25673 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
25674 }
25675 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
25676 if (1) {
25677 zval_ptr_dtor(&property);
25678 } else {
25679 zval_dtor(free_op2.var);
25680 }
25681 if (IS_CV == IS_VAR && 0 &&
25682 READY_TO_DESTROY(free_op1.var)) {
25683 AI_USE_PTR(EX_T(opline->result.u.var).var);
25684 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
25685 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
25686 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
25687 }
25688 }
25689
25690 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
25691 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
25692 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
25693 }
25694 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
25695 FREE_OP_VAR_PTR(free_res);
25696 ZEND_VM_NEXT_OPCODE();
25697 }
25698
ZEND_ASSIGN_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25699 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25700 {
25701 zend_op *opline = EX(opline);
25702 zend_op *op_data = opline+1;
25703 zend_free_op free_op2;
25704 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25705 zval *property_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25706
25707 if (1) {
25708 MAKE_REAL_ZVAL_PTR(property_name);
25709 }
25710 if (IS_CV == IS_VAR && !object_ptr) {
25711 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25712 }
25713 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
25714 if (1) {
25715 zval_ptr_dtor(&property_name);
25716 } else {
25717 zval_dtor(free_op2.var);
25718 }
25719
25720 /* assign_obj has two opcodes! */
25721 ZEND_VM_INC_OPCODE();
25722 ZEND_VM_NEXT_OPCODE();
25723 }
25724
ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25725 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25726 {
25727 zend_op *opline = EX(opline);
25728 zend_op *op_data = opline+1;
25729
25730 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25731
25732 if (IS_CV == IS_VAR && !object_ptr) {
25733 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
25734 }
25735 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
25736 zend_free_op free_op2;
25737 zval *property_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25738
25739 if (1) {
25740 MAKE_REAL_ZVAL_PTR(property_name);
25741 }
25742 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
25743 if (1) {
25744 zval_ptr_dtor(&property_name);
25745 } else {
25746 zval_dtor(free_op2.var);
25747 }
25748 } else {
25749 zend_free_op free_op2, free_op_data1, free_op_data2;
25750 zval *value;
25751 zval *dim = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25752 zval **variable_ptr_ptr;
25753
25754 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 1, BP_VAR_W TSRMLS_CC);
25755 zval_dtor(free_op2.var);
25756
25757 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
25758 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
25759 if (!variable_ptr_ptr) {
25760 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
25761 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25762 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
25763 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
25764 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
25765 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
25766 }
25767 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
25768 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
25769 PZVAL_LOCK(EG(uninitialized_zval_ptr));
25770 }
25771 } else {
25772 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
25773 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25774 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
25775 PZVAL_LOCK(value);
25776 }
25777 }
25778 FREE_OP_VAR_PTR(free_op_data2);
25779 FREE_OP_IF_VAR(free_op_data1);
25780 }
25781
25782 /* assign_dim has two opcodes! */
25783 ZEND_VM_INC_OPCODE();
25784 ZEND_VM_NEXT_OPCODE();
25785 }
25786
ZEND_ASSIGN_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25787 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25788 {
25789 zend_op *opline = EX(opline);
25790 zend_free_op free_op2;
25791 zval *value = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25792 zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25793
25794 if (IS_CV == IS_VAR && !variable_ptr_ptr) {
25795 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_TMP_VAR TSRMLS_CC)) {
25796 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25797 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
25798 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
25799 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
25800 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
25801 }
25802 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
25803 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
25804 PZVAL_LOCK(EG(uninitialized_zval_ptr));
25805 }
25806 } else {
25807 value = zend_assign_to_variable(variable_ptr_ptr, value, 1 TSRMLS_CC);
25808 if (!RETURN_VALUE_UNUSED(&opline->result)) {
25809 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
25810 PZVAL_LOCK(value);
25811 }
25812 }
25813
25814 /* zend_assign_to_variable() always takes care of op2, never free it! */
25815
25816 ZEND_VM_NEXT_OPCODE();
25817 }
25818
ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25819 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25820 {
25821 zend_op *opline = EX(opline);
25822 zval *function_name;
25823 char *function_name_strval;
25824 int function_name_strlen;
25825 zend_free_op free_op2;
25826
25827 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
25828
25829 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25830
25831 if (Z_TYPE_P(function_name)!=IS_STRING) {
25832 zend_error_noreturn(E_ERROR, "Method name must be a string");
25833 }
25834
25835 function_name_strval = Z_STRVAL_P(function_name);
25836 function_name_strlen = Z_STRLEN_P(function_name);
25837
25838 EX(object) = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
25839
25840 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
25841 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
25842 zend_error_noreturn(E_ERROR, "Object does not support method calls");
25843 }
25844
25845 /* First, locate the function. */
25846 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
25847 if (!EX(fbc)) {
25848 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
25849 }
25850
25851 EX(called_scope) = Z_OBJCE_P(EX(object));
25852 } else {
25853 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
25854 }
25855
25856 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
25857 EX(object) = NULL;
25858 } else {
25859 if (!PZVAL_IS_REF(EX(object))) {
25860 Z_ADDREF_P(EX(object)); /* For $this pointer */
25861 } else {
25862 zval *this_ptr;
25863 ALLOC_ZVAL(this_ptr);
25864 INIT_PZVAL_COPY(this_ptr, EX(object));
25865 zval_copy_ctor(this_ptr);
25866 EX(object) = this_ptr;
25867 }
25868 }
25869
25870 zval_dtor(free_op2.var);
25871
25872 ZEND_VM_NEXT_OPCODE();
25873 }
25874
ZEND_CASE_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25875 static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25876 {
25877 zend_op *opline = EX(opline);
25878 int switch_expr_is_overloaded=0;
25879 zend_free_op free_op2;
25880
25881 if (IS_CV==IS_VAR) {
25882 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
25883 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
25884 } else {
25885 switch_expr_is_overloaded = 1;
25886 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
25887 }
25888 }
25889 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
25890 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
25891 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
25892
25893 zval_dtor(free_op2.var);
25894 if (switch_expr_is_overloaded) {
25895 /* We only free op1 if this is a string offset,
25896 * Since if it is a TMP_VAR, it'll be reused by
25897 * other CASE opcodes (whereas string offsets
25898 * are allocated at each get_zval_ptr())
25899 */
25900
25901 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
25902 EX_T(opline->op1.u.var).var.ptr = NULL;
25903 }
25904 ZEND_VM_NEXT_OPCODE();
25905 }
25906
ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25907 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25908 {
25909 zend_op *opline = EX(opline);
25910 zend_free_op free_op2;
25911 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
25912 zval *expr_ptr;
25913 zval *offset=_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
25914
25915 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
25916 zval **expr_ptr_ptr = NULL;
25917
25918 if (opline->extended_value) {
25919 expr_ptr_ptr=_get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
25920 expr_ptr = *expr_ptr_ptr;
25921 } else {
25922 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
25923 }
25924 #else
25925 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
25926 #endif
25927
25928 if (0) { /* temporary variable */
25929 zval *new_expr;
25930
25931 ALLOC_ZVAL(new_expr);
25932 INIT_PZVAL_COPY(new_expr, expr_ptr);
25933 expr_ptr = new_expr;
25934 } else {
25935 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
25936 if (opline->extended_value) {
25937 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
25938 expr_ptr = *expr_ptr_ptr;
25939 Z_ADDREF_P(expr_ptr);
25940 } else
25941 #endif
25942 if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
25943 zval *new_expr;
25944
25945 ALLOC_ZVAL(new_expr);
25946 INIT_PZVAL_COPY(new_expr, expr_ptr);
25947 expr_ptr = new_expr;
25948 zendi_zval_copy_ctor(*expr_ptr);
25949 } else {
25950 Z_ADDREF_P(expr_ptr);
25951 }
25952 }
25953 if (offset) {
25954 switch (Z_TYPE_P(offset)) {
25955 case IS_DOUBLE:
25956 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
25957 break;
25958 case IS_LONG:
25959 case IS_BOOL:
25960 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
25961 break;
25962 case IS_STRING:
25963 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
25964 break;
25965 case IS_NULL:
25966 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
25967 break;
25968 default:
25969 zend_error(E_WARNING, "Illegal offset type");
25970 zval_ptr_dtor(&expr_ptr);
25971 /* do nothing */
25972 break;
25973 }
25974 zval_dtor(free_op2.var);
25975 } else {
25976 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
25977 }
25978 if (opline->extended_value) {
25979
25980 } else {
25981
25982 }
25983 ZEND_VM_NEXT_OPCODE();
25984 }
25985
ZEND_INIT_ARRAY_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)25986 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
25987 {
25988 zend_op *opline = EX(opline);
25989
25990 array_init(&EX_T(opline->result.u.var).tmp_var);
25991 if (IS_CV == IS_UNUSED) {
25992 ZEND_VM_NEXT_OPCODE();
25993 #if 0 || IS_CV != IS_UNUSED
25994 } else {
25995 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
25996 #endif
25997 }
25998 }
25999
ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26000 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26001 {
26002 zend_op *opline = EX(opline);
26003 zend_free_op free_op2;
26004 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
26005 zval *offset;
26006
26007 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
26008 SEPARATE_ZVAL_IF_NOT_REF(container);
26009 }
26010 offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26011
26012 if (IS_CV != IS_VAR || container) {
26013 switch (Z_TYPE_PP(container)) {
26014 case IS_ARRAY: {
26015 HashTable *ht = Z_ARRVAL_PP(container);
26016
26017 switch (Z_TYPE_P(offset)) {
26018 case IS_DOUBLE:
26019 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
26020 break;
26021 case IS_RESOURCE:
26022 case IS_BOOL:
26023 case IS_LONG:
26024 zend_hash_index_del(ht, Z_LVAL_P(offset));
26025 break;
26026 case IS_STRING:
26027 if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) {
26028 Z_ADDREF_P(offset);
26029 }
26030 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
26031 ht == &EG(symbol_table)) {
26032 zend_execute_data *ex;
26033 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
26034
26035 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
26036 if (ex->op_array && ex->symbol_table == ht) {
26037 int i;
26038
26039 for (i = 0; i < ex->op_array->last_var; i++) {
26040 if (ex->op_array->vars[i].hash_value == hash_value &&
26041 ex->op_array->vars[i].name_len == offset->value.str.len &&
26042 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
26043 ex->CVs[i] = NULL;
26044 break;
26045 }
26046 }
26047 }
26048 }
26049 }
26050 if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) {
26051 zval_ptr_dtor(&offset);
26052 }
26053 break;
26054 case IS_NULL:
26055 zend_hash_del(ht, "", sizeof(""));
26056 break;
26057 default:
26058 zend_error(E_WARNING, "Illegal offset type in unset");
26059 break;
26060 }
26061 zval_dtor(free_op2.var);
26062 break;
26063 }
26064 case IS_OBJECT:
26065 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
26066 zend_error_noreturn(E_ERROR, "Cannot use object as array");
26067 }
26068 if (1) {
26069 MAKE_REAL_ZVAL_PTR(offset);
26070 }
26071 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
26072 if (1) {
26073 zval_ptr_dtor(&offset);
26074 } else {
26075 zval_dtor(free_op2.var);
26076 }
26077 break;
26078 case IS_STRING:
26079 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
26080 ZEND_VM_CONTINUE(); /* bailed out before */
26081 default:
26082 zval_dtor(free_op2.var);
26083 break;
26084 }
26085 } else {
26086 zval_dtor(free_op2.var);
26087 }
26088
26089 ZEND_VM_NEXT_OPCODE();
26090 }
26091
ZEND_UNSET_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26092 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26093 {
26094 zend_op *opline = EX(opline);
26095 zend_free_op free_op2;
26096 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
26097 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26098
26099 if (IS_CV != IS_VAR || container) {
26100 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
26101 SEPARATE_ZVAL_IF_NOT_REF(container);
26102 }
26103 if (Z_TYPE_PP(container) == IS_OBJECT) {
26104 if (1) {
26105 MAKE_REAL_ZVAL_PTR(offset);
26106 }
26107 if (Z_OBJ_HT_P(*container)->unset_property) {
26108 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
26109 } else {
26110 zend_error(E_NOTICE, "Trying to unset property of non-object");
26111 }
26112 if (1) {
26113 zval_ptr_dtor(&offset);
26114 } else {
26115 zval_dtor(free_op2.var);
26116 }
26117 } else {
26118 zval_dtor(free_op2.var);
26119 }
26120 } else {
26121 zval_dtor(free_op2.var);
26122 }
26123
26124 ZEND_VM_NEXT_OPCODE();
26125 }
26126
zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)26127 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
26128 {
26129 zend_op *opline = EX(opline);
26130
26131 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
26132 zval **value = NULL;
26133 int result = 0;
26134
26135 if (IS_CV != IS_VAR || container) {
26136 zend_free_op free_op2;
26137 zval *offset = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26138
26139 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
26140 HashTable *ht;
26141 int isset = 0;
26142
26143 ht = Z_ARRVAL_PP(container);
26144
26145 switch (Z_TYPE_P(offset)) {
26146 case IS_DOUBLE:
26147 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
26148 isset = 1;
26149 }
26150 break;
26151 case IS_RESOURCE:
26152 case IS_BOOL:
26153 case IS_LONG:
26154 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
26155 isset = 1;
26156 }
26157 break;
26158 case IS_STRING:
26159 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
26160 isset = 1;
26161 }
26162 break;
26163 case IS_NULL:
26164 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
26165 isset = 1;
26166 }
26167 break;
26168 default:
26169 zend_error(E_WARNING, "Illegal offset type in isset or empty");
26170
26171 break;
26172 }
26173
26174 switch (opline->extended_value) {
26175 case ZEND_ISSET:
26176 if (isset && Z_TYPE_PP(value) == IS_NULL) {
26177 result = 0;
26178 } else {
26179 result = isset;
26180 }
26181 break;
26182 case ZEND_ISEMPTY:
26183 if (!isset || !i_zend_is_true(*value)) {
26184 result = 0;
26185 } else {
26186 result = 1;
26187 }
26188 break;
26189 }
26190 zval_dtor(free_op2.var);
26191 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
26192 if (1) {
26193 MAKE_REAL_ZVAL_PTR(offset);
26194 }
26195 if (prop_dim) {
26196 if (Z_OBJ_HT_P(*container)->has_property) {
26197 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
26198 } else {
26199 zend_error(E_NOTICE, "Trying to check property of non-object");
26200 result = 0;
26201 }
26202 } else {
26203 if (Z_OBJ_HT_P(*container)->has_dimension) {
26204 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
26205 } else {
26206 zend_error(E_NOTICE, "Trying to check element of non-array");
26207 result = 0;
26208 }
26209 }
26210 if (1) {
26211 zval_ptr_dtor(&offset);
26212 } else {
26213 zval_dtor(free_op2.var);
26214 }
26215 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
26216 zval tmp;
26217
26218 if (Z_TYPE_P(offset) != IS_LONG) {
26219 tmp = *offset;
26220 zval_copy_ctor(&tmp);
26221 convert_to_long(&tmp);
26222 offset = &tmp;
26223 }
26224 if (Z_TYPE_P(offset) == IS_LONG) {
26225 switch (opline->extended_value) {
26226 case ZEND_ISSET:
26227 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
26228 result = 1;
26229 }
26230 break;
26231 case ZEND_ISEMPTY:
26232 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
26233 result = 1;
26234 }
26235 break;
26236 }
26237 }
26238 zval_dtor(free_op2.var);
26239 } else {
26240 zval_dtor(free_op2.var);
26241 }
26242 }
26243
26244 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
26245
26246 switch (opline->extended_value) {
26247 case ZEND_ISSET:
26248 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
26249 break;
26250 case ZEND_ISEMPTY:
26251 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
26252 break;
26253 }
26254
26255 ZEND_VM_NEXT_OPCODE();
26256 }
26257
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26258 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26259 {
26260 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26261 }
26262
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26263 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26264 {
26265 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26266 }
26267
ZEND_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26268 static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26269 {
26270 zend_op *opline = EX(opline);
26271 zend_free_op free_op2;
26272
26273 add_function(&EX_T(opline->result.u.var).tmp_var,
26274 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26275 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26276
26277 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26278 ZEND_VM_NEXT_OPCODE();
26279 }
26280
ZEND_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26281 static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26282 {
26283 zend_op *opline = EX(opline);
26284 zend_free_op free_op2;
26285
26286 sub_function(&EX_T(opline->result.u.var).tmp_var,
26287 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26288 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26289
26290 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26291 ZEND_VM_NEXT_OPCODE();
26292 }
26293
ZEND_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26294 static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26295 {
26296 zend_op *opline = EX(opline);
26297 zend_free_op free_op2;
26298
26299 mul_function(&EX_T(opline->result.u.var).tmp_var,
26300 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26301 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26302
26303 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26304 ZEND_VM_NEXT_OPCODE();
26305 }
26306
ZEND_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26307 static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26308 {
26309 zend_op *opline = EX(opline);
26310 zend_free_op free_op2;
26311
26312 div_function(&EX_T(opline->result.u.var).tmp_var,
26313 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26314 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26315
26316 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26317 ZEND_VM_NEXT_OPCODE();
26318 }
26319
ZEND_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26320 static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26321 {
26322 zend_op *opline = EX(opline);
26323 zend_free_op free_op2;
26324
26325 mod_function(&EX_T(opline->result.u.var).tmp_var,
26326 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26327 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26328
26329 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26330 ZEND_VM_NEXT_OPCODE();
26331 }
26332
ZEND_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26333 static int ZEND_FASTCALL ZEND_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26334 {
26335 zend_op *opline = EX(opline);
26336 zend_free_op free_op2;
26337
26338 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
26339 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26340 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26341
26342 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26343 ZEND_VM_NEXT_OPCODE();
26344 }
26345
ZEND_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26346 static int ZEND_FASTCALL ZEND_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26347 {
26348 zend_op *opline = EX(opline);
26349 zend_free_op free_op2;
26350
26351 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
26352 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26353 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26354
26355 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26356 ZEND_VM_NEXT_OPCODE();
26357 }
26358
ZEND_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26359 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26360 {
26361 zend_op *opline = EX(opline);
26362 zend_free_op free_op2;
26363
26364 concat_function(&EX_T(opline->result.u.var).tmp_var,
26365 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26366 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26367
26368 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26369 ZEND_VM_NEXT_OPCODE();
26370 }
26371
ZEND_IS_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26372 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26373 {
26374 zend_op *opline = EX(opline);
26375 zend_free_op free_op2;
26376
26377 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
26378 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26379 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26380
26381 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26382 ZEND_VM_NEXT_OPCODE();
26383 }
26384
ZEND_IS_NOT_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26385 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26386 {
26387 zend_op *opline = EX(opline);
26388 zend_free_op free_op2;
26389 zval *result = &EX_T(opline->result.u.var).tmp_var;
26390
26391 is_identical_function(result,
26392 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26393 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26394 Z_LVAL_P(result) = !Z_LVAL_P(result);
26395
26396 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26397 ZEND_VM_NEXT_OPCODE();
26398 }
26399
ZEND_IS_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26400 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26401 {
26402 zend_op *opline = EX(opline);
26403 zend_free_op free_op2;
26404 zval *result = &EX_T(opline->result.u.var).tmp_var;
26405
26406 compare_function(result,
26407 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26408 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26409 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
26410
26411 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26412 ZEND_VM_NEXT_OPCODE();
26413 }
26414
ZEND_IS_NOT_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26415 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26416 {
26417 zend_op *opline = EX(opline);
26418 zend_free_op free_op2;
26419 zval *result = &EX_T(opline->result.u.var).tmp_var;
26420
26421 compare_function(result,
26422 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26423 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26424 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
26425
26426 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26427 ZEND_VM_NEXT_OPCODE();
26428 }
26429
ZEND_IS_SMALLER_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26430 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26431 {
26432 zend_op *opline = EX(opline);
26433 zend_free_op free_op2;
26434 zval *result = &EX_T(opline->result.u.var).tmp_var;
26435
26436 compare_function(result,
26437 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26438 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26439 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
26440
26441 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26442 ZEND_VM_NEXT_OPCODE();
26443 }
26444
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26445 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26446 {
26447 zend_op *opline = EX(opline);
26448 zend_free_op free_op2;
26449 zval *result = &EX_T(opline->result.u.var).tmp_var;
26450
26451 compare_function(result,
26452 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26453 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26454 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
26455
26456 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26457 ZEND_VM_NEXT_OPCODE();
26458 }
26459
ZEND_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26460 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26461 {
26462 zend_op *opline = EX(opline);
26463 zend_free_op free_op2;
26464
26465 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
26466 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26467 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26468
26469 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26470 ZEND_VM_NEXT_OPCODE();
26471 }
26472
ZEND_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26473 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26474 {
26475 zend_op *opline = EX(opline);
26476 zend_free_op free_op2;
26477
26478 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
26479 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26480 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26481
26482 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26483 ZEND_VM_NEXT_OPCODE();
26484 }
26485
ZEND_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26486 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26487 {
26488 zend_op *opline = EX(opline);
26489 zend_free_op free_op2;
26490
26491 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
26492 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26493 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26494
26495 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26496 ZEND_VM_NEXT_OPCODE();
26497 }
26498
ZEND_BOOL_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26499 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26500 {
26501 zend_op *opline = EX(opline);
26502 zend_free_op free_op2;
26503
26504 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
26505 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
26506 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
26507
26508 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26509 ZEND_VM_NEXT_OPCODE();
26510 }
26511
zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)26512 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
26513 {
26514 zend_op *opline = EX(opline);
26515 zend_op *op_data = opline+1;
26516 zend_free_op free_op2, free_op_data1;
26517 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
26518 zval *object;
26519 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26520 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
26521 znode *result = &opline->result;
26522 int have_get_ptr = 0;
26523
26524 if (IS_CV == IS_VAR && !object_ptr) {
26525 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
26526 }
26527
26528 EX_T(result->u.var).var.ptr_ptr = NULL;
26529 make_real_object(object_ptr TSRMLS_CC);
26530 object = *object_ptr;
26531
26532 if (Z_TYPE_P(object) != IS_OBJECT) {
26533 zend_error(E_WARNING, "Attempt to assign property of non-object");
26534 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26535 FREE_OP(free_op_data1);
26536
26537 if (!RETURN_VALUE_UNUSED(result)) {
26538 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
26539 EX_T(result->u.var).var.ptr_ptr = NULL;
26540 PZVAL_LOCK(EG(uninitialized_zval_ptr));
26541 }
26542 } else {
26543 /* here we are sure we are dealing with an object */
26544 if (0) {
26545 MAKE_REAL_ZVAL_PTR(property);
26546 }
26547
26548 /* here property is a string */
26549 if (opline->extended_value == ZEND_ASSIGN_OBJ
26550 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
26551 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
26552 if (zptr != NULL) { /* NULL means no success in getting PTR */
26553 SEPARATE_ZVAL_IF_NOT_REF(zptr);
26554
26555 have_get_ptr = 1;
26556 binary_op(*zptr, *zptr, value TSRMLS_CC);
26557 if (!RETURN_VALUE_UNUSED(result)) {
26558 EX_T(result->u.var).var.ptr = *zptr;
26559 EX_T(result->u.var).var.ptr_ptr = NULL;
26560 PZVAL_LOCK(*zptr);
26561 }
26562 }
26563 }
26564
26565 if (!have_get_ptr) {
26566 zval *z = NULL;
26567
26568 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
26569 if (Z_OBJ_HT_P(object)->read_property) {
26570 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
26571 }
26572 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
26573 if (Z_OBJ_HT_P(object)->read_dimension) {
26574 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
26575 }
26576 }
26577 if (z) {
26578 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
26579 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
26580
26581 if (Z_REFCOUNT_P(z) == 0) {
26582 GC_REMOVE_ZVAL_FROM_BUFFER(z);
26583 zval_dtor(z);
26584 FREE_ZVAL(z);
26585 }
26586 z = value;
26587 }
26588 Z_ADDREF_P(z);
26589 SEPARATE_ZVAL_IF_NOT_REF(&z);
26590 binary_op(z, z, value TSRMLS_CC);
26591 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
26592 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
26593 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
26594 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
26595 }
26596 if (!RETURN_VALUE_UNUSED(result)) {
26597 EX_T(result->u.var).var.ptr = z;
26598 EX_T(result->u.var).var.ptr_ptr = NULL;
26599 PZVAL_LOCK(z);
26600 }
26601 zval_ptr_dtor(&z);
26602 } else {
26603 zend_error(E_WARNING, "Attempt to assign property of non-object");
26604 if (!RETURN_VALUE_UNUSED(result)) {
26605 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
26606 EX_T(result->u.var).var.ptr_ptr = NULL;
26607 PZVAL_LOCK(EG(uninitialized_zval_ptr));
26608 }
26609 }
26610 }
26611
26612 if (0) {
26613 zval_ptr_dtor(&property);
26614 } else {
26615 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26616 }
26617 FREE_OP(free_op_data1);
26618 }
26619
26620 /* assign_obj has two opcodes! */
26621 ZEND_VM_INC_OPCODE();
26622 ZEND_VM_NEXT_OPCODE();
26623 }
26624
zend_binary_assign_op_helper_SPEC_CV_VAR(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)26625 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
26626 {
26627 zend_op *opline = EX(opline);
26628 zend_free_op free_op2, free_op_data2, free_op_data1;
26629 zval **var_ptr;
26630 zval *value;
26631
26632 switch (opline->extended_value) {
26633 case ZEND_ASSIGN_OBJ:
26634 return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26635 break;
26636 case ZEND_ASSIGN_DIM: {
26637 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
26638
26639 if (IS_CV == IS_VAR && !container) {
26640 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
26641 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
26642 if (IS_CV == IS_VAR && !0) {
26643 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
26644 }
26645 return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26646 } else {
26647 zend_op *op_data = opline+1;
26648 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26649
26650 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
26651 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
26652 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
26653 ZEND_VM_INC_OPCODE();
26654 }
26655 }
26656 break;
26657 default:
26658 value = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26659 var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
26660 /* do nothing */
26661 break;
26662 }
26663
26664 if (!var_ptr) {
26665 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
26666 }
26667
26668 if (*var_ptr == EG(error_zval_ptr)) {
26669 if (!RETURN_VALUE_UNUSED(&opline->result)) {
26670 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
26671 PZVAL_LOCK(EG(uninitialized_zval_ptr));
26672 }
26673 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26674
26675 ZEND_VM_NEXT_OPCODE();
26676 }
26677
26678 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
26679
26680 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
26681 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
26682 /* proxy object */
26683 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
26684 Z_ADDREF_P(objval);
26685 binary_op(objval, objval, value TSRMLS_CC);
26686 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
26687 zval_ptr_dtor(&objval);
26688 } else {
26689 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
26690 }
26691
26692 if (!RETURN_VALUE_UNUSED(&opline->result)) {
26693 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
26694 PZVAL_LOCK(*var_ptr);
26695 }
26696 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26697
26698 if (opline->extended_value == ZEND_ASSIGN_DIM) {
26699 FREE_OP(free_op_data1);
26700 FREE_OP_VAR_PTR(free_op_data2);
26701 }
26702
26703 ZEND_VM_NEXT_OPCODE();
26704 }
26705
ZEND_ASSIGN_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26706 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26707 {
26708 return zend_binary_assign_op_helper_SPEC_CV_VAR(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26709 }
26710
ZEND_ASSIGN_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26711 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26712 {
26713 return zend_binary_assign_op_helper_SPEC_CV_VAR(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26714 }
26715
ZEND_ASSIGN_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26716 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26717 {
26718 return zend_binary_assign_op_helper_SPEC_CV_VAR(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26719 }
26720
ZEND_ASSIGN_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26721 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26722 {
26723 return zend_binary_assign_op_helper_SPEC_CV_VAR(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26724 }
26725
ZEND_ASSIGN_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26726 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26727 {
26728 return zend_binary_assign_op_helper_SPEC_CV_VAR(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26729 }
26730
ZEND_ASSIGN_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26731 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26732 {
26733 return zend_binary_assign_op_helper_SPEC_CV_VAR(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26734 }
26735
ZEND_ASSIGN_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26736 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26737 {
26738 return zend_binary_assign_op_helper_SPEC_CV_VAR(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26739 }
26740
ZEND_ASSIGN_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26741 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26742 {
26743 return zend_binary_assign_op_helper_SPEC_CV_VAR(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26744 }
26745
ZEND_ASSIGN_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26746 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26747 {
26748 return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26749 }
26750
ZEND_ASSIGN_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26751 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26752 {
26753 return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26754 }
26755
ZEND_ASSIGN_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26756 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26757 {
26758 return zend_binary_assign_op_helper_SPEC_CV_VAR(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26759 }
26760
zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)26761 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
26762 {
26763 zend_op *opline = EX(opline);
26764 zend_free_op free_op2;
26765 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
26766 zval *object;
26767 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26768 zval **retval = &EX_T(opline->result.u.var).var.ptr;
26769 int have_get_ptr = 0;
26770
26771 if (IS_CV == IS_VAR && !object_ptr) {
26772 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
26773 }
26774
26775 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
26776 object = *object_ptr;
26777
26778 if (Z_TYPE_P(object) != IS_OBJECT) {
26779 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
26780 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26781 if (!RETURN_VALUE_UNUSED(&opline->result)) {
26782 *retval = EG(uninitialized_zval_ptr);
26783 PZVAL_LOCK(*retval);
26784 }
26785
26786 ZEND_VM_NEXT_OPCODE();
26787 }
26788
26789 /* here we are sure we are dealing with an object */
26790
26791 if (0) {
26792 MAKE_REAL_ZVAL_PTR(property);
26793 }
26794
26795 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
26796 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
26797 if (zptr != NULL) { /* NULL means no success in getting PTR */
26798 SEPARATE_ZVAL_IF_NOT_REF(zptr);
26799
26800 have_get_ptr = 1;
26801 incdec_op(*zptr);
26802 if (!RETURN_VALUE_UNUSED(&opline->result)) {
26803 *retval = *zptr;
26804 PZVAL_LOCK(*retval);
26805 }
26806 }
26807 }
26808
26809 if (!have_get_ptr) {
26810 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
26811 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
26812
26813 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
26814 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
26815
26816 if (Z_REFCOUNT_P(z) == 0) {
26817 GC_REMOVE_ZVAL_FROM_BUFFER(z);
26818 zval_dtor(z);
26819 FREE_ZVAL(z);
26820 }
26821 z = value;
26822 }
26823 Z_ADDREF_P(z);
26824 SEPARATE_ZVAL_IF_NOT_REF(&z);
26825 incdec_op(z);
26826 *retval = z;
26827 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
26828 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
26829 zval_ptr_dtor(&z);
26830 } else {
26831 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
26832 if (!RETURN_VALUE_UNUSED(&opline->result)) {
26833 *retval = EG(uninitialized_zval_ptr);
26834 PZVAL_LOCK(*retval);
26835 }
26836 }
26837 }
26838
26839 if (0) {
26840 zval_ptr_dtor(&property);
26841 } else {
26842 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26843 }
26844
26845 ZEND_VM_NEXT_OPCODE();
26846 }
26847
ZEND_PRE_INC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26848 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26849 {
26850 return zend_pre_incdec_property_helper_SPEC_CV_VAR(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26851 }
26852
ZEND_PRE_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26853 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26854 {
26855 return zend_pre_incdec_property_helper_SPEC_CV_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26856 }
26857
zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)26858 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
26859 {
26860 zend_op *opline = EX(opline);
26861 zend_free_op free_op2;
26862 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
26863 zval *object;
26864 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26865 zval *retval = &EX_T(opline->result.u.var).tmp_var;
26866 int have_get_ptr = 0;
26867
26868 if (IS_CV == IS_VAR && !object_ptr) {
26869 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
26870 }
26871
26872 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
26873 object = *object_ptr;
26874
26875 if (Z_TYPE_P(object) != IS_OBJECT) {
26876 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
26877 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26878 *retval = *EG(uninitialized_zval_ptr);
26879
26880 ZEND_VM_NEXT_OPCODE();
26881 }
26882
26883 /* here we are sure we are dealing with an object */
26884
26885 if (0) {
26886 MAKE_REAL_ZVAL_PTR(property);
26887 }
26888
26889 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
26890 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
26891 if (zptr != NULL) { /* NULL means no success in getting PTR */
26892 have_get_ptr = 1;
26893 SEPARATE_ZVAL_IF_NOT_REF(zptr);
26894
26895 *retval = **zptr;
26896 zendi_zval_copy_ctor(*retval);
26897
26898 incdec_op(*zptr);
26899
26900 }
26901 }
26902
26903 if (!have_get_ptr) {
26904 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
26905 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
26906 zval *z_copy;
26907
26908 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
26909 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
26910
26911 if (Z_REFCOUNT_P(z) == 0) {
26912 GC_REMOVE_ZVAL_FROM_BUFFER(z);
26913 zval_dtor(z);
26914 FREE_ZVAL(z);
26915 }
26916 z = value;
26917 }
26918 *retval = *z;
26919 zendi_zval_copy_ctor(*retval);
26920 ALLOC_ZVAL(z_copy);
26921 *z_copy = *z;
26922 zendi_zval_copy_ctor(*z_copy);
26923 INIT_PZVAL(z_copy);
26924 incdec_op(z_copy);
26925 Z_ADDREF_P(z);
26926 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
26927 zval_ptr_dtor(&z_copy);
26928 zval_ptr_dtor(&z);
26929 } else {
26930 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
26931 *retval = *EG(uninitialized_zval_ptr);
26932 }
26933 }
26934
26935 if (0) {
26936 zval_ptr_dtor(&property);
26937 } else {
26938 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26939 }
26940
26941 ZEND_VM_NEXT_OPCODE();
26942 }
26943
ZEND_POST_INC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26944 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26945 {
26946 return zend_post_incdec_property_helper_SPEC_CV_VAR(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26947 }
26948
ZEND_POST_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26949 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26950 {
26951 return zend_post_incdec_property_helper_SPEC_CV_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
26952 }
26953
ZEND_FETCH_DIM_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26954 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26955 {
26956 zend_op *opline = EX(opline);
26957 zend_free_op free_op2;
26958 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26959 zval **container;
26960
26961 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
26962 IS_CV != IS_CV &&
26963 EX_T(opline->op1.u.var).var.ptr_ptr) {
26964 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
26965 }
26966 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
26967 if (IS_CV == IS_VAR && !container) {
26968 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
26969 }
26970 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
26971 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26972
26973 ZEND_VM_NEXT_OPCODE();
26974 }
26975
ZEND_FETCH_DIM_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)26976 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
26977 {
26978 zend_op *opline = EX(opline);
26979 zend_free_op free_op1, free_op2;
26980 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
26981 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
26982
26983 if (IS_CV == IS_VAR && !container) {
26984 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
26985 }
26986 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
26987 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
26988 if (IS_CV == IS_VAR && 0 &&
26989 READY_TO_DESTROY(free_op1.var)) {
26990 AI_USE_PTR(EX_T(opline->result.u.var).var);
26991 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
26992 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
26993 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
26994 }
26995 }
26996
26997 /* We are going to assign the result by reference */
26998 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
26999 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
27000 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
27001 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
27002 }
27003
27004 ZEND_VM_NEXT_OPCODE();
27005 }
27006
ZEND_FETCH_DIM_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27007 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27008 {
27009 zend_op *opline = EX(opline);
27010 zend_free_op free_op1, free_op2;
27011 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27012 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
27013
27014 if (IS_CV == IS_VAR && !container) {
27015 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27016 }
27017 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
27018 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27019 if (IS_CV == IS_VAR && 0 &&
27020 READY_TO_DESTROY(free_op1.var)) {
27021 AI_USE_PTR(EX_T(opline->result.u.var).var);
27022 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27023 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27024 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27025 }
27026 }
27027
27028 ZEND_VM_NEXT_OPCODE();
27029 }
27030
ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27031 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27032 {
27033 zend_op *opline = EX(opline);
27034 zend_free_op free_op2;
27035 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27036 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
27037
27038 if (IS_CV == IS_VAR && !container) {
27039 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27040 }
27041 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_IS TSRMLS_CC);
27042 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27043
27044 ZEND_VM_NEXT_OPCODE();
27045 }
27046
ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27047 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27048 {
27049 zend_op *opline = EX(opline);
27050 zend_free_op free_op1, free_op2;
27051 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27052 zval **container;
27053
27054 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
27055 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27056 if (IS_CV == IS_VAR && !container) {
27057 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27058 }
27059 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
27060 if (IS_CV == IS_VAR && 0 &&
27061 READY_TO_DESTROY(free_op1.var)) {
27062 AI_USE_PTR(EX_T(opline->result.u.var).var);
27063 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27064 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27065 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27066 }
27067 }
27068 } else {
27069 if (IS_VAR == IS_UNUSED) {
27070 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
27071 }
27072 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
27073 if (IS_CV == IS_VAR && !container) {
27074 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27075 }
27076 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
27077 }
27078 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27079
27080 ZEND_VM_NEXT_OPCODE();
27081 }
27082
ZEND_FETCH_DIM_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27083 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27084 {
27085 zend_op *opline = EX(opline);
27086 zend_free_op free_op1, free_op2;
27087 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
27088 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27089
27090 /* Not needed in DIM_UNSET
27091 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
27092 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
27093 }
27094 */
27095 if (IS_CV == IS_CV) {
27096 if (container != &EG(uninitialized_zval_ptr)) {
27097 SEPARATE_ZVAL_IF_NOT_REF(container);
27098 }
27099 }
27100 if (IS_CV == IS_VAR && !container) {
27101 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27102 }
27103 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_UNSET TSRMLS_CC);
27104 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27105 if (IS_CV == IS_VAR && 0 &&
27106 READY_TO_DESTROY(free_op1.var)) {
27107 AI_USE_PTR(EX_T(opline->result.u.var).var);
27108 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27109 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27110 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27111 }
27112 }
27113
27114 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
27115 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
27116 } else {
27117 zend_free_op free_res;
27118
27119 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
27120 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
27121 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
27122 }
27123 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
27124 FREE_OP_VAR_PTR(free_res);
27125 }
27126 ZEND_VM_NEXT_OPCODE();
27127 }
27128
zend_fetch_property_address_read_helper_SPEC_CV_VAR(int type,ZEND_OPCODE_HANDLER_ARGS)27129 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(int type, ZEND_OPCODE_HANDLER_ARGS)
27130 {
27131 zend_op *opline = EX(opline);
27132
27133 zval *container = _get_zval_ptr_cv(&opline->op1, EX(Ts), type TSRMLS_CC);
27134 zend_free_op free_op2;
27135 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27136
27137 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
27138 if (type != BP_VAR_IS) {
27139 zend_error(E_NOTICE, "Trying to get property of non-object");
27140 }
27141 if (!RETURN_VALUE_UNUSED(&opline->result)) {
27142 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
27143 PZVAL_LOCK(EG(uninitialized_zval_ptr));
27144 }
27145 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27146 } else {
27147 zval *retval;
27148
27149 if (0) {
27150 MAKE_REAL_ZVAL_PTR(offset);
27151 }
27152
27153 /* here we are sure we are dealing with an object */
27154 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
27155
27156 if (RETURN_VALUE_UNUSED(&opline->result)) {
27157 if (Z_REFCOUNT_P(retval) == 0) {
27158 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
27159 zval_dtor(retval);
27160 FREE_ZVAL(retval);
27161 }
27162 } else {
27163 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
27164 PZVAL_LOCK(retval);
27165 }
27166
27167 if (0) {
27168 zval_ptr_dtor(&offset);
27169 } else {
27170 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27171 }
27172 }
27173
27174 ZEND_VM_NEXT_OPCODE();
27175 }
27176
ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27177 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27178 {
27179 return zend_fetch_property_address_read_helper_SPEC_CV_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27180 }
27181
ZEND_FETCH_OBJ_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27182 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27183 {
27184 zend_op *opline = EX(opline);
27185 zend_free_op free_op1, free_op2;
27186 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27187 zval **container;
27188
27189 if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
27190 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
27191 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
27192 }
27193
27194 if (0) {
27195 MAKE_REAL_ZVAL_PTR(property);
27196 }
27197 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27198 if (IS_CV == IS_VAR && !container) {
27199 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
27200 }
27201 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
27202 if (0) {
27203 zval_ptr_dtor(&property);
27204 } else {
27205 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27206 }
27207 if (IS_CV == IS_VAR && 0 &&
27208 READY_TO_DESTROY(free_op1.var)) {
27209 AI_USE_PTR(EX_T(opline->result.u.var).var);
27210 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27211 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27212 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27213 }
27214 }
27215
27216 /* We are going to assign the result by reference */
27217 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
27218 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
27219 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
27220 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
27221 }
27222
27223 ZEND_VM_NEXT_OPCODE();
27224 }
27225
ZEND_FETCH_OBJ_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27226 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27227 {
27228 zend_op *opline = EX(opline);
27229 zend_free_op free_op1, free_op2;
27230 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27231 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
27232
27233 if (0) {
27234 MAKE_REAL_ZVAL_PTR(property);
27235 }
27236 if (IS_CV == IS_VAR && !container) {
27237 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
27238 }
27239 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
27240 if (0) {
27241 zval_ptr_dtor(&property);
27242 } else {
27243 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27244 }
27245 if (IS_CV == IS_VAR && 0 &&
27246 READY_TO_DESTROY(free_op1.var)) {
27247 AI_USE_PTR(EX_T(opline->result.u.var).var);
27248 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27249 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27250 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27251 }
27252 }
27253
27254 ZEND_VM_NEXT_OPCODE();
27255 }
27256
ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27257 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27258 {
27259 return zend_fetch_property_address_read_helper_SPEC_CV_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27260 }
27261
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27262 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27263 {
27264 zend_op *opline = EX(opline);
27265
27266 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
27267 /* Behave like FETCH_OBJ_W */
27268 zend_free_op free_op1, free_op2;
27269 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27270 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27271
27272 if (0) {
27273 MAKE_REAL_ZVAL_PTR(property);
27274 }
27275 if (IS_CV == IS_VAR && !container) {
27276 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
27277 }
27278 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
27279 if (0) {
27280 zval_ptr_dtor(&property);
27281 } else {
27282 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27283 }
27284 if (IS_CV == IS_VAR && 0 &&
27285 READY_TO_DESTROY(free_op1.var)) {
27286 AI_USE_PTR(EX_T(opline->result.u.var).var);
27287 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27288 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27289 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27290 }
27291 }
27292
27293 ZEND_VM_NEXT_OPCODE();
27294 } else {
27295 return zend_fetch_property_address_read_helper_SPEC_CV_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27296 }
27297 }
27298
ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27299 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27300 {
27301 zend_op *opline = EX(opline);
27302 zend_free_op free_op1, free_op2, free_res;
27303 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
27304 zval *property = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27305
27306 if (IS_CV == IS_CV) {
27307 if (container != &EG(uninitialized_zval_ptr)) {
27308 SEPARATE_ZVAL_IF_NOT_REF(container);
27309 }
27310 }
27311 if (0) {
27312 MAKE_REAL_ZVAL_PTR(property);
27313 }
27314 if (IS_CV == IS_VAR && !container) {
27315 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
27316 }
27317 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
27318 if (0) {
27319 zval_ptr_dtor(&property);
27320 } else {
27321 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27322 }
27323 if (IS_CV == IS_VAR && 0 &&
27324 READY_TO_DESTROY(free_op1.var)) {
27325 AI_USE_PTR(EX_T(opline->result.u.var).var);
27326 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
27327 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
27328 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
27329 }
27330 }
27331
27332 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
27333 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
27334 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
27335 }
27336 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
27337 FREE_OP_VAR_PTR(free_res);
27338 ZEND_VM_NEXT_OPCODE();
27339 }
27340
ZEND_ASSIGN_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27341 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27342 {
27343 zend_op *opline = EX(opline);
27344 zend_op *op_data = opline+1;
27345 zend_free_op free_op2;
27346 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27347 zval *property_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27348
27349 if (0) {
27350 MAKE_REAL_ZVAL_PTR(property_name);
27351 }
27352 if (IS_CV == IS_VAR && !object_ptr) {
27353 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27354 }
27355 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
27356 if (0) {
27357 zval_ptr_dtor(&property_name);
27358 } else {
27359 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27360 }
27361
27362 /* assign_obj has two opcodes! */
27363 ZEND_VM_INC_OPCODE();
27364 ZEND_VM_NEXT_OPCODE();
27365 }
27366
ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27367 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27368 {
27369 zend_op *opline = EX(opline);
27370 zend_op *op_data = opline+1;
27371
27372 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27373
27374 if (IS_CV == IS_VAR && !object_ptr) {
27375 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
27376 }
27377 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
27378 zend_free_op free_op2;
27379 zval *property_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27380
27381 if (0) {
27382 MAKE_REAL_ZVAL_PTR(property_name);
27383 }
27384 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
27385 if (0) {
27386 zval_ptr_dtor(&property_name);
27387 } else {
27388 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27389 }
27390 } else {
27391 zend_free_op free_op2, free_op_data1, free_op_data2;
27392 zval *value;
27393 zval *dim = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27394 zval **variable_ptr_ptr;
27395
27396 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
27397 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27398
27399 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
27400 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
27401 if (!variable_ptr_ptr) {
27402 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
27403 if (!RETURN_VALUE_UNUSED(&opline->result)) {
27404 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
27405 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
27406 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
27407 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
27408 }
27409 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
27410 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
27411 PZVAL_LOCK(EG(uninitialized_zval_ptr));
27412 }
27413 } else {
27414 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
27415 if (!RETURN_VALUE_UNUSED(&opline->result)) {
27416 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
27417 PZVAL_LOCK(value);
27418 }
27419 }
27420 FREE_OP_VAR_PTR(free_op_data2);
27421 FREE_OP_IF_VAR(free_op_data1);
27422 }
27423
27424 /* assign_dim has two opcodes! */
27425 ZEND_VM_INC_OPCODE();
27426 ZEND_VM_NEXT_OPCODE();
27427 }
27428
ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27429 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27430 {
27431 zend_op *opline = EX(opline);
27432 zend_free_op free_op2;
27433 zval *value = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27434 zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27435
27436 if (IS_CV == IS_VAR && !variable_ptr_ptr) {
27437 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_VAR TSRMLS_CC)) {
27438 if (!RETURN_VALUE_UNUSED(&opline->result)) {
27439 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
27440 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
27441 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
27442 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
27443 }
27444 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
27445 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
27446 PZVAL_LOCK(EG(uninitialized_zval_ptr));
27447 }
27448 } else {
27449 value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC);
27450 if (!RETURN_VALUE_UNUSED(&opline->result)) {
27451 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
27452 PZVAL_LOCK(value);
27453 }
27454 }
27455
27456 /* zend_assign_to_variable() always takes care of op2, never free it! */
27457 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27458
27459 ZEND_VM_NEXT_OPCODE();
27460 }
27461
ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27462 static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27463 {
27464 zend_op *opline = EX(opline);
27465 zend_free_op free_op2;
27466 zval **variable_ptr_ptr;
27467 zval **value_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27468
27469 if (IS_VAR == IS_VAR &&
27470 value_ptr_ptr &&
27471 !Z_ISREF_PP(value_ptr_ptr) &&
27472 opline->extended_value == ZEND_RETURNS_FUNCTION &&
27473 !EX_T(opline->op2.u.var).var.fcall_returned_reference) {
27474 if (free_op2.var == NULL) {
27475 PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
27476 }
27477 zend_error(E_STRICT, "Only variables should be assigned by reference");
27478 if (UNEXPECTED(EG(exception) != NULL)) {
27479 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27480 ZEND_VM_NEXT_OPCODE();
27481 }
27482 return ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27483 } else if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
27484 PZVAL_LOCK(*value_ptr_ptr);
27485 }
27486 if (IS_CV == IS_VAR && EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
27487 zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object");
27488 }
27489
27490 variable_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27491 if ((IS_VAR == IS_VAR && !value_ptr_ptr) ||
27492 (IS_CV == IS_VAR && !variable_ptr_ptr)) {
27493 zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects");
27494 }
27495 zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC);
27496
27497 if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
27498 Z_DELREF_PP(variable_ptr_ptr);
27499 }
27500
27501 if (!RETURN_VALUE_UNUSED(&opline->result)) {
27502 AI_SET_PTR(EX_T(opline->result.u.var).var, *variable_ptr_ptr);
27503 PZVAL_LOCK(*variable_ptr_ptr);
27504 }
27505
27506 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27507
27508 ZEND_VM_NEXT_OPCODE();
27509 }
27510
ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27511 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27512 {
27513 zend_op *opline = EX(opline);
27514 zval *function_name;
27515 char *function_name_strval;
27516 int function_name_strlen;
27517 zend_free_op free_op2;
27518
27519 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
27520
27521 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27522
27523 if (Z_TYPE_P(function_name)!=IS_STRING) {
27524 zend_error_noreturn(E_ERROR, "Method name must be a string");
27525 }
27526
27527 function_name_strval = Z_STRVAL_P(function_name);
27528 function_name_strlen = Z_STRLEN_P(function_name);
27529
27530 EX(object) = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
27531
27532 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
27533 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
27534 zend_error_noreturn(E_ERROR, "Object does not support method calls");
27535 }
27536
27537 /* First, locate the function. */
27538 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
27539 if (!EX(fbc)) {
27540 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
27541 }
27542
27543 EX(called_scope) = Z_OBJCE_P(EX(object));
27544 } else {
27545 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
27546 }
27547
27548 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
27549 EX(object) = NULL;
27550 } else {
27551 if (!PZVAL_IS_REF(EX(object))) {
27552 Z_ADDREF_P(EX(object)); /* For $this pointer */
27553 } else {
27554 zval *this_ptr;
27555 ALLOC_ZVAL(this_ptr);
27556 INIT_PZVAL_COPY(this_ptr, EX(object));
27557 zval_copy_ctor(this_ptr);
27558 EX(object) = this_ptr;
27559 }
27560 }
27561
27562 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27563
27564 ZEND_VM_NEXT_OPCODE();
27565 }
27566
ZEND_CASE_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27567 static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27568 {
27569 zend_op *opline = EX(opline);
27570 int switch_expr_is_overloaded=0;
27571 zend_free_op free_op2;
27572
27573 if (IS_CV==IS_VAR) {
27574 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
27575 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
27576 } else {
27577 switch_expr_is_overloaded = 1;
27578 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
27579 }
27580 }
27581 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
27582 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
27583 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
27584
27585 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27586 if (switch_expr_is_overloaded) {
27587 /* We only free op1 if this is a string offset,
27588 * Since if it is a TMP_VAR, it'll be reused by
27589 * other CASE opcodes (whereas string offsets
27590 * are allocated at each get_zval_ptr())
27591 */
27592
27593 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
27594 EX_T(opline->op1.u.var).var.ptr = NULL;
27595 }
27596 ZEND_VM_NEXT_OPCODE();
27597 }
27598
ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27599 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27600 {
27601 zend_op *opline = EX(opline);
27602 zend_free_op free_op2;
27603 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
27604 zval *expr_ptr;
27605 zval *offset=_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27606
27607 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
27608 zval **expr_ptr_ptr = NULL;
27609
27610 if (opline->extended_value) {
27611 expr_ptr_ptr=_get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27612 expr_ptr = *expr_ptr_ptr;
27613 } else {
27614 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
27615 }
27616 #else
27617 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
27618 #endif
27619
27620 if (0) { /* temporary variable */
27621 zval *new_expr;
27622
27623 ALLOC_ZVAL(new_expr);
27624 INIT_PZVAL_COPY(new_expr, expr_ptr);
27625 expr_ptr = new_expr;
27626 } else {
27627 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
27628 if (opline->extended_value) {
27629 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
27630 expr_ptr = *expr_ptr_ptr;
27631 Z_ADDREF_P(expr_ptr);
27632 } else
27633 #endif
27634 if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
27635 zval *new_expr;
27636
27637 ALLOC_ZVAL(new_expr);
27638 INIT_PZVAL_COPY(new_expr, expr_ptr);
27639 expr_ptr = new_expr;
27640 zendi_zval_copy_ctor(*expr_ptr);
27641 } else {
27642 Z_ADDREF_P(expr_ptr);
27643 }
27644 }
27645 if (offset) {
27646 switch (Z_TYPE_P(offset)) {
27647 case IS_DOUBLE:
27648 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
27649 break;
27650 case IS_LONG:
27651 case IS_BOOL:
27652 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
27653 break;
27654 case IS_STRING:
27655 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
27656 break;
27657 case IS_NULL:
27658 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
27659 break;
27660 default:
27661 zend_error(E_WARNING, "Illegal offset type");
27662 zval_ptr_dtor(&expr_ptr);
27663 /* do nothing */
27664 break;
27665 }
27666 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27667 } else {
27668 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
27669 }
27670 if (opline->extended_value) {
27671
27672 } else {
27673
27674 }
27675 ZEND_VM_NEXT_OPCODE();
27676 }
27677
ZEND_INIT_ARRAY_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27678 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27679 {
27680 zend_op *opline = EX(opline);
27681
27682 array_init(&EX_T(opline->result.u.var).tmp_var);
27683 if (IS_CV == IS_UNUSED) {
27684 ZEND_VM_NEXT_OPCODE();
27685 #if 0 || IS_CV != IS_UNUSED
27686 } else {
27687 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27688 #endif
27689 }
27690 }
27691
ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27692 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27693 {
27694 zend_op *opline = EX(opline);
27695 zend_free_op free_op2;
27696 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
27697 zval *offset;
27698
27699 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
27700 SEPARATE_ZVAL_IF_NOT_REF(container);
27701 }
27702 offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27703
27704 if (IS_CV != IS_VAR || container) {
27705 switch (Z_TYPE_PP(container)) {
27706 case IS_ARRAY: {
27707 HashTable *ht = Z_ARRVAL_PP(container);
27708
27709 switch (Z_TYPE_P(offset)) {
27710 case IS_DOUBLE:
27711 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
27712 break;
27713 case IS_RESOURCE:
27714 case IS_BOOL:
27715 case IS_LONG:
27716 zend_hash_index_del(ht, Z_LVAL_P(offset));
27717 break;
27718 case IS_STRING:
27719 if (IS_VAR == IS_CV || IS_VAR == IS_VAR) {
27720 Z_ADDREF_P(offset);
27721 }
27722 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
27723 ht == &EG(symbol_table)) {
27724 zend_execute_data *ex;
27725 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
27726
27727 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
27728 if (ex->op_array && ex->symbol_table == ht) {
27729 int i;
27730
27731 for (i = 0; i < ex->op_array->last_var; i++) {
27732 if (ex->op_array->vars[i].hash_value == hash_value &&
27733 ex->op_array->vars[i].name_len == offset->value.str.len &&
27734 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
27735 ex->CVs[i] = NULL;
27736 break;
27737 }
27738 }
27739 }
27740 }
27741 }
27742 if (IS_VAR == IS_CV || IS_VAR == IS_VAR) {
27743 zval_ptr_dtor(&offset);
27744 }
27745 break;
27746 case IS_NULL:
27747 zend_hash_del(ht, "", sizeof(""));
27748 break;
27749 default:
27750 zend_error(E_WARNING, "Illegal offset type in unset");
27751 break;
27752 }
27753 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27754 break;
27755 }
27756 case IS_OBJECT:
27757 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
27758 zend_error_noreturn(E_ERROR, "Cannot use object as array");
27759 }
27760 if (0) {
27761 MAKE_REAL_ZVAL_PTR(offset);
27762 }
27763 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
27764 if (0) {
27765 zval_ptr_dtor(&offset);
27766 } else {
27767 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27768 }
27769 break;
27770 case IS_STRING:
27771 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
27772 ZEND_VM_CONTINUE(); /* bailed out before */
27773 default:
27774 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27775 break;
27776 }
27777 } else {
27778 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27779 }
27780
27781 ZEND_VM_NEXT_OPCODE();
27782 }
27783
ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27784 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27785 {
27786 zend_op *opline = EX(opline);
27787 zend_free_op free_op2;
27788 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
27789 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27790
27791 if (IS_CV != IS_VAR || container) {
27792 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
27793 SEPARATE_ZVAL_IF_NOT_REF(container);
27794 }
27795 if (Z_TYPE_PP(container) == IS_OBJECT) {
27796 if (0) {
27797 MAKE_REAL_ZVAL_PTR(offset);
27798 }
27799 if (Z_OBJ_HT_P(*container)->unset_property) {
27800 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
27801 } else {
27802 zend_error(E_NOTICE, "Trying to unset property of non-object");
27803 }
27804 if (0) {
27805 zval_ptr_dtor(&offset);
27806 } else {
27807 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27808 }
27809 } else {
27810 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27811 }
27812 } else {
27813 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27814 }
27815
27816 ZEND_VM_NEXT_OPCODE();
27817 }
27818
zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)27819 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
27820 {
27821 zend_op *opline = EX(opline);
27822
27823 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
27824 zval **value = NULL;
27825 int result = 0;
27826
27827 if (IS_CV != IS_VAR || container) {
27828 zend_free_op free_op2;
27829 zval *offset = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
27830
27831 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
27832 HashTable *ht;
27833 int isset = 0;
27834
27835 ht = Z_ARRVAL_PP(container);
27836
27837 switch (Z_TYPE_P(offset)) {
27838 case IS_DOUBLE:
27839 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
27840 isset = 1;
27841 }
27842 break;
27843 case IS_RESOURCE:
27844 case IS_BOOL:
27845 case IS_LONG:
27846 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
27847 isset = 1;
27848 }
27849 break;
27850 case IS_STRING:
27851 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
27852 isset = 1;
27853 }
27854 break;
27855 case IS_NULL:
27856 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
27857 isset = 1;
27858 }
27859 break;
27860 default:
27861 zend_error(E_WARNING, "Illegal offset type in isset or empty");
27862
27863 break;
27864 }
27865
27866 switch (opline->extended_value) {
27867 case ZEND_ISSET:
27868 if (isset && Z_TYPE_PP(value) == IS_NULL) {
27869 result = 0;
27870 } else {
27871 result = isset;
27872 }
27873 break;
27874 case ZEND_ISEMPTY:
27875 if (!isset || !i_zend_is_true(*value)) {
27876 result = 0;
27877 } else {
27878 result = 1;
27879 }
27880 break;
27881 }
27882 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27883 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
27884 if (0) {
27885 MAKE_REAL_ZVAL_PTR(offset);
27886 }
27887 if (prop_dim) {
27888 if (Z_OBJ_HT_P(*container)->has_property) {
27889 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
27890 } else {
27891 zend_error(E_NOTICE, "Trying to check property of non-object");
27892 result = 0;
27893 }
27894 } else {
27895 if (Z_OBJ_HT_P(*container)->has_dimension) {
27896 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
27897 } else {
27898 zend_error(E_NOTICE, "Trying to check element of non-array");
27899 result = 0;
27900 }
27901 }
27902 if (0) {
27903 zval_ptr_dtor(&offset);
27904 } else {
27905 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27906 }
27907 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
27908 zval tmp;
27909
27910 if (Z_TYPE_P(offset) != IS_LONG) {
27911 tmp = *offset;
27912 zval_copy_ctor(&tmp);
27913 convert_to_long(&tmp);
27914 offset = &tmp;
27915 }
27916 if (Z_TYPE_P(offset) == IS_LONG) {
27917 switch (opline->extended_value) {
27918 case ZEND_ISSET:
27919 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
27920 result = 1;
27921 }
27922 break;
27923 case ZEND_ISEMPTY:
27924 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
27925 result = 1;
27926 }
27927 break;
27928 }
27929 }
27930 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27931 } else {
27932 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
27933 }
27934 }
27935
27936 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
27937
27938 switch (opline->extended_value) {
27939 case ZEND_ISSET:
27940 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
27941 break;
27942 case ZEND_ISEMPTY:
27943 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
27944 break;
27945 }
27946
27947 ZEND_VM_NEXT_OPCODE();
27948 }
27949
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27950 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27951 {
27952 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27953 }
27954
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)27955 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
27956 {
27957 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
27958 }
27959
zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)27960 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
27961 {
27962 zend_op *opline = EX(opline);
27963 zend_op *op_data = opline+1;
27964 zend_free_op free_op_data1;
27965 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
27966 zval *object;
27967 zval *property = NULL;
27968 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
27969 znode *result = &opline->result;
27970 int have_get_ptr = 0;
27971
27972 if (IS_CV == IS_VAR && !object_ptr) {
27973 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
27974 }
27975
27976 EX_T(result->u.var).var.ptr_ptr = NULL;
27977 make_real_object(object_ptr TSRMLS_CC);
27978 object = *object_ptr;
27979
27980 if (Z_TYPE_P(object) != IS_OBJECT) {
27981 zend_error(E_WARNING, "Attempt to assign property of non-object");
27982
27983 FREE_OP(free_op_data1);
27984
27985 if (!RETURN_VALUE_UNUSED(result)) {
27986 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
27987 EX_T(result->u.var).var.ptr_ptr = NULL;
27988 PZVAL_LOCK(EG(uninitialized_zval_ptr));
27989 }
27990 } else {
27991 /* here we are sure we are dealing with an object */
27992 if (0) {
27993 MAKE_REAL_ZVAL_PTR(property);
27994 }
27995
27996 /* here property is a string */
27997 if (opline->extended_value == ZEND_ASSIGN_OBJ
27998 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
27999 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
28000 if (zptr != NULL) { /* NULL means no success in getting PTR */
28001 SEPARATE_ZVAL_IF_NOT_REF(zptr);
28002
28003 have_get_ptr = 1;
28004 binary_op(*zptr, *zptr, value TSRMLS_CC);
28005 if (!RETURN_VALUE_UNUSED(result)) {
28006 EX_T(result->u.var).var.ptr = *zptr;
28007 EX_T(result->u.var).var.ptr_ptr = NULL;
28008 PZVAL_LOCK(*zptr);
28009 }
28010 }
28011 }
28012
28013 if (!have_get_ptr) {
28014 zval *z = NULL;
28015
28016 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
28017 if (Z_OBJ_HT_P(object)->read_property) {
28018 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
28019 }
28020 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
28021 if (Z_OBJ_HT_P(object)->read_dimension) {
28022 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
28023 }
28024 }
28025 if (z) {
28026 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
28027 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
28028
28029 if (Z_REFCOUNT_P(z) == 0) {
28030 GC_REMOVE_ZVAL_FROM_BUFFER(z);
28031 zval_dtor(z);
28032 FREE_ZVAL(z);
28033 }
28034 z = value;
28035 }
28036 Z_ADDREF_P(z);
28037 SEPARATE_ZVAL_IF_NOT_REF(&z);
28038 binary_op(z, z, value TSRMLS_CC);
28039 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
28040 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
28041 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
28042 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
28043 }
28044 if (!RETURN_VALUE_UNUSED(result)) {
28045 EX_T(result->u.var).var.ptr = z;
28046 EX_T(result->u.var).var.ptr_ptr = NULL;
28047 PZVAL_LOCK(z);
28048 }
28049 zval_ptr_dtor(&z);
28050 } else {
28051 zend_error(E_WARNING, "Attempt to assign property of non-object");
28052 if (!RETURN_VALUE_UNUSED(result)) {
28053 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
28054 EX_T(result->u.var).var.ptr_ptr = NULL;
28055 PZVAL_LOCK(EG(uninitialized_zval_ptr));
28056 }
28057 }
28058 }
28059
28060 if (0) {
28061 zval_ptr_dtor(&property);
28062 } else {
28063
28064 }
28065 FREE_OP(free_op_data1);
28066 }
28067
28068 /* assign_obj has two opcodes! */
28069 ZEND_VM_INC_OPCODE();
28070 ZEND_VM_NEXT_OPCODE();
28071 }
28072
zend_binary_assign_op_helper_SPEC_CV_UNUSED(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)28073 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
28074 {
28075 zend_op *opline = EX(opline);
28076 zend_free_op free_op_data2, free_op_data1;
28077 zval **var_ptr;
28078 zval *value;
28079
28080 switch (opline->extended_value) {
28081 case ZEND_ASSIGN_OBJ:
28082 return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28083 break;
28084 case ZEND_ASSIGN_DIM: {
28085 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
28086
28087 if (IS_CV == IS_VAR && !container) {
28088 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28089 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
28090 if (IS_CV == IS_VAR && !0) {
28091 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
28092 }
28093 return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28094 } else {
28095 zend_op *op_data = opline+1;
28096 zval *dim = NULL;
28097
28098 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
28099 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
28100 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
28101 ZEND_VM_INC_OPCODE();
28102 }
28103 }
28104 break;
28105 default:
28106 value = NULL;
28107 var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
28108 /* do nothing */
28109 break;
28110 }
28111
28112 if (!var_ptr) {
28113 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
28114 }
28115
28116 if (*var_ptr == EG(error_zval_ptr)) {
28117 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28118 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
28119 PZVAL_LOCK(EG(uninitialized_zval_ptr));
28120 }
28121
28122
28123 ZEND_VM_NEXT_OPCODE();
28124 }
28125
28126 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
28127
28128 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
28129 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
28130 /* proxy object */
28131 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
28132 Z_ADDREF_P(objval);
28133 binary_op(objval, objval, value TSRMLS_CC);
28134 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
28135 zval_ptr_dtor(&objval);
28136 } else {
28137 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
28138 }
28139
28140 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28141 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
28142 PZVAL_LOCK(*var_ptr);
28143 }
28144
28145 if (opline->extended_value == ZEND_ASSIGN_DIM) {
28146 FREE_OP(free_op_data1);
28147 FREE_OP_VAR_PTR(free_op_data2);
28148 }
28149
28150 ZEND_VM_NEXT_OPCODE();
28151 }
28152
ZEND_ASSIGN_ADD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28153 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28154 {
28155 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28156 }
28157
ZEND_ASSIGN_SUB_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28158 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28159 {
28160 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28161 }
28162
ZEND_ASSIGN_MUL_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28163 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28164 {
28165 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28166 }
28167
ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28168 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28169 {
28170 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28171 }
28172
ZEND_ASSIGN_MOD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28173 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28174 {
28175 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28176 }
28177
ZEND_ASSIGN_SL_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28178 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28179 {
28180 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28181 }
28182
ZEND_ASSIGN_SR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28183 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28184 {
28185 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28186 }
28187
ZEND_ASSIGN_CONCAT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28188 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28189 {
28190 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28191 }
28192
ZEND_ASSIGN_BW_OR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28193 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28194 {
28195 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28196 }
28197
ZEND_ASSIGN_BW_AND_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28198 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28199 {
28200 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28201 }
28202
ZEND_ASSIGN_BW_XOR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28203 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28204 {
28205 return zend_binary_assign_op_helper_SPEC_CV_UNUSED(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28206 }
28207
ZEND_FETCH_DIM_W_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28208 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28209 {
28210 zend_op *opline = EX(opline);
28211 zend_free_op free_op1;
28212 zval *dim = NULL;
28213 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
28214
28215 if (IS_CV == IS_VAR && !container) {
28216 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28217 }
28218 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
28219
28220 if (IS_CV == IS_VAR && 0 &&
28221 READY_TO_DESTROY(free_op1.var)) {
28222 AI_USE_PTR(EX_T(opline->result.u.var).var);
28223 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
28224 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
28225 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
28226 }
28227 }
28228
28229 /* We are going to assign the result by reference */
28230 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
28231 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
28232 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
28233 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
28234 }
28235
28236 ZEND_VM_NEXT_OPCODE();
28237 }
28238
ZEND_FETCH_DIM_RW_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28239 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28240 {
28241 zend_op *opline = EX(opline);
28242 zend_free_op free_op1;
28243 zval *dim = NULL;
28244 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
28245
28246 if (IS_CV == IS_VAR && !container) {
28247 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28248 }
28249 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
28250
28251 if (IS_CV == IS_VAR && 0 &&
28252 READY_TO_DESTROY(free_op1.var)) {
28253 AI_USE_PTR(EX_T(opline->result.u.var).var);
28254 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
28255 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
28256 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
28257 }
28258 }
28259
28260 ZEND_VM_NEXT_OPCODE();
28261 }
28262
ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28263 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28264 {
28265 zend_op *opline = EX(opline);
28266 zend_free_op free_op1;
28267 zval *dim = NULL;
28268 zval **container;
28269
28270 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
28271 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
28272 if (IS_CV == IS_VAR && !container) {
28273 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28274 }
28275 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
28276 if (IS_CV == IS_VAR && 0 &&
28277 READY_TO_DESTROY(free_op1.var)) {
28278 AI_USE_PTR(EX_T(opline->result.u.var).var);
28279 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
28280 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
28281 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
28282 }
28283 }
28284 } else {
28285 if (IS_UNUSED == IS_UNUSED) {
28286 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
28287 }
28288 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
28289 if (IS_CV == IS_VAR && !container) {
28290 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28291 }
28292 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
28293 }
28294
28295
28296 ZEND_VM_NEXT_OPCODE();
28297 }
28298
ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28299 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28300 {
28301 zend_op *opline = EX(opline);
28302 zend_op *op_data = opline+1;
28303
28304 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
28305
28306 if (IS_CV == IS_VAR && !object_ptr) {
28307 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28308 }
28309 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
28310
28311 zval *property_name = NULL;
28312
28313 if (0) {
28314 MAKE_REAL_ZVAL_PTR(property_name);
28315 }
28316 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
28317 if (0) {
28318 zval_ptr_dtor(&property_name);
28319 } else {
28320
28321 }
28322 } else {
28323 zend_free_op free_op_data1, free_op_data2;
28324 zval *value;
28325 zval *dim = NULL;
28326 zval **variable_ptr_ptr;
28327
28328 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
28329
28330 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
28331 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
28332 if (!variable_ptr_ptr) {
28333 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
28334 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28335 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
28336 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
28337 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
28338 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
28339 }
28340 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
28341 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
28342 PZVAL_LOCK(EG(uninitialized_zval_ptr));
28343 }
28344 } else {
28345 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
28346 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28347 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
28348 PZVAL_LOCK(value);
28349 }
28350 }
28351 FREE_OP_VAR_PTR(free_op_data2);
28352 FREE_OP_IF_VAR(free_op_data1);
28353 }
28354
28355 /* assign_dim has two opcodes! */
28356 ZEND_VM_INC_OPCODE();
28357 ZEND_VM_NEXT_OPCODE();
28358 }
28359
ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28360 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28361 {
28362 zend_op *opline = EX(opline);
28363
28364 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
28365 zval *expr_ptr;
28366 zval *offset=NULL;
28367
28368 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
28369 zval **expr_ptr_ptr = NULL;
28370
28371 if (opline->extended_value) {
28372 expr_ptr_ptr=_get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
28373 expr_ptr = *expr_ptr_ptr;
28374 } else {
28375 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
28376 }
28377 #else
28378 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
28379 #endif
28380
28381 if (0) { /* temporary variable */
28382 zval *new_expr;
28383
28384 ALLOC_ZVAL(new_expr);
28385 INIT_PZVAL_COPY(new_expr, expr_ptr);
28386 expr_ptr = new_expr;
28387 } else {
28388 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
28389 if (opline->extended_value) {
28390 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
28391 expr_ptr = *expr_ptr_ptr;
28392 Z_ADDREF_P(expr_ptr);
28393 } else
28394 #endif
28395 if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
28396 zval *new_expr;
28397
28398 ALLOC_ZVAL(new_expr);
28399 INIT_PZVAL_COPY(new_expr, expr_ptr);
28400 expr_ptr = new_expr;
28401 zendi_zval_copy_ctor(*expr_ptr);
28402 } else {
28403 Z_ADDREF_P(expr_ptr);
28404 }
28405 }
28406 if (offset) {
28407 switch (Z_TYPE_P(offset)) {
28408 case IS_DOUBLE:
28409 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
28410 break;
28411 case IS_LONG:
28412 case IS_BOOL:
28413 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
28414 break;
28415 case IS_STRING:
28416 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
28417 break;
28418 case IS_NULL:
28419 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
28420 break;
28421 default:
28422 zend_error(E_WARNING, "Illegal offset type");
28423 zval_ptr_dtor(&expr_ptr);
28424 /* do nothing */
28425 break;
28426 }
28427
28428 } else {
28429 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
28430 }
28431 if (opline->extended_value) {
28432
28433 } else {
28434
28435 }
28436 ZEND_VM_NEXT_OPCODE();
28437 }
28438
ZEND_INIT_ARRAY_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28439 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28440 {
28441 zend_op *opline = EX(opline);
28442
28443 array_init(&EX_T(opline->result.u.var).tmp_var);
28444 if (IS_CV == IS_UNUSED) {
28445 ZEND_VM_NEXT_OPCODE();
28446 #if 0 || IS_CV != IS_UNUSED
28447 } else {
28448 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28449 #endif
28450 }
28451 }
28452
ZEND_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28453 static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28454 {
28455 zend_op *opline = EX(opline);
28456
28457
28458 add_function(&EX_T(opline->result.u.var).tmp_var,
28459 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28460 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28461
28462
28463 ZEND_VM_NEXT_OPCODE();
28464 }
28465
ZEND_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28466 static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28467 {
28468 zend_op *opline = EX(opline);
28469
28470
28471 sub_function(&EX_T(opline->result.u.var).tmp_var,
28472 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28473 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28474
28475
28476 ZEND_VM_NEXT_OPCODE();
28477 }
28478
ZEND_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28479 static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28480 {
28481 zend_op *opline = EX(opline);
28482
28483
28484 mul_function(&EX_T(opline->result.u.var).tmp_var,
28485 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28486 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28487
28488
28489 ZEND_VM_NEXT_OPCODE();
28490 }
28491
ZEND_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28492 static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28493 {
28494 zend_op *opline = EX(opline);
28495
28496
28497 div_function(&EX_T(opline->result.u.var).tmp_var,
28498 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28499 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28500
28501
28502 ZEND_VM_NEXT_OPCODE();
28503 }
28504
ZEND_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28505 static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28506 {
28507 zend_op *opline = EX(opline);
28508
28509
28510 mod_function(&EX_T(opline->result.u.var).tmp_var,
28511 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28512 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28513
28514
28515 ZEND_VM_NEXT_OPCODE();
28516 }
28517
ZEND_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28518 static int ZEND_FASTCALL ZEND_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28519 {
28520 zend_op *opline = EX(opline);
28521
28522
28523 shift_left_function(&EX_T(opline->result.u.var).tmp_var,
28524 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28525 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28526
28527
28528 ZEND_VM_NEXT_OPCODE();
28529 }
28530
ZEND_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28531 static int ZEND_FASTCALL ZEND_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28532 {
28533 zend_op *opline = EX(opline);
28534
28535
28536 shift_right_function(&EX_T(opline->result.u.var).tmp_var,
28537 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28538 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28539
28540
28541 ZEND_VM_NEXT_OPCODE();
28542 }
28543
ZEND_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28544 static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28545 {
28546 zend_op *opline = EX(opline);
28547
28548
28549 concat_function(&EX_T(opline->result.u.var).tmp_var,
28550 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28551 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28552
28553
28554 ZEND_VM_NEXT_OPCODE();
28555 }
28556
ZEND_IS_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28557 static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28558 {
28559 zend_op *opline = EX(opline);
28560
28561
28562 is_identical_function(&EX_T(opline->result.u.var).tmp_var,
28563 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28564 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28565
28566
28567 ZEND_VM_NEXT_OPCODE();
28568 }
28569
ZEND_IS_NOT_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28570 static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28571 {
28572 zend_op *opline = EX(opline);
28573
28574 zval *result = &EX_T(opline->result.u.var).tmp_var;
28575
28576 is_identical_function(result,
28577 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28578 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28579 Z_LVAL_P(result) = !Z_LVAL_P(result);
28580
28581
28582 ZEND_VM_NEXT_OPCODE();
28583 }
28584
ZEND_IS_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28585 static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28586 {
28587 zend_op *opline = EX(opline);
28588
28589 zval *result = &EX_T(opline->result.u.var).tmp_var;
28590
28591 compare_function(result,
28592 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28593 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28594 ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
28595
28596
28597 ZEND_VM_NEXT_OPCODE();
28598 }
28599
ZEND_IS_NOT_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28600 static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28601 {
28602 zend_op *opline = EX(opline);
28603
28604 zval *result = &EX_T(opline->result.u.var).tmp_var;
28605
28606 compare_function(result,
28607 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28608 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28609 ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
28610
28611
28612 ZEND_VM_NEXT_OPCODE();
28613 }
28614
ZEND_IS_SMALLER_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28615 static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28616 {
28617 zend_op *opline = EX(opline);
28618
28619 zval *result = &EX_T(opline->result.u.var).tmp_var;
28620
28621 compare_function(result,
28622 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28623 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28624 ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
28625
28626
28627 ZEND_VM_NEXT_OPCODE();
28628 }
28629
ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28630 static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28631 {
28632 zend_op *opline = EX(opline);
28633
28634 zval *result = &EX_T(opline->result.u.var).tmp_var;
28635
28636 compare_function(result,
28637 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28638 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28639 ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
28640
28641
28642 ZEND_VM_NEXT_OPCODE();
28643 }
28644
ZEND_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28645 static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28646 {
28647 zend_op *opline = EX(opline);
28648
28649
28650 bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
28651 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28652 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28653
28654
28655 ZEND_VM_NEXT_OPCODE();
28656 }
28657
ZEND_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28658 static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28659 {
28660 zend_op *opline = EX(opline);
28661
28662
28663 bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
28664 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28665 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28666
28667
28668 ZEND_VM_NEXT_OPCODE();
28669 }
28670
ZEND_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28671 static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28672 {
28673 zend_op *opline = EX(opline);
28674
28675
28676 bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
28677 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28678 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28679
28680
28681 ZEND_VM_NEXT_OPCODE();
28682 }
28683
ZEND_BOOL_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28684 static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28685 {
28686 zend_op *opline = EX(opline);
28687
28688
28689 boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
28690 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
28691 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
28692
28693
28694 ZEND_VM_NEXT_OPCODE();
28695 }
28696
zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)28697 static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
28698 {
28699 zend_op *opline = EX(opline);
28700 zend_op *op_data = opline+1;
28701 zend_free_op free_op_data1;
28702 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
28703 zval *object;
28704 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
28705 zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
28706 znode *result = &opline->result;
28707 int have_get_ptr = 0;
28708
28709 if (IS_CV == IS_VAR && !object_ptr) {
28710 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
28711 }
28712
28713 EX_T(result->u.var).var.ptr_ptr = NULL;
28714 make_real_object(object_ptr TSRMLS_CC);
28715 object = *object_ptr;
28716
28717 if (Z_TYPE_P(object) != IS_OBJECT) {
28718 zend_error(E_WARNING, "Attempt to assign property of non-object");
28719
28720 FREE_OP(free_op_data1);
28721
28722 if (!RETURN_VALUE_UNUSED(result)) {
28723 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
28724 EX_T(result->u.var).var.ptr_ptr = NULL;
28725 PZVAL_LOCK(EG(uninitialized_zval_ptr));
28726 }
28727 } else {
28728 /* here we are sure we are dealing with an object */
28729 if (0) {
28730 MAKE_REAL_ZVAL_PTR(property);
28731 }
28732
28733 /* here property is a string */
28734 if (opline->extended_value == ZEND_ASSIGN_OBJ
28735 && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
28736 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
28737 if (zptr != NULL) { /* NULL means no success in getting PTR */
28738 SEPARATE_ZVAL_IF_NOT_REF(zptr);
28739
28740 have_get_ptr = 1;
28741 binary_op(*zptr, *zptr, value TSRMLS_CC);
28742 if (!RETURN_VALUE_UNUSED(result)) {
28743 EX_T(result->u.var).var.ptr = *zptr;
28744 EX_T(result->u.var).var.ptr_ptr = NULL;
28745 PZVAL_LOCK(*zptr);
28746 }
28747 }
28748 }
28749
28750 if (!have_get_ptr) {
28751 zval *z = NULL;
28752
28753 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
28754 if (Z_OBJ_HT_P(object)->read_property) {
28755 z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
28756 }
28757 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
28758 if (Z_OBJ_HT_P(object)->read_dimension) {
28759 z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R TSRMLS_CC);
28760 }
28761 }
28762 if (z) {
28763 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
28764 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
28765
28766 if (Z_REFCOUNT_P(z) == 0) {
28767 GC_REMOVE_ZVAL_FROM_BUFFER(z);
28768 zval_dtor(z);
28769 FREE_ZVAL(z);
28770 }
28771 z = value;
28772 }
28773 Z_ADDREF_P(z);
28774 SEPARATE_ZVAL_IF_NOT_REF(&z);
28775 binary_op(z, z, value TSRMLS_CC);
28776 if (opline->extended_value == ZEND_ASSIGN_OBJ) {
28777 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
28778 } else /* if (opline->extended_value == ZEND_ASSIGN_DIM) */ {
28779 Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC);
28780 }
28781 if (!RETURN_VALUE_UNUSED(result)) {
28782 EX_T(result->u.var).var.ptr = z;
28783 EX_T(result->u.var).var.ptr_ptr = NULL;
28784 PZVAL_LOCK(z);
28785 }
28786 zval_ptr_dtor(&z);
28787 } else {
28788 zend_error(E_WARNING, "Attempt to assign property of non-object");
28789 if (!RETURN_VALUE_UNUSED(result)) {
28790 EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
28791 EX_T(result->u.var).var.ptr_ptr = NULL;
28792 PZVAL_LOCK(EG(uninitialized_zval_ptr));
28793 }
28794 }
28795 }
28796
28797 if (0) {
28798 zval_ptr_dtor(&property);
28799 } else {
28800
28801 }
28802 FREE_OP(free_op_data1);
28803 }
28804
28805 /* assign_obj has two opcodes! */
28806 ZEND_VM_INC_OPCODE();
28807 ZEND_VM_NEXT_OPCODE();
28808 }
28809
zend_binary_assign_op_helper_SPEC_CV_CV(int (* binary_op)(zval * result,zval * op1,zval * op2 TSRMLS_DC),ZEND_OPCODE_HANDLER_ARGS)28810 static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
28811 {
28812 zend_op *opline = EX(opline);
28813 zend_free_op free_op_data2, free_op_data1;
28814 zval **var_ptr;
28815 zval *value;
28816
28817 switch (opline->extended_value) {
28818 case ZEND_ASSIGN_OBJ:
28819 return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28820 break;
28821 case ZEND_ASSIGN_DIM: {
28822 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
28823
28824 if (IS_CV == IS_VAR && !container) {
28825 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
28826 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
28827 if (IS_CV == IS_VAR && !0) {
28828 Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */
28829 }
28830 return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28831 } else {
28832 zend_op *op_data = opline+1;
28833 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
28834
28835 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
28836 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
28837 var_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
28838 ZEND_VM_INC_OPCODE();
28839 }
28840 }
28841 break;
28842 default:
28843 value = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
28844 var_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
28845 /* do nothing */
28846 break;
28847 }
28848
28849 if (!var_ptr) {
28850 zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets");
28851 }
28852
28853 if (*var_ptr == EG(error_zval_ptr)) {
28854 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28855 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
28856 PZVAL_LOCK(EG(uninitialized_zval_ptr));
28857 }
28858
28859
28860 ZEND_VM_NEXT_OPCODE();
28861 }
28862
28863 SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
28864
28865 if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
28866 && Z_OBJ_HANDLER_PP(var_ptr, set)) {
28867 /* proxy object */
28868 zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
28869 Z_ADDREF_P(objval);
28870 binary_op(objval, objval, value TSRMLS_CC);
28871 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC);
28872 zval_ptr_dtor(&objval);
28873 } else {
28874 binary_op(*var_ptr, *var_ptr, value TSRMLS_CC);
28875 }
28876
28877 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28878 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
28879 PZVAL_LOCK(*var_ptr);
28880 }
28881
28882 if (opline->extended_value == ZEND_ASSIGN_DIM) {
28883 FREE_OP(free_op_data1);
28884 FREE_OP_VAR_PTR(free_op_data2);
28885 }
28886
28887 ZEND_VM_NEXT_OPCODE();
28888 }
28889
ZEND_ASSIGN_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28890 static int ZEND_FASTCALL ZEND_ASSIGN_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28891 {
28892 return zend_binary_assign_op_helper_SPEC_CV_CV(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28893 }
28894
ZEND_ASSIGN_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28895 static int ZEND_FASTCALL ZEND_ASSIGN_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28896 {
28897 return zend_binary_assign_op_helper_SPEC_CV_CV(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28898 }
28899
ZEND_ASSIGN_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28900 static int ZEND_FASTCALL ZEND_ASSIGN_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28901 {
28902 return zend_binary_assign_op_helper_SPEC_CV_CV(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28903 }
28904
ZEND_ASSIGN_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28905 static int ZEND_FASTCALL ZEND_ASSIGN_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28906 {
28907 return zend_binary_assign_op_helper_SPEC_CV_CV(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28908 }
28909
ZEND_ASSIGN_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28910 static int ZEND_FASTCALL ZEND_ASSIGN_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28911 {
28912 return zend_binary_assign_op_helper_SPEC_CV_CV(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28913 }
28914
ZEND_ASSIGN_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28915 static int ZEND_FASTCALL ZEND_ASSIGN_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28916 {
28917 return zend_binary_assign_op_helper_SPEC_CV_CV(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28918 }
28919
ZEND_ASSIGN_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28920 static int ZEND_FASTCALL ZEND_ASSIGN_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28921 {
28922 return zend_binary_assign_op_helper_SPEC_CV_CV(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28923 }
28924
ZEND_ASSIGN_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28925 static int ZEND_FASTCALL ZEND_ASSIGN_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28926 {
28927 return zend_binary_assign_op_helper_SPEC_CV_CV(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28928 }
28929
ZEND_ASSIGN_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28930 static int ZEND_FASTCALL ZEND_ASSIGN_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28931 {
28932 return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28933 }
28934
ZEND_ASSIGN_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28935 static int ZEND_FASTCALL ZEND_ASSIGN_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28936 {
28937 return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28938 }
28939
ZEND_ASSIGN_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)28940 static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
28941 {
28942 return zend_binary_assign_op_helper_SPEC_CV_CV(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
28943 }
28944
zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)28945 static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
28946 {
28947 zend_op *opline = EX(opline);
28948
28949 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
28950 zval *object;
28951 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
28952 zval **retval = &EX_T(opline->result.u.var).var.ptr;
28953 int have_get_ptr = 0;
28954
28955 if (IS_CV == IS_VAR && !object_ptr) {
28956 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
28957 }
28958
28959 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
28960 object = *object_ptr;
28961
28962 if (Z_TYPE_P(object) != IS_OBJECT) {
28963 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
28964
28965 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28966 *retval = EG(uninitialized_zval_ptr);
28967 PZVAL_LOCK(*retval);
28968 }
28969
28970 ZEND_VM_NEXT_OPCODE();
28971 }
28972
28973 /* here we are sure we are dealing with an object */
28974
28975 if (0) {
28976 MAKE_REAL_ZVAL_PTR(property);
28977 }
28978
28979 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
28980 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
28981 if (zptr != NULL) { /* NULL means no success in getting PTR */
28982 SEPARATE_ZVAL_IF_NOT_REF(zptr);
28983
28984 have_get_ptr = 1;
28985 incdec_op(*zptr);
28986 if (!RETURN_VALUE_UNUSED(&opline->result)) {
28987 *retval = *zptr;
28988 PZVAL_LOCK(*retval);
28989 }
28990 }
28991 }
28992
28993 if (!have_get_ptr) {
28994 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
28995 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
28996
28997 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
28998 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
28999
29000 if (Z_REFCOUNT_P(z) == 0) {
29001 GC_REMOVE_ZVAL_FROM_BUFFER(z);
29002 zval_dtor(z);
29003 FREE_ZVAL(z);
29004 }
29005 z = value;
29006 }
29007 Z_ADDREF_P(z);
29008 SEPARATE_ZVAL_IF_NOT_REF(&z);
29009 incdec_op(z);
29010 *retval = z;
29011 Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC);
29012 SELECTIVE_PZVAL_LOCK(*retval, &opline->result);
29013 zval_ptr_dtor(&z);
29014 } else {
29015 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
29016 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29017 *retval = EG(uninitialized_zval_ptr);
29018 PZVAL_LOCK(*retval);
29019 }
29020 }
29021 }
29022
29023 if (0) {
29024 zval_ptr_dtor(&property);
29025 } else {
29026
29027 }
29028
29029 ZEND_VM_NEXT_OPCODE();
29030 }
29031
ZEND_PRE_INC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29032 static int ZEND_FASTCALL ZEND_PRE_INC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29033 {
29034 return zend_pre_incdec_property_helper_SPEC_CV_CV(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29035 }
29036
ZEND_PRE_DEC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29037 static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29038 {
29039 return zend_pre_incdec_property_helper_SPEC_CV_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29040 }
29041
zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op,ZEND_OPCODE_HANDLER_ARGS)29042 static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS)
29043 {
29044 zend_op *opline = EX(opline);
29045
29046 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29047 zval *object;
29048 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29049 zval *retval = &EX_T(opline->result.u.var).tmp_var;
29050 int have_get_ptr = 0;
29051
29052 if (IS_CV == IS_VAR && !object_ptr) {
29053 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
29054 }
29055
29056 make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */
29057 object = *object_ptr;
29058
29059 if (Z_TYPE_P(object) != IS_OBJECT) {
29060 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
29061
29062 *retval = *EG(uninitialized_zval_ptr);
29063
29064 ZEND_VM_NEXT_OPCODE();
29065 }
29066
29067 /* here we are sure we are dealing with an object */
29068
29069 if (0) {
29070 MAKE_REAL_ZVAL_PTR(property);
29071 }
29072
29073 if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
29074 zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
29075 if (zptr != NULL) { /* NULL means no success in getting PTR */
29076 have_get_ptr = 1;
29077 SEPARATE_ZVAL_IF_NOT_REF(zptr);
29078
29079 *retval = **zptr;
29080 zendi_zval_copy_ctor(*retval);
29081
29082 incdec_op(*zptr);
29083
29084 }
29085 }
29086
29087 if (!have_get_ptr) {
29088 if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) {
29089 zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R TSRMLS_CC);
29090 zval *z_copy;
29091
29092 if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
29093 zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC);
29094
29095 if (Z_REFCOUNT_P(z) == 0) {
29096 GC_REMOVE_ZVAL_FROM_BUFFER(z);
29097 zval_dtor(z);
29098 FREE_ZVAL(z);
29099 }
29100 z = value;
29101 }
29102 *retval = *z;
29103 zendi_zval_copy_ctor(*retval);
29104 ALLOC_ZVAL(z_copy);
29105 *z_copy = *z;
29106 zendi_zval_copy_ctor(*z_copy);
29107 INIT_PZVAL(z_copy);
29108 incdec_op(z_copy);
29109 Z_ADDREF_P(z);
29110 Z_OBJ_HT_P(object)->write_property(object, property, z_copy TSRMLS_CC);
29111 zval_ptr_dtor(&z_copy);
29112 zval_ptr_dtor(&z);
29113 } else {
29114 zend_error(E_WARNING, "Attempt to increment/decrement property of non-object");
29115 *retval = *EG(uninitialized_zval_ptr);
29116 }
29117 }
29118
29119 if (0) {
29120 zval_ptr_dtor(&property);
29121 } else {
29122
29123 }
29124
29125 ZEND_VM_NEXT_OPCODE();
29126 }
29127
ZEND_POST_INC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29128 static int ZEND_FASTCALL ZEND_POST_INC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29129 {
29130 return zend_post_incdec_property_helper_SPEC_CV_CV(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29131 }
29132
ZEND_POST_DEC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29133 static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29134 {
29135 return zend_post_incdec_property_helper_SPEC_CV_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29136 }
29137
ZEND_FETCH_DIM_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29138 static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29139 {
29140 zend_op *opline = EX(opline);
29141
29142 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29143 zval **container;
29144
29145 if (opline->extended_value == ZEND_FETCH_ADD_LOCK &&
29146 IS_CV != IS_CV &&
29147 EX_T(opline->op1.u.var).var.ptr_ptr) {
29148 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
29149 }
29150 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
29151 if (IS_CV == IS_VAR && !container) {
29152 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29153 }
29154 zend_fetch_dimension_address_read(RETURN_VALUE_UNUSED(&opline->result)?NULL:&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
29155
29156
29157 ZEND_VM_NEXT_OPCODE();
29158 }
29159
ZEND_FETCH_DIM_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29160 static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29161 {
29162 zend_op *opline = EX(opline);
29163 zend_free_op free_op1;
29164 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29165 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29166
29167 if (IS_CV == IS_VAR && !container) {
29168 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29169 }
29170 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
29171
29172 if (IS_CV == IS_VAR && 0 &&
29173 READY_TO_DESTROY(free_op1.var)) {
29174 AI_USE_PTR(EX_T(opline->result.u.var).var);
29175 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29176 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29177 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29178 }
29179 }
29180
29181 /* We are going to assign the result by reference */
29182 if (opline->extended_value && EX_T(opline->result.u.var).var.ptr_ptr) {
29183 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
29184 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
29185 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
29186 }
29187
29188 ZEND_VM_NEXT_OPCODE();
29189 }
29190
ZEND_FETCH_DIM_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29191 static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29192 {
29193 zend_op *opline = EX(opline);
29194 zend_free_op free_op1;
29195 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29196 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
29197
29198 if (IS_CV == IS_VAR && !container) {
29199 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29200 }
29201 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_RW TSRMLS_CC);
29202
29203 if (IS_CV == IS_VAR && 0 &&
29204 READY_TO_DESTROY(free_op1.var)) {
29205 AI_USE_PTR(EX_T(opline->result.u.var).var);
29206 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29207 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29208 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29209 }
29210 }
29211
29212 ZEND_VM_NEXT_OPCODE();
29213 }
29214
ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29215 static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29216 {
29217 zend_op *opline = EX(opline);
29218
29219 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29220 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
29221
29222 if (IS_CV == IS_VAR && !container) {
29223 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29224 }
29225 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_IS TSRMLS_CC);
29226
29227
29228 ZEND_VM_NEXT_OPCODE();
29229 }
29230
ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29231 static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29232 {
29233 zend_op *opline = EX(opline);
29234 zend_free_op free_op1;
29235 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29236 zval **container;
29237
29238 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
29239 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29240 if (IS_CV == IS_VAR && !container) {
29241 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29242 }
29243 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_W TSRMLS_CC);
29244 if (IS_CV == IS_VAR && 0 &&
29245 READY_TO_DESTROY(free_op1.var)) {
29246 AI_USE_PTR(EX_T(opline->result.u.var).var);
29247 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29248 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29249 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29250 }
29251 }
29252 } else {
29253 if (IS_CV == IS_UNUSED) {
29254 zend_error_noreturn(E_ERROR, "Cannot use [] for reading");
29255 }
29256 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
29257 if (IS_CV == IS_VAR && !container) {
29258 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29259 }
29260 zend_fetch_dimension_address_read(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_R TSRMLS_CC);
29261 }
29262
29263
29264 ZEND_VM_NEXT_OPCODE();
29265 }
29266
ZEND_FETCH_DIM_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29267 static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29268 {
29269 zend_op *opline = EX(opline);
29270 zend_free_op free_op1;
29271 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
29272 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29273
29274 /* Not needed in DIM_UNSET
29275 if (opline->extended_value == ZEND_FETCH_ADD_LOCK) {
29276 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
29277 }
29278 */
29279 if (IS_CV == IS_CV) {
29280 if (container != &EG(uninitialized_zval_ptr)) {
29281 SEPARATE_ZVAL_IF_NOT_REF(container);
29282 }
29283 }
29284 if (IS_CV == IS_VAR && !container) {
29285 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29286 }
29287 zend_fetch_dimension_address(&EX_T(opline->result.u.var), container, dim, 0, BP_VAR_UNSET TSRMLS_CC);
29288
29289 if (IS_CV == IS_VAR && 0 &&
29290 READY_TO_DESTROY(free_op1.var)) {
29291 AI_USE_PTR(EX_T(opline->result.u.var).var);
29292 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29293 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29294 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29295 }
29296 }
29297
29298 if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) {
29299 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
29300 } else {
29301 zend_free_op free_res;
29302
29303 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
29304 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
29305 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
29306 }
29307 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
29308 FREE_OP_VAR_PTR(free_res);
29309 }
29310 ZEND_VM_NEXT_OPCODE();
29311 }
29312
zend_fetch_property_address_read_helper_SPEC_CV_CV(int type,ZEND_OPCODE_HANDLER_ARGS)29313 static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(int type, ZEND_OPCODE_HANDLER_ARGS)
29314 {
29315 zend_op *opline = EX(opline);
29316
29317 zval *container = _get_zval_ptr_cv(&opline->op1, EX(Ts), type TSRMLS_CC);
29318
29319 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29320
29321 if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) {
29322 if (type != BP_VAR_IS) {
29323 zend_error(E_NOTICE, "Trying to get property of non-object");
29324 }
29325 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29326 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
29327 PZVAL_LOCK(EG(uninitialized_zval_ptr));
29328 }
29329
29330 } else {
29331 zval *retval;
29332
29333 if (0) {
29334 MAKE_REAL_ZVAL_PTR(offset);
29335 }
29336
29337 /* here we are sure we are dealing with an object */
29338 retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC);
29339
29340 if (RETURN_VALUE_UNUSED(&opline->result)) {
29341 if (Z_REFCOUNT_P(retval) == 0) {
29342 GC_REMOVE_ZVAL_FROM_BUFFER(retval);
29343 zval_dtor(retval);
29344 FREE_ZVAL(retval);
29345 }
29346 } else {
29347 AI_SET_PTR(EX_T(opline->result.u.var).var, retval);
29348 PZVAL_LOCK(retval);
29349 }
29350
29351 if (0) {
29352 zval_ptr_dtor(&offset);
29353 } else {
29354
29355 }
29356 }
29357
29358 ZEND_VM_NEXT_OPCODE();
29359 }
29360
ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29361 static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29362 {
29363 return zend_fetch_property_address_read_helper_SPEC_CV_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29364 }
29365
ZEND_FETCH_OBJ_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29366 static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29367 {
29368 zend_op *opline = EX(opline);
29369 zend_free_op free_op1;
29370 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29371 zval **container;
29372
29373 if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) {
29374 PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
29375 EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr;
29376 }
29377
29378 if (0) {
29379 MAKE_REAL_ZVAL_PTR(property);
29380 }
29381 container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29382 if (IS_CV == IS_VAR && !container) {
29383 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
29384 }
29385 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
29386 if (0) {
29387 zval_ptr_dtor(&property);
29388 } else {
29389
29390 }
29391 if (IS_CV == IS_VAR && 0 &&
29392 READY_TO_DESTROY(free_op1.var)) {
29393 AI_USE_PTR(EX_T(opline->result.u.var).var);
29394 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29395 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29396 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29397 }
29398 }
29399
29400 /* We are going to assign the result by reference */
29401 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
29402 Z_DELREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
29403 SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.u.var).var.ptr_ptr);
29404 Z_ADDREF_PP(EX_T(opline->result.u.var).var.ptr_ptr);
29405 }
29406
29407 ZEND_VM_NEXT_OPCODE();
29408 }
29409
ZEND_FETCH_OBJ_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29410 static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29411 {
29412 zend_op *opline = EX(opline);
29413 zend_free_op free_op1;
29414 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29415 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_RW TSRMLS_CC);
29416
29417 if (0) {
29418 MAKE_REAL_ZVAL_PTR(property);
29419 }
29420 if (IS_CV == IS_VAR && !container) {
29421 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
29422 }
29423 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_RW TSRMLS_CC);
29424 if (0) {
29425 zval_ptr_dtor(&property);
29426 } else {
29427
29428 }
29429 if (IS_CV == IS_VAR && 0 &&
29430 READY_TO_DESTROY(free_op1.var)) {
29431 AI_USE_PTR(EX_T(opline->result.u.var).var);
29432 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29433 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29434 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29435 }
29436 }
29437
29438 ZEND_VM_NEXT_OPCODE();
29439 }
29440
ZEND_FETCH_OBJ_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29441 static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29442 {
29443 return zend_fetch_property_address_read_helper_SPEC_CV_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29444 }
29445
ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29446 static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29447 {
29448 zend_op *opline = EX(opline);
29449
29450 if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) {
29451 /* Behave like FETCH_OBJ_W */
29452 zend_free_op free_op1;
29453 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29454 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29455
29456 if (0) {
29457 MAKE_REAL_ZVAL_PTR(property);
29458 }
29459 if (IS_CV == IS_VAR && !container) {
29460 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
29461 }
29462 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_W TSRMLS_CC);
29463 if (0) {
29464 zval_ptr_dtor(&property);
29465 } else {
29466
29467 }
29468 if (IS_CV == IS_VAR && 0 &&
29469 READY_TO_DESTROY(free_op1.var)) {
29470 AI_USE_PTR(EX_T(opline->result.u.var).var);
29471 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29472 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29473 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29474 }
29475 }
29476
29477 ZEND_VM_NEXT_OPCODE();
29478 } else {
29479 return zend_fetch_property_address_read_helper_SPEC_CV_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29480 }
29481 }
29482
ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29483 static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29484 {
29485 zend_op *opline = EX(opline);
29486 zend_free_op free_op1, free_res;
29487 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
29488 zval *property = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29489
29490 if (IS_CV == IS_CV) {
29491 if (container != &EG(uninitialized_zval_ptr)) {
29492 SEPARATE_ZVAL_IF_NOT_REF(container);
29493 }
29494 }
29495 if (0) {
29496 MAKE_REAL_ZVAL_PTR(property);
29497 }
29498 if (IS_CV == IS_VAR && !container) {
29499 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
29500 }
29501 zend_fetch_property_address(&EX_T(opline->result.u.var), container, property, BP_VAR_UNSET TSRMLS_CC);
29502 if (0) {
29503 zval_ptr_dtor(&property);
29504 } else {
29505
29506 }
29507 if (IS_CV == IS_VAR && 0 &&
29508 READY_TO_DESTROY(free_op1.var)) {
29509 AI_USE_PTR(EX_T(opline->result.u.var).var);
29510 if (!PZVAL_IS_REF(*EX_T(opline->result.u.var).var.ptr_ptr) &&
29511 Z_REFCOUNT_PP(EX_T(opline->result.u.var).var.ptr_ptr) > 2) {
29512 SEPARATE_ZVAL(EX_T(opline->result.u.var).var.ptr_ptr);
29513 }
29514 }
29515
29516 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
29517 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
29518 SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
29519 }
29520 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
29521 FREE_OP_VAR_PTR(free_res);
29522 ZEND_VM_NEXT_OPCODE();
29523 }
29524
ZEND_ASSIGN_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29525 static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29526 {
29527 zend_op *opline = EX(opline);
29528 zend_op *op_data = opline+1;
29529
29530 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29531 zval *property_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29532
29533 if (0) {
29534 MAKE_REAL_ZVAL_PTR(property_name);
29535 }
29536 if (IS_CV == IS_VAR && !object_ptr) {
29537 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29538 }
29539 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC);
29540 if (0) {
29541 zval_ptr_dtor(&property_name);
29542 } else {
29543
29544 }
29545
29546 /* assign_obj has two opcodes! */
29547 ZEND_VM_INC_OPCODE();
29548 ZEND_VM_NEXT_OPCODE();
29549 }
29550
ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29551 static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29552 {
29553 zend_op *opline = EX(opline);
29554 zend_op *op_data = opline+1;
29555
29556 zval **object_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29557
29558 if (IS_CV == IS_VAR && !object_ptr) {
29559 zend_error_noreturn(E_ERROR, "Cannot use string offset as an array");
29560 }
29561 if (Z_TYPE_PP(object_ptr) == IS_OBJECT) {
29562
29563 zval *property_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29564
29565 if (0) {
29566 MAKE_REAL_ZVAL_PTR(property_name);
29567 }
29568 zend_assign_to_object(&opline->result, object_ptr, property_name, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC);
29569 if (0) {
29570 zval_ptr_dtor(&property_name);
29571 } else {
29572
29573 }
29574 } else {
29575 zend_free_op free_op_data1, free_op_data2;
29576 zval *value;
29577 zval *dim = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29578 zval **variable_ptr_ptr;
29579
29580 zend_fetch_dimension_address(&EX_T(op_data->op2.u.var), object_ptr, dim, 0, BP_VAR_W TSRMLS_CC);
29581
29582 value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
29583 variable_ptr_ptr = _get_zval_ptr_ptr_var(&op_data->op2, EX(Ts), &free_op_data2 TSRMLS_CC);
29584 if (!variable_ptr_ptr) {
29585 if (zend_assign_to_string_offset(&EX_T(op_data->op2.u.var), value, op_data->op1.op_type TSRMLS_CC)) {
29586 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29587 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
29588 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
29589 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
29590 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.u.var).str_offset.str)+EX_T(op_data->op2.u.var).str_offset.offset, 1, 1);
29591 }
29592 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
29593 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
29594 PZVAL_LOCK(EG(uninitialized_zval_ptr));
29595 }
29596 } else {
29597 value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC);
29598 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29599 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
29600 PZVAL_LOCK(value);
29601 }
29602 }
29603 FREE_OP_VAR_PTR(free_op_data2);
29604 FREE_OP_IF_VAR(free_op_data1);
29605 }
29606
29607 /* assign_dim has two opcodes! */
29608 ZEND_VM_INC_OPCODE();
29609 ZEND_VM_NEXT_OPCODE();
29610 }
29611
ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29612 static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29613 {
29614 zend_op *opline = EX(opline);
29615
29616 zval *value = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29617 zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29618
29619 if (IS_CV == IS_VAR && !variable_ptr_ptr) {
29620 if (zend_assign_to_string_offset(&EX_T(opline->op1.u.var), value, IS_CV TSRMLS_CC)) {
29621 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29622 EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
29623 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
29624 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
29625 ZVAL_STRINGL(EX_T(opline->result.u.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.u.var).str_offset.str)+EX_T(opline->op1.u.var).str_offset.offset, 1, 1);
29626 }
29627 } else if (!RETURN_VALUE_UNUSED(&opline->result)) {
29628 AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
29629 PZVAL_LOCK(EG(uninitialized_zval_ptr));
29630 }
29631 } else {
29632 value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC);
29633 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29634 AI_SET_PTR(EX_T(opline->result.u.var).var, value);
29635 PZVAL_LOCK(value);
29636 }
29637 }
29638
29639 /* zend_assign_to_variable() always takes care of op2, never free it! */
29640
29641 ZEND_VM_NEXT_OPCODE();
29642 }
29643
ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29644 static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29645 {
29646 zend_op *opline = EX(opline);
29647 zend_free_op free_op2;
29648 zval **variable_ptr_ptr;
29649 zval **value_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC);
29650
29651 if (IS_CV == IS_VAR &&
29652 value_ptr_ptr &&
29653 !Z_ISREF_PP(value_ptr_ptr) &&
29654 opline->extended_value == ZEND_RETURNS_FUNCTION &&
29655 !EX_T(opline->op2.u.var).var.fcall_returned_reference) {
29656 if (free_op2.var == NULL) {
29657 PZVAL_LOCK(*value_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
29658 }
29659 zend_error(E_STRICT, "Only variables should be assigned by reference");
29660 if (UNEXPECTED(EG(exception) != NULL)) {
29661
29662 ZEND_VM_NEXT_OPCODE();
29663 }
29664 return ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29665 } else if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
29666 PZVAL_LOCK(*value_ptr_ptr);
29667 }
29668 if (IS_CV == IS_VAR && EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
29669 zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object");
29670 }
29671
29672 variable_ptr_ptr = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29673 if ((IS_CV == IS_VAR && !value_ptr_ptr) ||
29674 (IS_CV == IS_VAR && !variable_ptr_ptr)) {
29675 zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects");
29676 }
29677 zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC);
29678
29679 if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) {
29680 Z_DELREF_PP(variable_ptr_ptr);
29681 }
29682
29683 if (!RETURN_VALUE_UNUSED(&opline->result)) {
29684 AI_SET_PTR(EX_T(opline->result.u.var).var, *variable_ptr_ptr);
29685 PZVAL_LOCK(*variable_ptr_ptr);
29686 }
29687
29688
29689 ZEND_VM_NEXT_OPCODE();
29690 }
29691
ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29692 static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29693 {
29694 zend_op *opline = EX(opline);
29695 zval *function_name;
29696 char *function_name_strval;
29697 int function_name_strlen;
29698
29699
29700 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
29701
29702 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29703
29704 if (Z_TYPE_P(function_name)!=IS_STRING) {
29705 zend_error_noreturn(E_ERROR, "Method name must be a string");
29706 }
29707
29708 function_name_strval = Z_STRVAL_P(function_name);
29709 function_name_strlen = Z_STRLEN_P(function_name);
29710
29711 EX(object) = _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
29712
29713 if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
29714 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
29715 zend_error_noreturn(E_ERROR, "Object does not support method calls");
29716 }
29717
29718 /* First, locate the function. */
29719 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
29720 if (!EX(fbc)) {
29721 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
29722 }
29723
29724 EX(called_scope) = Z_OBJCE_P(EX(object));
29725 } else {
29726 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
29727 }
29728
29729 if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
29730 EX(object) = NULL;
29731 } else {
29732 if (!PZVAL_IS_REF(EX(object))) {
29733 Z_ADDREF_P(EX(object)); /* For $this pointer */
29734 } else {
29735 zval *this_ptr;
29736 ALLOC_ZVAL(this_ptr);
29737 INIT_PZVAL_COPY(this_ptr, EX(object));
29738 zval_copy_ctor(this_ptr);
29739 EX(object) = this_ptr;
29740 }
29741 }
29742
29743
29744 ZEND_VM_NEXT_OPCODE();
29745 }
29746
ZEND_CASE_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29747 static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29748 {
29749 zend_op *opline = EX(opline);
29750 int switch_expr_is_overloaded=0;
29751
29752
29753 if (IS_CV==IS_VAR) {
29754 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
29755 PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
29756 } else {
29757 switch_expr_is_overloaded = 1;
29758 Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
29759 }
29760 }
29761 is_equal_function(&EX_T(opline->result.u.var).tmp_var,
29762 _get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC),
29763 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
29764
29765 if (switch_expr_is_overloaded) {
29766 /* We only free op1 if this is a string offset,
29767 * Since if it is a TMP_VAR, it'll be reused by
29768 * other CASE opcodes (whereas string offsets
29769 * are allocated at each get_zval_ptr())
29770 */
29771
29772 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
29773 EX_T(opline->op1.u.var).var.ptr = NULL;
29774 }
29775 ZEND_VM_NEXT_OPCODE();
29776 }
29777
ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29778 static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29779 {
29780 zend_op *opline = EX(opline);
29781
29782 zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
29783 zval *expr_ptr;
29784 zval *offset=_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29785
29786 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
29787 zval **expr_ptr_ptr = NULL;
29788
29789 if (opline->extended_value) {
29790 expr_ptr_ptr=_get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_W TSRMLS_CC);
29791 expr_ptr = *expr_ptr_ptr;
29792 } else {
29793 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
29794 }
29795 #else
29796 expr_ptr=_get_zval_ptr_cv(&opline->op1, EX(Ts), BP_VAR_R TSRMLS_CC);
29797 #endif
29798
29799 if (0) { /* temporary variable */
29800 zval *new_expr;
29801
29802 ALLOC_ZVAL(new_expr);
29803 INIT_PZVAL_COPY(new_expr, expr_ptr);
29804 expr_ptr = new_expr;
29805 } else {
29806 #if 0 || IS_CV == IS_VAR || IS_CV == IS_CV
29807 if (opline->extended_value) {
29808 SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
29809 expr_ptr = *expr_ptr_ptr;
29810 Z_ADDREF_P(expr_ptr);
29811 } else
29812 #endif
29813 if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
29814 zval *new_expr;
29815
29816 ALLOC_ZVAL(new_expr);
29817 INIT_PZVAL_COPY(new_expr, expr_ptr);
29818 expr_ptr = new_expr;
29819 zendi_zval_copy_ctor(*expr_ptr);
29820 } else {
29821 Z_ADDREF_P(expr_ptr);
29822 }
29823 }
29824 if (offset) {
29825 switch (Z_TYPE_P(offset)) {
29826 case IS_DOUBLE:
29827 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
29828 break;
29829 case IS_LONG:
29830 case IS_BOOL:
29831 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
29832 break;
29833 case IS_STRING:
29834 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
29835 break;
29836 case IS_NULL:
29837 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
29838 break;
29839 default:
29840 zend_error(E_WARNING, "Illegal offset type");
29841 zval_ptr_dtor(&expr_ptr);
29842 /* do nothing */
29843 break;
29844 }
29845
29846 } else {
29847 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
29848 }
29849 if (opline->extended_value) {
29850
29851 } else {
29852
29853 }
29854 ZEND_VM_NEXT_OPCODE();
29855 }
29856
ZEND_INIT_ARRAY_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29857 static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29858 {
29859 zend_op *opline = EX(opline);
29860
29861 array_init(&EX_T(opline->result.u.var).tmp_var);
29862 if (IS_CV == IS_UNUSED) {
29863 ZEND_VM_NEXT_OPCODE();
29864 #if 0 || IS_CV != IS_UNUSED
29865 } else {
29866 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
29867 #endif
29868 }
29869 }
29870
ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29871 static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29872 {
29873 zend_op *opline = EX(opline);
29874
29875 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
29876 zval *offset;
29877
29878 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
29879 SEPARATE_ZVAL_IF_NOT_REF(container);
29880 }
29881 offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29882
29883 if (IS_CV != IS_VAR || container) {
29884 switch (Z_TYPE_PP(container)) {
29885 case IS_ARRAY: {
29886 HashTable *ht = Z_ARRVAL_PP(container);
29887
29888 switch (Z_TYPE_P(offset)) {
29889 case IS_DOUBLE:
29890 zend_hash_index_del(ht, zend_dval_to_lval(Z_DVAL_P(offset)));
29891 break;
29892 case IS_RESOURCE:
29893 case IS_BOOL:
29894 case IS_LONG:
29895 zend_hash_index_del(ht, Z_LVAL_P(offset));
29896 break;
29897 case IS_STRING:
29898 if (IS_CV == IS_CV || IS_CV == IS_VAR) {
29899 Z_ADDREF_P(offset);
29900 }
29901 if (zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1) == SUCCESS &&
29902 ht == &EG(symbol_table)) {
29903 zend_execute_data *ex;
29904 ulong hash_value = zend_inline_hash_func(offset->value.str.val, offset->value.str.len+1);
29905
29906 for (ex = execute_data; ex; ex = ex->prev_execute_data) {
29907 if (ex->op_array && ex->symbol_table == ht) {
29908 int i;
29909
29910 for (i = 0; i < ex->op_array->last_var; i++) {
29911 if (ex->op_array->vars[i].hash_value == hash_value &&
29912 ex->op_array->vars[i].name_len == offset->value.str.len &&
29913 !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) {
29914 ex->CVs[i] = NULL;
29915 break;
29916 }
29917 }
29918 }
29919 }
29920 }
29921 if (IS_CV == IS_CV || IS_CV == IS_VAR) {
29922 zval_ptr_dtor(&offset);
29923 }
29924 break;
29925 case IS_NULL:
29926 zend_hash_del(ht, "", sizeof(""));
29927 break;
29928 default:
29929 zend_error(E_WARNING, "Illegal offset type in unset");
29930 break;
29931 }
29932
29933 break;
29934 }
29935 case IS_OBJECT:
29936 if (!Z_OBJ_HT_P(*container)->unset_dimension) {
29937 zend_error_noreturn(E_ERROR, "Cannot use object as array");
29938 }
29939 if (0) {
29940 MAKE_REAL_ZVAL_PTR(offset);
29941 }
29942 Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC);
29943 if (0) {
29944 zval_ptr_dtor(&offset);
29945 } else {
29946
29947 }
29948 break;
29949 case IS_STRING:
29950 zend_error_noreturn(E_ERROR, "Cannot unset string offsets");
29951 ZEND_VM_CONTINUE(); /* bailed out before */
29952 default:
29953
29954 break;
29955 }
29956 } else {
29957
29958 }
29959
29960 ZEND_VM_NEXT_OPCODE();
29961 }
29962
ZEND_UNSET_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)29963 static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
29964 {
29965 zend_op *opline = EX(opline);
29966
29967 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_UNSET TSRMLS_CC);
29968 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
29969
29970 if (IS_CV != IS_VAR || container) {
29971 if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) {
29972 SEPARATE_ZVAL_IF_NOT_REF(container);
29973 }
29974 if (Z_TYPE_PP(container) == IS_OBJECT) {
29975 if (0) {
29976 MAKE_REAL_ZVAL_PTR(offset);
29977 }
29978 if (Z_OBJ_HT_P(*container)->unset_property) {
29979 Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC);
29980 } else {
29981 zend_error(E_NOTICE, "Trying to unset property of non-object");
29982 }
29983 if (0) {
29984 zval_ptr_dtor(&offset);
29985 } else {
29986
29987 }
29988 } else {
29989
29990 }
29991 } else {
29992
29993 }
29994
29995 ZEND_VM_NEXT_OPCODE();
29996 }
29997
zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(int prop_dim,ZEND_OPCODE_HANDLER_ARGS)29998 static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS)
29999 {
30000 zend_op *opline = EX(opline);
30001
30002 zval **container = _get_zval_ptr_ptr_cv(&opline->op1, EX(Ts), BP_VAR_IS TSRMLS_CC);
30003 zval **value = NULL;
30004 int result = 0;
30005
30006 if (IS_CV != IS_VAR || container) {
30007
30008 zval *offset = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
30009
30010 if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) {
30011 HashTable *ht;
30012 int isset = 0;
30013
30014 ht = Z_ARRVAL_PP(container);
30015
30016 switch (Z_TYPE_P(offset)) {
30017 case IS_DOUBLE:
30018 if (zend_hash_index_find(ht, zend_dval_to_lval(Z_DVAL_P(offset)), (void **) &value) == SUCCESS) {
30019 isset = 1;
30020 }
30021 break;
30022 case IS_RESOURCE:
30023 case IS_BOOL:
30024 case IS_LONG:
30025 if (zend_hash_index_find(ht, Z_LVAL_P(offset), (void **) &value) == SUCCESS) {
30026 isset = 1;
30027 }
30028 break;
30029 case IS_STRING:
30030 if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) {
30031 isset = 1;
30032 }
30033 break;
30034 case IS_NULL:
30035 if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) {
30036 isset = 1;
30037 }
30038 break;
30039 default:
30040 zend_error(E_WARNING, "Illegal offset type in isset or empty");
30041
30042 break;
30043 }
30044
30045 switch (opline->extended_value) {
30046 case ZEND_ISSET:
30047 if (isset && Z_TYPE_PP(value) == IS_NULL) {
30048 result = 0;
30049 } else {
30050 result = isset;
30051 }
30052 break;
30053 case ZEND_ISEMPTY:
30054 if (!isset || !i_zend_is_true(*value)) {
30055 result = 0;
30056 } else {
30057 result = 1;
30058 }
30059 break;
30060 }
30061
30062 } else if (Z_TYPE_PP(container) == IS_OBJECT) {
30063 if (0) {
30064 MAKE_REAL_ZVAL_PTR(offset);
30065 }
30066 if (prop_dim) {
30067 if (Z_OBJ_HT_P(*container)->has_property) {
30068 result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
30069 } else {
30070 zend_error(E_NOTICE, "Trying to check property of non-object");
30071 result = 0;
30072 }
30073 } else {
30074 if (Z_OBJ_HT_P(*container)->has_dimension) {
30075 result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC);
30076 } else {
30077 zend_error(E_NOTICE, "Trying to check element of non-array");
30078 result = 0;
30079 }
30080 }
30081 if (0) {
30082 zval_ptr_dtor(&offset);
30083 } else {
30084
30085 }
30086 } else if ((*container)->type == IS_STRING && !prop_dim) { /* string offsets */
30087 zval tmp;
30088
30089 if (Z_TYPE_P(offset) != IS_LONG) {
30090 tmp = *offset;
30091 zval_copy_ctor(&tmp);
30092 convert_to_long(&tmp);
30093 offset = &tmp;
30094 }
30095 if (Z_TYPE_P(offset) == IS_LONG) {
30096 switch (opline->extended_value) {
30097 case ZEND_ISSET:
30098 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container)) {
30099 result = 1;
30100 }
30101 break;
30102 case ZEND_ISEMPTY:
30103 if (offset->value.lval >= 0 && offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') {
30104 result = 1;
30105 }
30106 break;
30107 }
30108 }
30109
30110 } else {
30111
30112 }
30113 }
30114
30115 Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
30116
30117 switch (opline->extended_value) {
30118 case ZEND_ISSET:
30119 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = result;
30120 break;
30121 case ZEND_ISEMPTY:
30122 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = !result;
30123 break;
30124 }
30125
30126 ZEND_VM_NEXT_OPCODE();
30127 }
30128
ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)30129 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
30130 {
30131 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
30132 }
30133
ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)30134 static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
30135 {
30136 return zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
30137 }
30138
ZEND_NULL_HANDLER(ZEND_OPCODE_HANDLER_ARGS)30139 static int ZEND_FASTCALL ZEND_NULL_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
30140 {
30141 zend_error_noreturn(E_ERROR, "Invalid opcode %d/%d/%d.", EX(opline)->opcode, EX(opline)->op1.op_type, EX(opline)->op2.op_type);
30142 }
30143
30144
zend_init_opcodes_handlers(void)30145 void zend_init_opcodes_handlers(void)
30146 {
30147 static const opcode_handler_t labels[] = {
30148 ZEND_NOP_SPEC_HANDLER,
30149 ZEND_NOP_SPEC_HANDLER,
30150 ZEND_NOP_SPEC_HANDLER,
30151 ZEND_NOP_SPEC_HANDLER,
30152 ZEND_NOP_SPEC_HANDLER,
30153 ZEND_NOP_SPEC_HANDLER,
30154 ZEND_NOP_SPEC_HANDLER,
30155 ZEND_NOP_SPEC_HANDLER,
30156 ZEND_NOP_SPEC_HANDLER,
30157 ZEND_NOP_SPEC_HANDLER,
30158 ZEND_NOP_SPEC_HANDLER,
30159 ZEND_NOP_SPEC_HANDLER,
30160 ZEND_NOP_SPEC_HANDLER,
30161 ZEND_NOP_SPEC_HANDLER,
30162 ZEND_NOP_SPEC_HANDLER,
30163 ZEND_NOP_SPEC_HANDLER,
30164 ZEND_NOP_SPEC_HANDLER,
30165 ZEND_NOP_SPEC_HANDLER,
30166 ZEND_NOP_SPEC_HANDLER,
30167 ZEND_NOP_SPEC_HANDLER,
30168 ZEND_NOP_SPEC_HANDLER,
30169 ZEND_NOP_SPEC_HANDLER,
30170 ZEND_NOP_SPEC_HANDLER,
30171 ZEND_NOP_SPEC_HANDLER,
30172 ZEND_NOP_SPEC_HANDLER,
30173 ZEND_ADD_SPEC_CONST_CONST_HANDLER,
30174 ZEND_ADD_SPEC_CONST_TMP_HANDLER,
30175 ZEND_ADD_SPEC_CONST_VAR_HANDLER,
30176 ZEND_NULL_HANDLER,
30177 ZEND_ADD_SPEC_CONST_CV_HANDLER,
30178 ZEND_ADD_SPEC_TMP_CONST_HANDLER,
30179 ZEND_ADD_SPEC_TMP_TMP_HANDLER,
30180 ZEND_ADD_SPEC_TMP_VAR_HANDLER,
30181 ZEND_NULL_HANDLER,
30182 ZEND_ADD_SPEC_TMP_CV_HANDLER,
30183 ZEND_ADD_SPEC_VAR_CONST_HANDLER,
30184 ZEND_ADD_SPEC_VAR_TMP_HANDLER,
30185 ZEND_ADD_SPEC_VAR_VAR_HANDLER,
30186 ZEND_NULL_HANDLER,
30187 ZEND_ADD_SPEC_VAR_CV_HANDLER,
30188 ZEND_NULL_HANDLER,
30189 ZEND_NULL_HANDLER,
30190 ZEND_NULL_HANDLER,
30191 ZEND_NULL_HANDLER,
30192 ZEND_NULL_HANDLER,
30193 ZEND_ADD_SPEC_CV_CONST_HANDLER,
30194 ZEND_ADD_SPEC_CV_TMP_HANDLER,
30195 ZEND_ADD_SPEC_CV_VAR_HANDLER,
30196 ZEND_NULL_HANDLER,
30197 ZEND_ADD_SPEC_CV_CV_HANDLER,
30198 ZEND_SUB_SPEC_CONST_CONST_HANDLER,
30199 ZEND_SUB_SPEC_CONST_TMP_HANDLER,
30200 ZEND_SUB_SPEC_CONST_VAR_HANDLER,
30201 ZEND_NULL_HANDLER,
30202 ZEND_SUB_SPEC_CONST_CV_HANDLER,
30203 ZEND_SUB_SPEC_TMP_CONST_HANDLER,
30204 ZEND_SUB_SPEC_TMP_TMP_HANDLER,
30205 ZEND_SUB_SPEC_TMP_VAR_HANDLER,
30206 ZEND_NULL_HANDLER,
30207 ZEND_SUB_SPEC_TMP_CV_HANDLER,
30208 ZEND_SUB_SPEC_VAR_CONST_HANDLER,
30209 ZEND_SUB_SPEC_VAR_TMP_HANDLER,
30210 ZEND_SUB_SPEC_VAR_VAR_HANDLER,
30211 ZEND_NULL_HANDLER,
30212 ZEND_SUB_SPEC_VAR_CV_HANDLER,
30213 ZEND_NULL_HANDLER,
30214 ZEND_NULL_HANDLER,
30215 ZEND_NULL_HANDLER,
30216 ZEND_NULL_HANDLER,
30217 ZEND_NULL_HANDLER,
30218 ZEND_SUB_SPEC_CV_CONST_HANDLER,
30219 ZEND_SUB_SPEC_CV_TMP_HANDLER,
30220 ZEND_SUB_SPEC_CV_VAR_HANDLER,
30221 ZEND_NULL_HANDLER,
30222 ZEND_SUB_SPEC_CV_CV_HANDLER,
30223 ZEND_MUL_SPEC_CONST_CONST_HANDLER,
30224 ZEND_MUL_SPEC_CONST_TMP_HANDLER,
30225 ZEND_MUL_SPEC_CONST_VAR_HANDLER,
30226 ZEND_NULL_HANDLER,
30227 ZEND_MUL_SPEC_CONST_CV_HANDLER,
30228 ZEND_MUL_SPEC_TMP_CONST_HANDLER,
30229 ZEND_MUL_SPEC_TMP_TMP_HANDLER,
30230 ZEND_MUL_SPEC_TMP_VAR_HANDLER,
30231 ZEND_NULL_HANDLER,
30232 ZEND_MUL_SPEC_TMP_CV_HANDLER,
30233 ZEND_MUL_SPEC_VAR_CONST_HANDLER,
30234 ZEND_MUL_SPEC_VAR_TMP_HANDLER,
30235 ZEND_MUL_SPEC_VAR_VAR_HANDLER,
30236 ZEND_NULL_HANDLER,
30237 ZEND_MUL_SPEC_VAR_CV_HANDLER,
30238 ZEND_NULL_HANDLER,
30239 ZEND_NULL_HANDLER,
30240 ZEND_NULL_HANDLER,
30241 ZEND_NULL_HANDLER,
30242 ZEND_NULL_HANDLER,
30243 ZEND_MUL_SPEC_CV_CONST_HANDLER,
30244 ZEND_MUL_SPEC_CV_TMP_HANDLER,
30245 ZEND_MUL_SPEC_CV_VAR_HANDLER,
30246 ZEND_NULL_HANDLER,
30247 ZEND_MUL_SPEC_CV_CV_HANDLER,
30248 ZEND_DIV_SPEC_CONST_CONST_HANDLER,
30249 ZEND_DIV_SPEC_CONST_TMP_HANDLER,
30250 ZEND_DIV_SPEC_CONST_VAR_HANDLER,
30251 ZEND_NULL_HANDLER,
30252 ZEND_DIV_SPEC_CONST_CV_HANDLER,
30253 ZEND_DIV_SPEC_TMP_CONST_HANDLER,
30254 ZEND_DIV_SPEC_TMP_TMP_HANDLER,
30255 ZEND_DIV_SPEC_TMP_VAR_HANDLER,
30256 ZEND_NULL_HANDLER,
30257 ZEND_DIV_SPEC_TMP_CV_HANDLER,
30258 ZEND_DIV_SPEC_VAR_CONST_HANDLER,
30259 ZEND_DIV_SPEC_VAR_TMP_HANDLER,
30260 ZEND_DIV_SPEC_VAR_VAR_HANDLER,
30261 ZEND_NULL_HANDLER,
30262 ZEND_DIV_SPEC_VAR_CV_HANDLER,
30263 ZEND_NULL_HANDLER,
30264 ZEND_NULL_HANDLER,
30265 ZEND_NULL_HANDLER,
30266 ZEND_NULL_HANDLER,
30267 ZEND_NULL_HANDLER,
30268 ZEND_DIV_SPEC_CV_CONST_HANDLER,
30269 ZEND_DIV_SPEC_CV_TMP_HANDLER,
30270 ZEND_DIV_SPEC_CV_VAR_HANDLER,
30271 ZEND_NULL_HANDLER,
30272 ZEND_DIV_SPEC_CV_CV_HANDLER,
30273 ZEND_MOD_SPEC_CONST_CONST_HANDLER,
30274 ZEND_MOD_SPEC_CONST_TMP_HANDLER,
30275 ZEND_MOD_SPEC_CONST_VAR_HANDLER,
30276 ZEND_NULL_HANDLER,
30277 ZEND_MOD_SPEC_CONST_CV_HANDLER,
30278 ZEND_MOD_SPEC_TMP_CONST_HANDLER,
30279 ZEND_MOD_SPEC_TMP_TMP_HANDLER,
30280 ZEND_MOD_SPEC_TMP_VAR_HANDLER,
30281 ZEND_NULL_HANDLER,
30282 ZEND_MOD_SPEC_TMP_CV_HANDLER,
30283 ZEND_MOD_SPEC_VAR_CONST_HANDLER,
30284 ZEND_MOD_SPEC_VAR_TMP_HANDLER,
30285 ZEND_MOD_SPEC_VAR_VAR_HANDLER,
30286 ZEND_NULL_HANDLER,
30287 ZEND_MOD_SPEC_VAR_CV_HANDLER,
30288 ZEND_NULL_HANDLER,
30289 ZEND_NULL_HANDLER,
30290 ZEND_NULL_HANDLER,
30291 ZEND_NULL_HANDLER,
30292 ZEND_NULL_HANDLER,
30293 ZEND_MOD_SPEC_CV_CONST_HANDLER,
30294 ZEND_MOD_SPEC_CV_TMP_HANDLER,
30295 ZEND_MOD_SPEC_CV_VAR_HANDLER,
30296 ZEND_NULL_HANDLER,
30297 ZEND_MOD_SPEC_CV_CV_HANDLER,
30298 ZEND_SL_SPEC_CONST_CONST_HANDLER,
30299 ZEND_SL_SPEC_CONST_TMP_HANDLER,
30300 ZEND_SL_SPEC_CONST_VAR_HANDLER,
30301 ZEND_NULL_HANDLER,
30302 ZEND_SL_SPEC_CONST_CV_HANDLER,
30303 ZEND_SL_SPEC_TMP_CONST_HANDLER,
30304 ZEND_SL_SPEC_TMP_TMP_HANDLER,
30305 ZEND_SL_SPEC_TMP_VAR_HANDLER,
30306 ZEND_NULL_HANDLER,
30307 ZEND_SL_SPEC_TMP_CV_HANDLER,
30308 ZEND_SL_SPEC_VAR_CONST_HANDLER,
30309 ZEND_SL_SPEC_VAR_TMP_HANDLER,
30310 ZEND_SL_SPEC_VAR_VAR_HANDLER,
30311 ZEND_NULL_HANDLER,
30312 ZEND_SL_SPEC_VAR_CV_HANDLER,
30313 ZEND_NULL_HANDLER,
30314 ZEND_NULL_HANDLER,
30315 ZEND_NULL_HANDLER,
30316 ZEND_NULL_HANDLER,
30317 ZEND_NULL_HANDLER,
30318 ZEND_SL_SPEC_CV_CONST_HANDLER,
30319 ZEND_SL_SPEC_CV_TMP_HANDLER,
30320 ZEND_SL_SPEC_CV_VAR_HANDLER,
30321 ZEND_NULL_HANDLER,
30322 ZEND_SL_SPEC_CV_CV_HANDLER,
30323 ZEND_SR_SPEC_CONST_CONST_HANDLER,
30324 ZEND_SR_SPEC_CONST_TMP_HANDLER,
30325 ZEND_SR_SPEC_CONST_VAR_HANDLER,
30326 ZEND_NULL_HANDLER,
30327 ZEND_SR_SPEC_CONST_CV_HANDLER,
30328 ZEND_SR_SPEC_TMP_CONST_HANDLER,
30329 ZEND_SR_SPEC_TMP_TMP_HANDLER,
30330 ZEND_SR_SPEC_TMP_VAR_HANDLER,
30331 ZEND_NULL_HANDLER,
30332 ZEND_SR_SPEC_TMP_CV_HANDLER,
30333 ZEND_SR_SPEC_VAR_CONST_HANDLER,
30334 ZEND_SR_SPEC_VAR_TMP_HANDLER,
30335 ZEND_SR_SPEC_VAR_VAR_HANDLER,
30336 ZEND_NULL_HANDLER,
30337 ZEND_SR_SPEC_VAR_CV_HANDLER,
30338 ZEND_NULL_HANDLER,
30339 ZEND_NULL_HANDLER,
30340 ZEND_NULL_HANDLER,
30341 ZEND_NULL_HANDLER,
30342 ZEND_NULL_HANDLER,
30343 ZEND_SR_SPEC_CV_CONST_HANDLER,
30344 ZEND_SR_SPEC_CV_TMP_HANDLER,
30345 ZEND_SR_SPEC_CV_VAR_HANDLER,
30346 ZEND_NULL_HANDLER,
30347 ZEND_SR_SPEC_CV_CV_HANDLER,
30348 ZEND_CONCAT_SPEC_CONST_CONST_HANDLER,
30349 ZEND_CONCAT_SPEC_CONST_TMP_HANDLER,
30350 ZEND_CONCAT_SPEC_CONST_VAR_HANDLER,
30351 ZEND_NULL_HANDLER,
30352 ZEND_CONCAT_SPEC_CONST_CV_HANDLER,
30353 ZEND_CONCAT_SPEC_TMP_CONST_HANDLER,
30354 ZEND_CONCAT_SPEC_TMP_TMP_HANDLER,
30355 ZEND_CONCAT_SPEC_TMP_VAR_HANDLER,
30356 ZEND_NULL_HANDLER,
30357 ZEND_CONCAT_SPEC_TMP_CV_HANDLER,
30358 ZEND_CONCAT_SPEC_VAR_CONST_HANDLER,
30359 ZEND_CONCAT_SPEC_VAR_TMP_HANDLER,
30360 ZEND_CONCAT_SPEC_VAR_VAR_HANDLER,
30361 ZEND_NULL_HANDLER,
30362 ZEND_CONCAT_SPEC_VAR_CV_HANDLER,
30363 ZEND_NULL_HANDLER,
30364 ZEND_NULL_HANDLER,
30365 ZEND_NULL_HANDLER,
30366 ZEND_NULL_HANDLER,
30367 ZEND_NULL_HANDLER,
30368 ZEND_CONCAT_SPEC_CV_CONST_HANDLER,
30369 ZEND_CONCAT_SPEC_CV_TMP_HANDLER,
30370 ZEND_CONCAT_SPEC_CV_VAR_HANDLER,
30371 ZEND_NULL_HANDLER,
30372 ZEND_CONCAT_SPEC_CV_CV_HANDLER,
30373 ZEND_BW_OR_SPEC_CONST_CONST_HANDLER,
30374 ZEND_BW_OR_SPEC_CONST_TMP_HANDLER,
30375 ZEND_BW_OR_SPEC_CONST_VAR_HANDLER,
30376 ZEND_NULL_HANDLER,
30377 ZEND_BW_OR_SPEC_CONST_CV_HANDLER,
30378 ZEND_BW_OR_SPEC_TMP_CONST_HANDLER,
30379 ZEND_BW_OR_SPEC_TMP_TMP_HANDLER,
30380 ZEND_BW_OR_SPEC_TMP_VAR_HANDLER,
30381 ZEND_NULL_HANDLER,
30382 ZEND_BW_OR_SPEC_TMP_CV_HANDLER,
30383 ZEND_BW_OR_SPEC_VAR_CONST_HANDLER,
30384 ZEND_BW_OR_SPEC_VAR_TMP_HANDLER,
30385 ZEND_BW_OR_SPEC_VAR_VAR_HANDLER,
30386 ZEND_NULL_HANDLER,
30387 ZEND_BW_OR_SPEC_VAR_CV_HANDLER,
30388 ZEND_NULL_HANDLER,
30389 ZEND_NULL_HANDLER,
30390 ZEND_NULL_HANDLER,
30391 ZEND_NULL_HANDLER,
30392 ZEND_NULL_HANDLER,
30393 ZEND_BW_OR_SPEC_CV_CONST_HANDLER,
30394 ZEND_BW_OR_SPEC_CV_TMP_HANDLER,
30395 ZEND_BW_OR_SPEC_CV_VAR_HANDLER,
30396 ZEND_NULL_HANDLER,
30397 ZEND_BW_OR_SPEC_CV_CV_HANDLER,
30398 ZEND_BW_AND_SPEC_CONST_CONST_HANDLER,
30399 ZEND_BW_AND_SPEC_CONST_TMP_HANDLER,
30400 ZEND_BW_AND_SPEC_CONST_VAR_HANDLER,
30401 ZEND_NULL_HANDLER,
30402 ZEND_BW_AND_SPEC_CONST_CV_HANDLER,
30403 ZEND_BW_AND_SPEC_TMP_CONST_HANDLER,
30404 ZEND_BW_AND_SPEC_TMP_TMP_HANDLER,
30405 ZEND_BW_AND_SPEC_TMP_VAR_HANDLER,
30406 ZEND_NULL_HANDLER,
30407 ZEND_BW_AND_SPEC_TMP_CV_HANDLER,
30408 ZEND_BW_AND_SPEC_VAR_CONST_HANDLER,
30409 ZEND_BW_AND_SPEC_VAR_TMP_HANDLER,
30410 ZEND_BW_AND_SPEC_VAR_VAR_HANDLER,
30411 ZEND_NULL_HANDLER,
30412 ZEND_BW_AND_SPEC_VAR_CV_HANDLER,
30413 ZEND_NULL_HANDLER,
30414 ZEND_NULL_HANDLER,
30415 ZEND_NULL_HANDLER,
30416 ZEND_NULL_HANDLER,
30417 ZEND_NULL_HANDLER,
30418 ZEND_BW_AND_SPEC_CV_CONST_HANDLER,
30419 ZEND_BW_AND_SPEC_CV_TMP_HANDLER,
30420 ZEND_BW_AND_SPEC_CV_VAR_HANDLER,
30421 ZEND_NULL_HANDLER,
30422 ZEND_BW_AND_SPEC_CV_CV_HANDLER,
30423 ZEND_BW_XOR_SPEC_CONST_CONST_HANDLER,
30424 ZEND_BW_XOR_SPEC_CONST_TMP_HANDLER,
30425 ZEND_BW_XOR_SPEC_CONST_VAR_HANDLER,
30426 ZEND_NULL_HANDLER,
30427 ZEND_BW_XOR_SPEC_CONST_CV_HANDLER,
30428 ZEND_BW_XOR_SPEC_TMP_CONST_HANDLER,
30429 ZEND_BW_XOR_SPEC_TMP_TMP_HANDLER,
30430 ZEND_BW_XOR_SPEC_TMP_VAR_HANDLER,
30431 ZEND_NULL_HANDLER,
30432 ZEND_BW_XOR_SPEC_TMP_CV_HANDLER,
30433 ZEND_BW_XOR_SPEC_VAR_CONST_HANDLER,
30434 ZEND_BW_XOR_SPEC_VAR_TMP_HANDLER,
30435 ZEND_BW_XOR_SPEC_VAR_VAR_HANDLER,
30436 ZEND_NULL_HANDLER,
30437 ZEND_BW_XOR_SPEC_VAR_CV_HANDLER,
30438 ZEND_NULL_HANDLER,
30439 ZEND_NULL_HANDLER,
30440 ZEND_NULL_HANDLER,
30441 ZEND_NULL_HANDLER,
30442 ZEND_NULL_HANDLER,
30443 ZEND_BW_XOR_SPEC_CV_CONST_HANDLER,
30444 ZEND_BW_XOR_SPEC_CV_TMP_HANDLER,
30445 ZEND_BW_XOR_SPEC_CV_VAR_HANDLER,
30446 ZEND_NULL_HANDLER,
30447 ZEND_BW_XOR_SPEC_CV_CV_HANDLER,
30448 ZEND_BW_NOT_SPEC_CONST_HANDLER,
30449 ZEND_BW_NOT_SPEC_CONST_HANDLER,
30450 ZEND_BW_NOT_SPEC_CONST_HANDLER,
30451 ZEND_BW_NOT_SPEC_CONST_HANDLER,
30452 ZEND_BW_NOT_SPEC_CONST_HANDLER,
30453 ZEND_BW_NOT_SPEC_TMP_HANDLER,
30454 ZEND_BW_NOT_SPEC_TMP_HANDLER,
30455 ZEND_BW_NOT_SPEC_TMP_HANDLER,
30456 ZEND_BW_NOT_SPEC_TMP_HANDLER,
30457 ZEND_BW_NOT_SPEC_TMP_HANDLER,
30458 ZEND_BW_NOT_SPEC_VAR_HANDLER,
30459 ZEND_BW_NOT_SPEC_VAR_HANDLER,
30460 ZEND_BW_NOT_SPEC_VAR_HANDLER,
30461 ZEND_BW_NOT_SPEC_VAR_HANDLER,
30462 ZEND_BW_NOT_SPEC_VAR_HANDLER,
30463 ZEND_NULL_HANDLER,
30464 ZEND_NULL_HANDLER,
30465 ZEND_NULL_HANDLER,
30466 ZEND_NULL_HANDLER,
30467 ZEND_NULL_HANDLER,
30468 ZEND_BW_NOT_SPEC_CV_HANDLER,
30469 ZEND_BW_NOT_SPEC_CV_HANDLER,
30470 ZEND_BW_NOT_SPEC_CV_HANDLER,
30471 ZEND_BW_NOT_SPEC_CV_HANDLER,
30472 ZEND_BW_NOT_SPEC_CV_HANDLER,
30473 ZEND_BOOL_NOT_SPEC_CONST_HANDLER,
30474 ZEND_BOOL_NOT_SPEC_CONST_HANDLER,
30475 ZEND_BOOL_NOT_SPEC_CONST_HANDLER,
30476 ZEND_BOOL_NOT_SPEC_CONST_HANDLER,
30477 ZEND_BOOL_NOT_SPEC_CONST_HANDLER,
30478 ZEND_BOOL_NOT_SPEC_TMP_HANDLER,
30479 ZEND_BOOL_NOT_SPEC_TMP_HANDLER,
30480 ZEND_BOOL_NOT_SPEC_TMP_HANDLER,
30481 ZEND_BOOL_NOT_SPEC_TMP_HANDLER,
30482 ZEND_BOOL_NOT_SPEC_TMP_HANDLER,
30483 ZEND_BOOL_NOT_SPEC_VAR_HANDLER,
30484 ZEND_BOOL_NOT_SPEC_VAR_HANDLER,
30485 ZEND_BOOL_NOT_SPEC_VAR_HANDLER,
30486 ZEND_BOOL_NOT_SPEC_VAR_HANDLER,
30487 ZEND_BOOL_NOT_SPEC_VAR_HANDLER,
30488 ZEND_NULL_HANDLER,
30489 ZEND_NULL_HANDLER,
30490 ZEND_NULL_HANDLER,
30491 ZEND_NULL_HANDLER,
30492 ZEND_NULL_HANDLER,
30493 ZEND_BOOL_NOT_SPEC_CV_HANDLER,
30494 ZEND_BOOL_NOT_SPEC_CV_HANDLER,
30495 ZEND_BOOL_NOT_SPEC_CV_HANDLER,
30496 ZEND_BOOL_NOT_SPEC_CV_HANDLER,
30497 ZEND_BOOL_NOT_SPEC_CV_HANDLER,
30498 ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER,
30499 ZEND_BOOL_XOR_SPEC_CONST_TMP_HANDLER,
30500 ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER,
30501 ZEND_NULL_HANDLER,
30502 ZEND_BOOL_XOR_SPEC_CONST_CV_HANDLER,
30503 ZEND_BOOL_XOR_SPEC_TMP_CONST_HANDLER,
30504 ZEND_BOOL_XOR_SPEC_TMP_TMP_HANDLER,
30505 ZEND_BOOL_XOR_SPEC_TMP_VAR_HANDLER,
30506 ZEND_NULL_HANDLER,
30507 ZEND_BOOL_XOR_SPEC_TMP_CV_HANDLER,
30508 ZEND_BOOL_XOR_SPEC_VAR_CONST_HANDLER,
30509 ZEND_BOOL_XOR_SPEC_VAR_TMP_HANDLER,
30510 ZEND_BOOL_XOR_SPEC_VAR_VAR_HANDLER,
30511 ZEND_NULL_HANDLER,
30512 ZEND_BOOL_XOR_SPEC_VAR_CV_HANDLER,
30513 ZEND_NULL_HANDLER,
30514 ZEND_NULL_HANDLER,
30515 ZEND_NULL_HANDLER,
30516 ZEND_NULL_HANDLER,
30517 ZEND_NULL_HANDLER,
30518 ZEND_BOOL_XOR_SPEC_CV_CONST_HANDLER,
30519 ZEND_BOOL_XOR_SPEC_CV_TMP_HANDLER,
30520 ZEND_BOOL_XOR_SPEC_CV_VAR_HANDLER,
30521 ZEND_NULL_HANDLER,
30522 ZEND_BOOL_XOR_SPEC_CV_CV_HANDLER,
30523 ZEND_IS_IDENTICAL_SPEC_CONST_CONST_HANDLER,
30524 ZEND_IS_IDENTICAL_SPEC_CONST_TMP_HANDLER,
30525 ZEND_IS_IDENTICAL_SPEC_CONST_VAR_HANDLER,
30526 ZEND_NULL_HANDLER,
30527 ZEND_IS_IDENTICAL_SPEC_CONST_CV_HANDLER,
30528 ZEND_IS_IDENTICAL_SPEC_TMP_CONST_HANDLER,
30529 ZEND_IS_IDENTICAL_SPEC_TMP_TMP_HANDLER,
30530 ZEND_IS_IDENTICAL_SPEC_TMP_VAR_HANDLER,
30531 ZEND_NULL_HANDLER,
30532 ZEND_IS_IDENTICAL_SPEC_TMP_CV_HANDLER,
30533 ZEND_IS_IDENTICAL_SPEC_VAR_CONST_HANDLER,
30534 ZEND_IS_IDENTICAL_SPEC_VAR_TMP_HANDLER,
30535 ZEND_IS_IDENTICAL_SPEC_VAR_VAR_HANDLER,
30536 ZEND_NULL_HANDLER,
30537 ZEND_IS_IDENTICAL_SPEC_VAR_CV_HANDLER,
30538 ZEND_NULL_HANDLER,
30539 ZEND_NULL_HANDLER,
30540 ZEND_NULL_HANDLER,
30541 ZEND_NULL_HANDLER,
30542 ZEND_NULL_HANDLER,
30543 ZEND_IS_IDENTICAL_SPEC_CV_CONST_HANDLER,
30544 ZEND_IS_IDENTICAL_SPEC_CV_TMP_HANDLER,
30545 ZEND_IS_IDENTICAL_SPEC_CV_VAR_HANDLER,
30546 ZEND_NULL_HANDLER,
30547 ZEND_IS_IDENTICAL_SPEC_CV_CV_HANDLER,
30548 ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CONST_HANDLER,
30549 ZEND_IS_NOT_IDENTICAL_SPEC_CONST_TMP_HANDLER,
30550 ZEND_IS_NOT_IDENTICAL_SPEC_CONST_VAR_HANDLER,
30551 ZEND_NULL_HANDLER,
30552 ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CV_HANDLER,
30553 ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CONST_HANDLER,
30554 ZEND_IS_NOT_IDENTICAL_SPEC_TMP_TMP_HANDLER,
30555 ZEND_IS_NOT_IDENTICAL_SPEC_TMP_VAR_HANDLER,
30556 ZEND_NULL_HANDLER,
30557 ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CV_HANDLER,
30558 ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CONST_HANDLER,
30559 ZEND_IS_NOT_IDENTICAL_SPEC_VAR_TMP_HANDLER,
30560 ZEND_IS_NOT_IDENTICAL_SPEC_VAR_VAR_HANDLER,
30561 ZEND_NULL_HANDLER,
30562 ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CV_HANDLER,
30563 ZEND_NULL_HANDLER,
30564 ZEND_NULL_HANDLER,
30565 ZEND_NULL_HANDLER,
30566 ZEND_NULL_HANDLER,
30567 ZEND_NULL_HANDLER,
30568 ZEND_IS_NOT_IDENTICAL_SPEC_CV_CONST_HANDLER,
30569 ZEND_IS_NOT_IDENTICAL_SPEC_CV_TMP_HANDLER,
30570 ZEND_IS_NOT_IDENTICAL_SPEC_CV_VAR_HANDLER,
30571 ZEND_NULL_HANDLER,
30572 ZEND_IS_NOT_IDENTICAL_SPEC_CV_CV_HANDLER,
30573 ZEND_IS_EQUAL_SPEC_CONST_CONST_HANDLER,
30574 ZEND_IS_EQUAL_SPEC_CONST_TMP_HANDLER,
30575 ZEND_IS_EQUAL_SPEC_CONST_VAR_HANDLER,
30576 ZEND_NULL_HANDLER,
30577 ZEND_IS_EQUAL_SPEC_CONST_CV_HANDLER,
30578 ZEND_IS_EQUAL_SPEC_TMP_CONST_HANDLER,
30579 ZEND_IS_EQUAL_SPEC_TMP_TMP_HANDLER,
30580 ZEND_IS_EQUAL_SPEC_TMP_VAR_HANDLER,
30581 ZEND_NULL_HANDLER,
30582 ZEND_IS_EQUAL_SPEC_TMP_CV_HANDLER,
30583 ZEND_IS_EQUAL_SPEC_VAR_CONST_HANDLER,
30584 ZEND_IS_EQUAL_SPEC_VAR_TMP_HANDLER,
30585 ZEND_IS_EQUAL_SPEC_VAR_VAR_HANDLER,
30586 ZEND_NULL_HANDLER,
30587 ZEND_IS_EQUAL_SPEC_VAR_CV_HANDLER,
30588 ZEND_NULL_HANDLER,
30589 ZEND_NULL_HANDLER,
30590 ZEND_NULL_HANDLER,
30591 ZEND_NULL_HANDLER,
30592 ZEND_NULL_HANDLER,
30593 ZEND_IS_EQUAL_SPEC_CV_CONST_HANDLER,
30594 ZEND_IS_EQUAL_SPEC_CV_TMP_HANDLER,
30595 ZEND_IS_EQUAL_SPEC_CV_VAR_HANDLER,
30596 ZEND_NULL_HANDLER,
30597 ZEND_IS_EQUAL_SPEC_CV_CV_HANDLER,
30598 ZEND_IS_NOT_EQUAL_SPEC_CONST_CONST_HANDLER,
30599 ZEND_IS_NOT_EQUAL_SPEC_CONST_TMP_HANDLER,
30600 ZEND_IS_NOT_EQUAL_SPEC_CONST_VAR_HANDLER,
30601 ZEND_NULL_HANDLER,
30602 ZEND_IS_NOT_EQUAL_SPEC_CONST_CV_HANDLER,
30603 ZEND_IS_NOT_EQUAL_SPEC_TMP_CONST_HANDLER,
30604 ZEND_IS_NOT_EQUAL_SPEC_TMP_TMP_HANDLER,
30605 ZEND_IS_NOT_EQUAL_SPEC_TMP_VAR_HANDLER,
30606 ZEND_NULL_HANDLER,
30607 ZEND_IS_NOT_EQUAL_SPEC_TMP_CV_HANDLER,
30608 ZEND_IS_NOT_EQUAL_SPEC_VAR_CONST_HANDLER,
30609 ZEND_IS_NOT_EQUAL_SPEC_VAR_TMP_HANDLER,
30610 ZEND_IS_NOT_EQUAL_SPEC_VAR_VAR_HANDLER,
30611 ZEND_NULL_HANDLER,
30612 ZEND_IS_NOT_EQUAL_SPEC_VAR_CV_HANDLER,
30613 ZEND_NULL_HANDLER,
30614 ZEND_NULL_HANDLER,
30615 ZEND_NULL_HANDLER,
30616 ZEND_NULL_HANDLER,
30617 ZEND_NULL_HANDLER,
30618 ZEND_IS_NOT_EQUAL_SPEC_CV_CONST_HANDLER,
30619 ZEND_IS_NOT_EQUAL_SPEC_CV_TMP_HANDLER,
30620 ZEND_IS_NOT_EQUAL_SPEC_CV_VAR_HANDLER,
30621 ZEND_NULL_HANDLER,
30622 ZEND_IS_NOT_EQUAL_SPEC_CV_CV_HANDLER,
30623 ZEND_IS_SMALLER_SPEC_CONST_CONST_HANDLER,
30624 ZEND_IS_SMALLER_SPEC_CONST_TMP_HANDLER,
30625 ZEND_IS_SMALLER_SPEC_CONST_VAR_HANDLER,
30626 ZEND_NULL_HANDLER,
30627 ZEND_IS_SMALLER_SPEC_CONST_CV_HANDLER,
30628 ZEND_IS_SMALLER_SPEC_TMP_CONST_HANDLER,
30629 ZEND_IS_SMALLER_SPEC_TMP_TMP_HANDLER,
30630 ZEND_IS_SMALLER_SPEC_TMP_VAR_HANDLER,
30631 ZEND_NULL_HANDLER,
30632 ZEND_IS_SMALLER_SPEC_TMP_CV_HANDLER,
30633 ZEND_IS_SMALLER_SPEC_VAR_CONST_HANDLER,
30634 ZEND_IS_SMALLER_SPEC_VAR_TMP_HANDLER,
30635 ZEND_IS_SMALLER_SPEC_VAR_VAR_HANDLER,
30636 ZEND_NULL_HANDLER,
30637 ZEND_IS_SMALLER_SPEC_VAR_CV_HANDLER,
30638 ZEND_NULL_HANDLER,
30639 ZEND_NULL_HANDLER,
30640 ZEND_NULL_HANDLER,
30641 ZEND_NULL_HANDLER,
30642 ZEND_NULL_HANDLER,
30643 ZEND_IS_SMALLER_SPEC_CV_CONST_HANDLER,
30644 ZEND_IS_SMALLER_SPEC_CV_TMP_HANDLER,
30645 ZEND_IS_SMALLER_SPEC_CV_VAR_HANDLER,
30646 ZEND_NULL_HANDLER,
30647 ZEND_IS_SMALLER_SPEC_CV_CV_HANDLER,
30648 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CONST_HANDLER,
30649 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_TMP_HANDLER,
30650 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_VAR_HANDLER,
30651 ZEND_NULL_HANDLER,
30652 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CV_HANDLER,
30653 ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CONST_HANDLER,
30654 ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_TMP_HANDLER,
30655 ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_VAR_HANDLER,
30656 ZEND_NULL_HANDLER,
30657 ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CV_HANDLER,
30658 ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CONST_HANDLER,
30659 ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_TMP_HANDLER,
30660 ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_VAR_HANDLER,
30661 ZEND_NULL_HANDLER,
30662 ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CV_HANDLER,
30663 ZEND_NULL_HANDLER,
30664 ZEND_NULL_HANDLER,
30665 ZEND_NULL_HANDLER,
30666 ZEND_NULL_HANDLER,
30667 ZEND_NULL_HANDLER,
30668 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CONST_HANDLER,
30669 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_TMP_HANDLER,
30670 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_VAR_HANDLER,
30671 ZEND_NULL_HANDLER,
30672 ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CV_HANDLER,
30673 ZEND_CAST_SPEC_CONST_HANDLER,
30674 ZEND_CAST_SPEC_CONST_HANDLER,
30675 ZEND_CAST_SPEC_CONST_HANDLER,
30676 ZEND_CAST_SPEC_CONST_HANDLER,
30677 ZEND_CAST_SPEC_CONST_HANDLER,
30678 ZEND_CAST_SPEC_TMP_HANDLER,
30679 ZEND_CAST_SPEC_TMP_HANDLER,
30680 ZEND_CAST_SPEC_TMP_HANDLER,
30681 ZEND_CAST_SPEC_TMP_HANDLER,
30682 ZEND_CAST_SPEC_TMP_HANDLER,
30683 ZEND_CAST_SPEC_VAR_HANDLER,
30684 ZEND_CAST_SPEC_VAR_HANDLER,
30685 ZEND_CAST_SPEC_VAR_HANDLER,
30686 ZEND_CAST_SPEC_VAR_HANDLER,
30687 ZEND_CAST_SPEC_VAR_HANDLER,
30688 ZEND_NULL_HANDLER,
30689 ZEND_NULL_HANDLER,
30690 ZEND_NULL_HANDLER,
30691 ZEND_NULL_HANDLER,
30692 ZEND_NULL_HANDLER,
30693 ZEND_CAST_SPEC_CV_HANDLER,
30694 ZEND_CAST_SPEC_CV_HANDLER,
30695 ZEND_CAST_SPEC_CV_HANDLER,
30696 ZEND_CAST_SPEC_CV_HANDLER,
30697 ZEND_CAST_SPEC_CV_HANDLER,
30698 ZEND_QM_ASSIGN_SPEC_CONST_HANDLER,
30699 ZEND_QM_ASSIGN_SPEC_CONST_HANDLER,
30700 ZEND_QM_ASSIGN_SPEC_CONST_HANDLER,
30701 ZEND_QM_ASSIGN_SPEC_CONST_HANDLER,
30702 ZEND_QM_ASSIGN_SPEC_CONST_HANDLER,
30703 ZEND_QM_ASSIGN_SPEC_TMP_HANDLER,
30704 ZEND_QM_ASSIGN_SPEC_TMP_HANDLER,
30705 ZEND_QM_ASSIGN_SPEC_TMP_HANDLER,
30706 ZEND_QM_ASSIGN_SPEC_TMP_HANDLER,
30707 ZEND_QM_ASSIGN_SPEC_TMP_HANDLER,
30708 ZEND_QM_ASSIGN_SPEC_VAR_HANDLER,
30709 ZEND_QM_ASSIGN_SPEC_VAR_HANDLER,
30710 ZEND_QM_ASSIGN_SPEC_VAR_HANDLER,
30711 ZEND_QM_ASSIGN_SPEC_VAR_HANDLER,
30712 ZEND_QM_ASSIGN_SPEC_VAR_HANDLER,
30713 ZEND_NULL_HANDLER,
30714 ZEND_NULL_HANDLER,
30715 ZEND_NULL_HANDLER,
30716 ZEND_NULL_HANDLER,
30717 ZEND_NULL_HANDLER,
30718 ZEND_QM_ASSIGN_SPEC_CV_HANDLER,
30719 ZEND_QM_ASSIGN_SPEC_CV_HANDLER,
30720 ZEND_QM_ASSIGN_SPEC_CV_HANDLER,
30721 ZEND_QM_ASSIGN_SPEC_CV_HANDLER,
30722 ZEND_QM_ASSIGN_SPEC_CV_HANDLER,
30723 ZEND_NULL_HANDLER,
30724 ZEND_NULL_HANDLER,
30725 ZEND_NULL_HANDLER,
30726 ZEND_NULL_HANDLER,
30727 ZEND_NULL_HANDLER,
30728 ZEND_NULL_HANDLER,
30729 ZEND_NULL_HANDLER,
30730 ZEND_NULL_HANDLER,
30731 ZEND_NULL_HANDLER,
30732 ZEND_NULL_HANDLER,
30733 ZEND_ASSIGN_ADD_SPEC_VAR_CONST_HANDLER,
30734 ZEND_ASSIGN_ADD_SPEC_VAR_TMP_HANDLER,
30735 ZEND_ASSIGN_ADD_SPEC_VAR_VAR_HANDLER,
30736 ZEND_ASSIGN_ADD_SPEC_VAR_UNUSED_HANDLER,
30737 ZEND_ASSIGN_ADD_SPEC_VAR_CV_HANDLER,
30738 ZEND_ASSIGN_ADD_SPEC_UNUSED_CONST_HANDLER,
30739 ZEND_ASSIGN_ADD_SPEC_UNUSED_TMP_HANDLER,
30740 ZEND_ASSIGN_ADD_SPEC_UNUSED_VAR_HANDLER,
30741 ZEND_ASSIGN_ADD_SPEC_UNUSED_UNUSED_HANDLER,
30742 ZEND_ASSIGN_ADD_SPEC_UNUSED_CV_HANDLER,
30743 ZEND_ASSIGN_ADD_SPEC_CV_CONST_HANDLER,
30744 ZEND_ASSIGN_ADD_SPEC_CV_TMP_HANDLER,
30745 ZEND_ASSIGN_ADD_SPEC_CV_VAR_HANDLER,
30746 ZEND_ASSIGN_ADD_SPEC_CV_UNUSED_HANDLER,
30747 ZEND_ASSIGN_ADD_SPEC_CV_CV_HANDLER,
30748 ZEND_NULL_HANDLER,
30749 ZEND_NULL_HANDLER,
30750 ZEND_NULL_HANDLER,
30751 ZEND_NULL_HANDLER,
30752 ZEND_NULL_HANDLER,
30753 ZEND_NULL_HANDLER,
30754 ZEND_NULL_HANDLER,
30755 ZEND_NULL_HANDLER,
30756 ZEND_NULL_HANDLER,
30757 ZEND_NULL_HANDLER,
30758 ZEND_ASSIGN_SUB_SPEC_VAR_CONST_HANDLER,
30759 ZEND_ASSIGN_SUB_SPEC_VAR_TMP_HANDLER,
30760 ZEND_ASSIGN_SUB_SPEC_VAR_VAR_HANDLER,
30761 ZEND_ASSIGN_SUB_SPEC_VAR_UNUSED_HANDLER,
30762 ZEND_ASSIGN_SUB_SPEC_VAR_CV_HANDLER,
30763 ZEND_ASSIGN_SUB_SPEC_UNUSED_CONST_HANDLER,
30764 ZEND_ASSIGN_SUB_SPEC_UNUSED_TMP_HANDLER,
30765 ZEND_ASSIGN_SUB_SPEC_UNUSED_VAR_HANDLER,
30766 ZEND_ASSIGN_SUB_SPEC_UNUSED_UNUSED_HANDLER,
30767 ZEND_ASSIGN_SUB_SPEC_UNUSED_CV_HANDLER,
30768 ZEND_ASSIGN_SUB_SPEC_CV_CONST_HANDLER,
30769 ZEND_ASSIGN_SUB_SPEC_CV_TMP_HANDLER,
30770 ZEND_ASSIGN_SUB_SPEC_CV_VAR_HANDLER,
30771 ZEND_ASSIGN_SUB_SPEC_CV_UNUSED_HANDLER,
30772 ZEND_ASSIGN_SUB_SPEC_CV_CV_HANDLER,
30773 ZEND_NULL_HANDLER,
30774 ZEND_NULL_HANDLER,
30775 ZEND_NULL_HANDLER,
30776 ZEND_NULL_HANDLER,
30777 ZEND_NULL_HANDLER,
30778 ZEND_NULL_HANDLER,
30779 ZEND_NULL_HANDLER,
30780 ZEND_NULL_HANDLER,
30781 ZEND_NULL_HANDLER,
30782 ZEND_NULL_HANDLER,
30783 ZEND_ASSIGN_MUL_SPEC_VAR_CONST_HANDLER,
30784 ZEND_ASSIGN_MUL_SPEC_VAR_TMP_HANDLER,
30785 ZEND_ASSIGN_MUL_SPEC_VAR_VAR_HANDLER,
30786 ZEND_ASSIGN_MUL_SPEC_VAR_UNUSED_HANDLER,
30787 ZEND_ASSIGN_MUL_SPEC_VAR_CV_HANDLER,
30788 ZEND_ASSIGN_MUL_SPEC_UNUSED_CONST_HANDLER,
30789 ZEND_ASSIGN_MUL_SPEC_UNUSED_TMP_HANDLER,
30790 ZEND_ASSIGN_MUL_SPEC_UNUSED_VAR_HANDLER,
30791 ZEND_ASSIGN_MUL_SPEC_UNUSED_UNUSED_HANDLER,
30792 ZEND_ASSIGN_MUL_SPEC_UNUSED_CV_HANDLER,
30793 ZEND_ASSIGN_MUL_SPEC_CV_CONST_HANDLER,
30794 ZEND_ASSIGN_MUL_SPEC_CV_TMP_HANDLER,
30795 ZEND_ASSIGN_MUL_SPEC_CV_VAR_HANDLER,
30796 ZEND_ASSIGN_MUL_SPEC_CV_UNUSED_HANDLER,
30797 ZEND_ASSIGN_MUL_SPEC_CV_CV_HANDLER,
30798 ZEND_NULL_HANDLER,
30799 ZEND_NULL_HANDLER,
30800 ZEND_NULL_HANDLER,
30801 ZEND_NULL_HANDLER,
30802 ZEND_NULL_HANDLER,
30803 ZEND_NULL_HANDLER,
30804 ZEND_NULL_HANDLER,
30805 ZEND_NULL_HANDLER,
30806 ZEND_NULL_HANDLER,
30807 ZEND_NULL_HANDLER,
30808 ZEND_ASSIGN_DIV_SPEC_VAR_CONST_HANDLER,
30809 ZEND_ASSIGN_DIV_SPEC_VAR_TMP_HANDLER,
30810 ZEND_ASSIGN_DIV_SPEC_VAR_VAR_HANDLER,
30811 ZEND_ASSIGN_DIV_SPEC_VAR_UNUSED_HANDLER,
30812 ZEND_ASSIGN_DIV_SPEC_VAR_CV_HANDLER,
30813 ZEND_ASSIGN_DIV_SPEC_UNUSED_CONST_HANDLER,
30814 ZEND_ASSIGN_DIV_SPEC_UNUSED_TMP_HANDLER,
30815 ZEND_ASSIGN_DIV_SPEC_UNUSED_VAR_HANDLER,
30816 ZEND_ASSIGN_DIV_SPEC_UNUSED_UNUSED_HANDLER,
30817 ZEND_ASSIGN_DIV_SPEC_UNUSED_CV_HANDLER,
30818 ZEND_ASSIGN_DIV_SPEC_CV_CONST_HANDLER,
30819 ZEND_ASSIGN_DIV_SPEC_CV_TMP_HANDLER,
30820 ZEND_ASSIGN_DIV_SPEC_CV_VAR_HANDLER,
30821 ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER,
30822 ZEND_ASSIGN_DIV_SPEC_CV_CV_HANDLER,
30823 ZEND_NULL_HANDLER,
30824 ZEND_NULL_HANDLER,
30825 ZEND_NULL_HANDLER,
30826 ZEND_NULL_HANDLER,
30827 ZEND_NULL_HANDLER,
30828 ZEND_NULL_HANDLER,
30829 ZEND_NULL_HANDLER,
30830 ZEND_NULL_HANDLER,
30831 ZEND_NULL_HANDLER,
30832 ZEND_NULL_HANDLER,
30833 ZEND_ASSIGN_MOD_SPEC_VAR_CONST_HANDLER,
30834 ZEND_ASSIGN_MOD_SPEC_VAR_TMP_HANDLER,
30835 ZEND_ASSIGN_MOD_SPEC_VAR_VAR_HANDLER,
30836 ZEND_ASSIGN_MOD_SPEC_VAR_UNUSED_HANDLER,
30837 ZEND_ASSIGN_MOD_SPEC_VAR_CV_HANDLER,
30838 ZEND_ASSIGN_MOD_SPEC_UNUSED_CONST_HANDLER,
30839 ZEND_ASSIGN_MOD_SPEC_UNUSED_TMP_HANDLER,
30840 ZEND_ASSIGN_MOD_SPEC_UNUSED_VAR_HANDLER,
30841 ZEND_ASSIGN_MOD_SPEC_UNUSED_UNUSED_HANDLER,
30842 ZEND_ASSIGN_MOD_SPEC_UNUSED_CV_HANDLER,
30843 ZEND_ASSIGN_MOD_SPEC_CV_CONST_HANDLER,
30844 ZEND_ASSIGN_MOD_SPEC_CV_TMP_HANDLER,
30845 ZEND_ASSIGN_MOD_SPEC_CV_VAR_HANDLER,
30846 ZEND_ASSIGN_MOD_SPEC_CV_UNUSED_HANDLER,
30847 ZEND_ASSIGN_MOD_SPEC_CV_CV_HANDLER,
30848 ZEND_NULL_HANDLER,
30849 ZEND_NULL_HANDLER,
30850 ZEND_NULL_HANDLER,
30851 ZEND_NULL_HANDLER,
30852 ZEND_NULL_HANDLER,
30853 ZEND_NULL_HANDLER,
30854 ZEND_NULL_HANDLER,
30855 ZEND_NULL_HANDLER,
30856 ZEND_NULL_HANDLER,
30857 ZEND_NULL_HANDLER,
30858 ZEND_ASSIGN_SL_SPEC_VAR_CONST_HANDLER,
30859 ZEND_ASSIGN_SL_SPEC_VAR_TMP_HANDLER,
30860 ZEND_ASSIGN_SL_SPEC_VAR_VAR_HANDLER,
30861 ZEND_ASSIGN_SL_SPEC_VAR_UNUSED_HANDLER,
30862 ZEND_ASSIGN_SL_SPEC_VAR_CV_HANDLER,
30863 ZEND_ASSIGN_SL_SPEC_UNUSED_CONST_HANDLER,
30864 ZEND_ASSIGN_SL_SPEC_UNUSED_TMP_HANDLER,
30865 ZEND_ASSIGN_SL_SPEC_UNUSED_VAR_HANDLER,
30866 ZEND_ASSIGN_SL_SPEC_UNUSED_UNUSED_HANDLER,
30867 ZEND_ASSIGN_SL_SPEC_UNUSED_CV_HANDLER,
30868 ZEND_ASSIGN_SL_SPEC_CV_CONST_HANDLER,
30869 ZEND_ASSIGN_SL_SPEC_CV_TMP_HANDLER,
30870 ZEND_ASSIGN_SL_SPEC_CV_VAR_HANDLER,
30871 ZEND_ASSIGN_SL_SPEC_CV_UNUSED_HANDLER,
30872 ZEND_ASSIGN_SL_SPEC_CV_CV_HANDLER,
30873 ZEND_NULL_HANDLER,
30874 ZEND_NULL_HANDLER,
30875 ZEND_NULL_HANDLER,
30876 ZEND_NULL_HANDLER,
30877 ZEND_NULL_HANDLER,
30878 ZEND_NULL_HANDLER,
30879 ZEND_NULL_HANDLER,
30880 ZEND_NULL_HANDLER,
30881 ZEND_NULL_HANDLER,
30882 ZEND_NULL_HANDLER,
30883 ZEND_ASSIGN_SR_SPEC_VAR_CONST_HANDLER,
30884 ZEND_ASSIGN_SR_SPEC_VAR_TMP_HANDLER,
30885 ZEND_ASSIGN_SR_SPEC_VAR_VAR_HANDLER,
30886 ZEND_ASSIGN_SR_SPEC_VAR_UNUSED_HANDLER,
30887 ZEND_ASSIGN_SR_SPEC_VAR_CV_HANDLER,
30888 ZEND_ASSIGN_SR_SPEC_UNUSED_CONST_HANDLER,
30889 ZEND_ASSIGN_SR_SPEC_UNUSED_TMP_HANDLER,
30890 ZEND_ASSIGN_SR_SPEC_UNUSED_VAR_HANDLER,
30891 ZEND_ASSIGN_SR_SPEC_UNUSED_UNUSED_HANDLER,
30892 ZEND_ASSIGN_SR_SPEC_UNUSED_CV_HANDLER,
30893 ZEND_ASSIGN_SR_SPEC_CV_CONST_HANDLER,
30894 ZEND_ASSIGN_SR_SPEC_CV_TMP_HANDLER,
30895 ZEND_ASSIGN_SR_SPEC_CV_VAR_HANDLER,
30896 ZEND_ASSIGN_SR_SPEC_CV_UNUSED_HANDLER,
30897 ZEND_ASSIGN_SR_SPEC_CV_CV_HANDLER,
30898 ZEND_NULL_HANDLER,
30899 ZEND_NULL_HANDLER,
30900 ZEND_NULL_HANDLER,
30901 ZEND_NULL_HANDLER,
30902 ZEND_NULL_HANDLER,
30903 ZEND_NULL_HANDLER,
30904 ZEND_NULL_HANDLER,
30905 ZEND_NULL_HANDLER,
30906 ZEND_NULL_HANDLER,
30907 ZEND_NULL_HANDLER,
30908 ZEND_ASSIGN_CONCAT_SPEC_VAR_CONST_HANDLER,
30909 ZEND_ASSIGN_CONCAT_SPEC_VAR_TMP_HANDLER,
30910 ZEND_ASSIGN_CONCAT_SPEC_VAR_VAR_HANDLER,
30911 ZEND_ASSIGN_CONCAT_SPEC_VAR_UNUSED_HANDLER,
30912 ZEND_ASSIGN_CONCAT_SPEC_VAR_CV_HANDLER,
30913 ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CONST_HANDLER,
30914 ZEND_ASSIGN_CONCAT_SPEC_UNUSED_TMP_HANDLER,
30915 ZEND_ASSIGN_CONCAT_SPEC_UNUSED_VAR_HANDLER,
30916 ZEND_ASSIGN_CONCAT_SPEC_UNUSED_UNUSED_HANDLER,
30917 ZEND_ASSIGN_CONCAT_SPEC_UNUSED_CV_HANDLER,
30918 ZEND_ASSIGN_CONCAT_SPEC_CV_CONST_HANDLER,
30919 ZEND_ASSIGN_CONCAT_SPEC_CV_TMP_HANDLER,
30920 ZEND_ASSIGN_CONCAT_SPEC_CV_VAR_HANDLER,
30921 ZEND_ASSIGN_CONCAT_SPEC_CV_UNUSED_HANDLER,
30922 ZEND_ASSIGN_CONCAT_SPEC_CV_CV_HANDLER,
30923 ZEND_NULL_HANDLER,
30924 ZEND_NULL_HANDLER,
30925 ZEND_NULL_HANDLER,
30926 ZEND_NULL_HANDLER,
30927 ZEND_NULL_HANDLER,
30928 ZEND_NULL_HANDLER,
30929 ZEND_NULL_HANDLER,
30930 ZEND_NULL_HANDLER,
30931 ZEND_NULL_HANDLER,
30932 ZEND_NULL_HANDLER,
30933 ZEND_ASSIGN_BW_OR_SPEC_VAR_CONST_HANDLER,
30934 ZEND_ASSIGN_BW_OR_SPEC_VAR_TMP_HANDLER,
30935 ZEND_ASSIGN_BW_OR_SPEC_VAR_VAR_HANDLER,
30936 ZEND_ASSIGN_BW_OR_SPEC_VAR_UNUSED_HANDLER,
30937 ZEND_ASSIGN_BW_OR_SPEC_VAR_CV_HANDLER,
30938 ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CONST_HANDLER,
30939 ZEND_ASSIGN_BW_OR_SPEC_UNUSED_TMP_HANDLER,
30940 ZEND_ASSIGN_BW_OR_SPEC_UNUSED_VAR_HANDLER,
30941 ZEND_ASSIGN_BW_OR_SPEC_UNUSED_UNUSED_HANDLER,
30942 ZEND_ASSIGN_BW_OR_SPEC_UNUSED_CV_HANDLER,
30943 ZEND_ASSIGN_BW_OR_SPEC_CV_CONST_HANDLER,
30944 ZEND_ASSIGN_BW_OR_SPEC_CV_TMP_HANDLER,
30945 ZEND_ASSIGN_BW_OR_SPEC_CV_VAR_HANDLER,
30946 ZEND_ASSIGN_BW_OR_SPEC_CV_UNUSED_HANDLER,
30947 ZEND_ASSIGN_BW_OR_SPEC_CV_CV_HANDLER,
30948 ZEND_NULL_HANDLER,
30949 ZEND_NULL_HANDLER,
30950 ZEND_NULL_HANDLER,
30951 ZEND_NULL_HANDLER,
30952 ZEND_NULL_HANDLER,
30953 ZEND_NULL_HANDLER,
30954 ZEND_NULL_HANDLER,
30955 ZEND_NULL_HANDLER,
30956 ZEND_NULL_HANDLER,
30957 ZEND_NULL_HANDLER,
30958 ZEND_ASSIGN_BW_AND_SPEC_VAR_CONST_HANDLER,
30959 ZEND_ASSIGN_BW_AND_SPEC_VAR_TMP_HANDLER,
30960 ZEND_ASSIGN_BW_AND_SPEC_VAR_VAR_HANDLER,
30961 ZEND_ASSIGN_BW_AND_SPEC_VAR_UNUSED_HANDLER,
30962 ZEND_ASSIGN_BW_AND_SPEC_VAR_CV_HANDLER,
30963 ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CONST_HANDLER,
30964 ZEND_ASSIGN_BW_AND_SPEC_UNUSED_TMP_HANDLER,
30965 ZEND_ASSIGN_BW_AND_SPEC_UNUSED_VAR_HANDLER,
30966 ZEND_ASSIGN_BW_AND_SPEC_UNUSED_UNUSED_HANDLER,
30967 ZEND_ASSIGN_BW_AND_SPEC_UNUSED_CV_HANDLER,
30968 ZEND_ASSIGN_BW_AND_SPEC_CV_CONST_HANDLER,
30969 ZEND_ASSIGN_BW_AND_SPEC_CV_TMP_HANDLER,
30970 ZEND_ASSIGN_BW_AND_SPEC_CV_VAR_HANDLER,
30971 ZEND_ASSIGN_BW_AND_SPEC_CV_UNUSED_HANDLER,
30972 ZEND_ASSIGN_BW_AND_SPEC_CV_CV_HANDLER,
30973 ZEND_NULL_HANDLER,
30974 ZEND_NULL_HANDLER,
30975 ZEND_NULL_HANDLER,
30976 ZEND_NULL_HANDLER,
30977 ZEND_NULL_HANDLER,
30978 ZEND_NULL_HANDLER,
30979 ZEND_NULL_HANDLER,
30980 ZEND_NULL_HANDLER,
30981 ZEND_NULL_HANDLER,
30982 ZEND_NULL_HANDLER,
30983 ZEND_ASSIGN_BW_XOR_SPEC_VAR_CONST_HANDLER,
30984 ZEND_ASSIGN_BW_XOR_SPEC_VAR_TMP_HANDLER,
30985 ZEND_ASSIGN_BW_XOR_SPEC_VAR_VAR_HANDLER,
30986 ZEND_ASSIGN_BW_XOR_SPEC_VAR_UNUSED_HANDLER,
30987 ZEND_ASSIGN_BW_XOR_SPEC_VAR_CV_HANDLER,
30988 ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CONST_HANDLER,
30989 ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_TMP_HANDLER,
30990 ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_VAR_HANDLER,
30991 ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_UNUSED_HANDLER,
30992 ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CV_HANDLER,
30993 ZEND_ASSIGN_BW_XOR_SPEC_CV_CONST_HANDLER,
30994 ZEND_ASSIGN_BW_XOR_SPEC_CV_TMP_HANDLER,
30995 ZEND_ASSIGN_BW_XOR_SPEC_CV_VAR_HANDLER,
30996 ZEND_ASSIGN_BW_XOR_SPEC_CV_UNUSED_HANDLER,
30997 ZEND_ASSIGN_BW_XOR_SPEC_CV_CV_HANDLER,
30998 ZEND_NULL_HANDLER,
30999 ZEND_NULL_HANDLER,
31000 ZEND_NULL_HANDLER,
31001 ZEND_NULL_HANDLER,
31002 ZEND_NULL_HANDLER,
31003 ZEND_NULL_HANDLER,
31004 ZEND_NULL_HANDLER,
31005 ZEND_NULL_HANDLER,
31006 ZEND_NULL_HANDLER,
31007 ZEND_NULL_HANDLER,
31008 ZEND_PRE_INC_SPEC_VAR_HANDLER,
31009 ZEND_PRE_INC_SPEC_VAR_HANDLER,
31010 ZEND_PRE_INC_SPEC_VAR_HANDLER,
31011 ZEND_PRE_INC_SPEC_VAR_HANDLER,
31012 ZEND_PRE_INC_SPEC_VAR_HANDLER,
31013 ZEND_NULL_HANDLER,
31014 ZEND_NULL_HANDLER,
31015 ZEND_NULL_HANDLER,
31016 ZEND_NULL_HANDLER,
31017 ZEND_NULL_HANDLER,
31018 ZEND_PRE_INC_SPEC_CV_HANDLER,
31019 ZEND_PRE_INC_SPEC_CV_HANDLER,
31020 ZEND_PRE_INC_SPEC_CV_HANDLER,
31021 ZEND_PRE_INC_SPEC_CV_HANDLER,
31022 ZEND_PRE_INC_SPEC_CV_HANDLER,
31023 ZEND_NULL_HANDLER,
31024 ZEND_NULL_HANDLER,
31025 ZEND_NULL_HANDLER,
31026 ZEND_NULL_HANDLER,
31027 ZEND_NULL_HANDLER,
31028 ZEND_NULL_HANDLER,
31029 ZEND_NULL_HANDLER,
31030 ZEND_NULL_HANDLER,
31031 ZEND_NULL_HANDLER,
31032 ZEND_NULL_HANDLER,
31033 ZEND_PRE_DEC_SPEC_VAR_HANDLER,
31034 ZEND_PRE_DEC_SPEC_VAR_HANDLER,
31035 ZEND_PRE_DEC_SPEC_VAR_HANDLER,
31036 ZEND_PRE_DEC_SPEC_VAR_HANDLER,
31037 ZEND_PRE_DEC_SPEC_VAR_HANDLER,
31038 ZEND_NULL_HANDLER,
31039 ZEND_NULL_HANDLER,
31040 ZEND_NULL_HANDLER,
31041 ZEND_NULL_HANDLER,
31042 ZEND_NULL_HANDLER,
31043 ZEND_PRE_DEC_SPEC_CV_HANDLER,
31044 ZEND_PRE_DEC_SPEC_CV_HANDLER,
31045 ZEND_PRE_DEC_SPEC_CV_HANDLER,
31046 ZEND_PRE_DEC_SPEC_CV_HANDLER,
31047 ZEND_PRE_DEC_SPEC_CV_HANDLER,
31048 ZEND_NULL_HANDLER,
31049 ZEND_NULL_HANDLER,
31050 ZEND_NULL_HANDLER,
31051 ZEND_NULL_HANDLER,
31052 ZEND_NULL_HANDLER,
31053 ZEND_NULL_HANDLER,
31054 ZEND_NULL_HANDLER,
31055 ZEND_NULL_HANDLER,
31056 ZEND_NULL_HANDLER,
31057 ZEND_NULL_HANDLER,
31058 ZEND_POST_INC_SPEC_VAR_HANDLER,
31059 ZEND_POST_INC_SPEC_VAR_HANDLER,
31060 ZEND_POST_INC_SPEC_VAR_HANDLER,
31061 ZEND_POST_INC_SPEC_VAR_HANDLER,
31062 ZEND_POST_INC_SPEC_VAR_HANDLER,
31063 ZEND_NULL_HANDLER,
31064 ZEND_NULL_HANDLER,
31065 ZEND_NULL_HANDLER,
31066 ZEND_NULL_HANDLER,
31067 ZEND_NULL_HANDLER,
31068 ZEND_POST_INC_SPEC_CV_HANDLER,
31069 ZEND_POST_INC_SPEC_CV_HANDLER,
31070 ZEND_POST_INC_SPEC_CV_HANDLER,
31071 ZEND_POST_INC_SPEC_CV_HANDLER,
31072 ZEND_POST_INC_SPEC_CV_HANDLER,
31073 ZEND_NULL_HANDLER,
31074 ZEND_NULL_HANDLER,
31075 ZEND_NULL_HANDLER,
31076 ZEND_NULL_HANDLER,
31077 ZEND_NULL_HANDLER,
31078 ZEND_NULL_HANDLER,
31079 ZEND_NULL_HANDLER,
31080 ZEND_NULL_HANDLER,
31081 ZEND_NULL_HANDLER,
31082 ZEND_NULL_HANDLER,
31083 ZEND_POST_DEC_SPEC_VAR_HANDLER,
31084 ZEND_POST_DEC_SPEC_VAR_HANDLER,
31085 ZEND_POST_DEC_SPEC_VAR_HANDLER,
31086 ZEND_POST_DEC_SPEC_VAR_HANDLER,
31087 ZEND_POST_DEC_SPEC_VAR_HANDLER,
31088 ZEND_NULL_HANDLER,
31089 ZEND_NULL_HANDLER,
31090 ZEND_NULL_HANDLER,
31091 ZEND_NULL_HANDLER,
31092 ZEND_NULL_HANDLER,
31093 ZEND_POST_DEC_SPEC_CV_HANDLER,
31094 ZEND_POST_DEC_SPEC_CV_HANDLER,
31095 ZEND_POST_DEC_SPEC_CV_HANDLER,
31096 ZEND_POST_DEC_SPEC_CV_HANDLER,
31097 ZEND_POST_DEC_SPEC_CV_HANDLER,
31098 ZEND_NULL_HANDLER,
31099 ZEND_NULL_HANDLER,
31100 ZEND_NULL_HANDLER,
31101 ZEND_NULL_HANDLER,
31102 ZEND_NULL_HANDLER,
31103 ZEND_NULL_HANDLER,
31104 ZEND_NULL_HANDLER,
31105 ZEND_NULL_HANDLER,
31106 ZEND_NULL_HANDLER,
31107 ZEND_NULL_HANDLER,
31108 ZEND_ASSIGN_SPEC_VAR_CONST_HANDLER,
31109 ZEND_ASSIGN_SPEC_VAR_TMP_HANDLER,
31110 ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER,
31111 ZEND_NULL_HANDLER,
31112 ZEND_ASSIGN_SPEC_VAR_CV_HANDLER,
31113 ZEND_NULL_HANDLER,
31114 ZEND_NULL_HANDLER,
31115 ZEND_NULL_HANDLER,
31116 ZEND_NULL_HANDLER,
31117 ZEND_NULL_HANDLER,
31118 ZEND_ASSIGN_SPEC_CV_CONST_HANDLER,
31119 ZEND_ASSIGN_SPEC_CV_TMP_HANDLER,
31120 ZEND_ASSIGN_SPEC_CV_VAR_HANDLER,
31121 ZEND_NULL_HANDLER,
31122 ZEND_ASSIGN_SPEC_CV_CV_HANDLER,
31123 ZEND_NULL_HANDLER,
31124 ZEND_NULL_HANDLER,
31125 ZEND_NULL_HANDLER,
31126 ZEND_NULL_HANDLER,
31127 ZEND_NULL_HANDLER,
31128 ZEND_NULL_HANDLER,
31129 ZEND_NULL_HANDLER,
31130 ZEND_NULL_HANDLER,
31131 ZEND_NULL_HANDLER,
31132 ZEND_NULL_HANDLER,
31133 ZEND_NULL_HANDLER,
31134 ZEND_NULL_HANDLER,
31135 ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER,
31136 ZEND_NULL_HANDLER,
31137 ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER,
31138 ZEND_NULL_HANDLER,
31139 ZEND_NULL_HANDLER,
31140 ZEND_NULL_HANDLER,
31141 ZEND_NULL_HANDLER,
31142 ZEND_NULL_HANDLER,
31143 ZEND_NULL_HANDLER,
31144 ZEND_NULL_HANDLER,
31145 ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER,
31146 ZEND_NULL_HANDLER,
31147 ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER,
31148 ZEND_ECHO_SPEC_CONST_HANDLER,
31149 ZEND_ECHO_SPEC_CONST_HANDLER,
31150 ZEND_ECHO_SPEC_CONST_HANDLER,
31151 ZEND_ECHO_SPEC_CONST_HANDLER,
31152 ZEND_ECHO_SPEC_CONST_HANDLER,
31153 ZEND_ECHO_SPEC_TMP_HANDLER,
31154 ZEND_ECHO_SPEC_TMP_HANDLER,
31155 ZEND_ECHO_SPEC_TMP_HANDLER,
31156 ZEND_ECHO_SPEC_TMP_HANDLER,
31157 ZEND_ECHO_SPEC_TMP_HANDLER,
31158 ZEND_ECHO_SPEC_VAR_HANDLER,
31159 ZEND_ECHO_SPEC_VAR_HANDLER,
31160 ZEND_ECHO_SPEC_VAR_HANDLER,
31161 ZEND_ECHO_SPEC_VAR_HANDLER,
31162 ZEND_ECHO_SPEC_VAR_HANDLER,
31163 ZEND_NULL_HANDLER,
31164 ZEND_NULL_HANDLER,
31165 ZEND_NULL_HANDLER,
31166 ZEND_NULL_HANDLER,
31167 ZEND_NULL_HANDLER,
31168 ZEND_ECHO_SPEC_CV_HANDLER,
31169 ZEND_ECHO_SPEC_CV_HANDLER,
31170 ZEND_ECHO_SPEC_CV_HANDLER,
31171 ZEND_ECHO_SPEC_CV_HANDLER,
31172 ZEND_ECHO_SPEC_CV_HANDLER,
31173 ZEND_PRINT_SPEC_CONST_HANDLER,
31174 ZEND_PRINT_SPEC_CONST_HANDLER,
31175 ZEND_PRINT_SPEC_CONST_HANDLER,
31176 ZEND_PRINT_SPEC_CONST_HANDLER,
31177 ZEND_PRINT_SPEC_CONST_HANDLER,
31178 ZEND_PRINT_SPEC_TMP_HANDLER,
31179 ZEND_PRINT_SPEC_TMP_HANDLER,
31180 ZEND_PRINT_SPEC_TMP_HANDLER,
31181 ZEND_PRINT_SPEC_TMP_HANDLER,
31182 ZEND_PRINT_SPEC_TMP_HANDLER,
31183 ZEND_PRINT_SPEC_VAR_HANDLER,
31184 ZEND_PRINT_SPEC_VAR_HANDLER,
31185 ZEND_PRINT_SPEC_VAR_HANDLER,
31186 ZEND_PRINT_SPEC_VAR_HANDLER,
31187 ZEND_PRINT_SPEC_VAR_HANDLER,
31188 ZEND_NULL_HANDLER,
31189 ZEND_NULL_HANDLER,
31190 ZEND_NULL_HANDLER,
31191 ZEND_NULL_HANDLER,
31192 ZEND_NULL_HANDLER,
31193 ZEND_PRINT_SPEC_CV_HANDLER,
31194 ZEND_PRINT_SPEC_CV_HANDLER,
31195 ZEND_PRINT_SPEC_CV_HANDLER,
31196 ZEND_PRINT_SPEC_CV_HANDLER,
31197 ZEND_PRINT_SPEC_CV_HANDLER,
31198 ZEND_JMP_SPEC_HANDLER,
31199 ZEND_JMP_SPEC_HANDLER,
31200 ZEND_JMP_SPEC_HANDLER,
31201 ZEND_JMP_SPEC_HANDLER,
31202 ZEND_JMP_SPEC_HANDLER,
31203 ZEND_JMP_SPEC_HANDLER,
31204 ZEND_JMP_SPEC_HANDLER,
31205 ZEND_JMP_SPEC_HANDLER,
31206 ZEND_JMP_SPEC_HANDLER,
31207 ZEND_JMP_SPEC_HANDLER,
31208 ZEND_JMP_SPEC_HANDLER,
31209 ZEND_JMP_SPEC_HANDLER,
31210 ZEND_JMP_SPEC_HANDLER,
31211 ZEND_JMP_SPEC_HANDLER,
31212 ZEND_JMP_SPEC_HANDLER,
31213 ZEND_JMP_SPEC_HANDLER,
31214 ZEND_JMP_SPEC_HANDLER,
31215 ZEND_JMP_SPEC_HANDLER,
31216 ZEND_JMP_SPEC_HANDLER,
31217 ZEND_JMP_SPEC_HANDLER,
31218 ZEND_JMP_SPEC_HANDLER,
31219 ZEND_JMP_SPEC_HANDLER,
31220 ZEND_JMP_SPEC_HANDLER,
31221 ZEND_JMP_SPEC_HANDLER,
31222 ZEND_JMP_SPEC_HANDLER,
31223 ZEND_JMPZ_SPEC_CONST_HANDLER,
31224 ZEND_JMPZ_SPEC_CONST_HANDLER,
31225 ZEND_JMPZ_SPEC_CONST_HANDLER,
31226 ZEND_JMPZ_SPEC_CONST_HANDLER,
31227 ZEND_JMPZ_SPEC_CONST_HANDLER,
31228 ZEND_JMPZ_SPEC_TMP_HANDLER,
31229 ZEND_JMPZ_SPEC_TMP_HANDLER,
31230 ZEND_JMPZ_SPEC_TMP_HANDLER,
31231 ZEND_JMPZ_SPEC_TMP_HANDLER,
31232 ZEND_JMPZ_SPEC_TMP_HANDLER,
31233 ZEND_JMPZ_SPEC_VAR_HANDLER,
31234 ZEND_JMPZ_SPEC_VAR_HANDLER,
31235 ZEND_JMPZ_SPEC_VAR_HANDLER,
31236 ZEND_JMPZ_SPEC_VAR_HANDLER,
31237 ZEND_JMPZ_SPEC_VAR_HANDLER,
31238 ZEND_NULL_HANDLER,
31239 ZEND_NULL_HANDLER,
31240 ZEND_NULL_HANDLER,
31241 ZEND_NULL_HANDLER,
31242 ZEND_NULL_HANDLER,
31243 ZEND_JMPZ_SPEC_CV_HANDLER,
31244 ZEND_JMPZ_SPEC_CV_HANDLER,
31245 ZEND_JMPZ_SPEC_CV_HANDLER,
31246 ZEND_JMPZ_SPEC_CV_HANDLER,
31247 ZEND_JMPZ_SPEC_CV_HANDLER,
31248 ZEND_JMPNZ_SPEC_CONST_HANDLER,
31249 ZEND_JMPNZ_SPEC_CONST_HANDLER,
31250 ZEND_JMPNZ_SPEC_CONST_HANDLER,
31251 ZEND_JMPNZ_SPEC_CONST_HANDLER,
31252 ZEND_JMPNZ_SPEC_CONST_HANDLER,
31253 ZEND_JMPNZ_SPEC_TMP_HANDLER,
31254 ZEND_JMPNZ_SPEC_TMP_HANDLER,
31255 ZEND_JMPNZ_SPEC_TMP_HANDLER,
31256 ZEND_JMPNZ_SPEC_TMP_HANDLER,
31257 ZEND_JMPNZ_SPEC_TMP_HANDLER,
31258 ZEND_JMPNZ_SPEC_VAR_HANDLER,
31259 ZEND_JMPNZ_SPEC_VAR_HANDLER,
31260 ZEND_JMPNZ_SPEC_VAR_HANDLER,
31261 ZEND_JMPNZ_SPEC_VAR_HANDLER,
31262 ZEND_JMPNZ_SPEC_VAR_HANDLER,
31263 ZEND_NULL_HANDLER,
31264 ZEND_NULL_HANDLER,
31265 ZEND_NULL_HANDLER,
31266 ZEND_NULL_HANDLER,
31267 ZEND_NULL_HANDLER,
31268 ZEND_JMPNZ_SPEC_CV_HANDLER,
31269 ZEND_JMPNZ_SPEC_CV_HANDLER,
31270 ZEND_JMPNZ_SPEC_CV_HANDLER,
31271 ZEND_JMPNZ_SPEC_CV_HANDLER,
31272 ZEND_JMPNZ_SPEC_CV_HANDLER,
31273 ZEND_JMPZNZ_SPEC_CONST_HANDLER,
31274 ZEND_JMPZNZ_SPEC_CONST_HANDLER,
31275 ZEND_JMPZNZ_SPEC_CONST_HANDLER,
31276 ZEND_JMPZNZ_SPEC_CONST_HANDLER,
31277 ZEND_JMPZNZ_SPEC_CONST_HANDLER,
31278 ZEND_JMPZNZ_SPEC_TMP_HANDLER,
31279 ZEND_JMPZNZ_SPEC_TMP_HANDLER,
31280 ZEND_JMPZNZ_SPEC_TMP_HANDLER,
31281 ZEND_JMPZNZ_SPEC_TMP_HANDLER,
31282 ZEND_JMPZNZ_SPEC_TMP_HANDLER,
31283 ZEND_JMPZNZ_SPEC_VAR_HANDLER,
31284 ZEND_JMPZNZ_SPEC_VAR_HANDLER,
31285 ZEND_JMPZNZ_SPEC_VAR_HANDLER,
31286 ZEND_JMPZNZ_SPEC_VAR_HANDLER,
31287 ZEND_JMPZNZ_SPEC_VAR_HANDLER,
31288 ZEND_NULL_HANDLER,
31289 ZEND_NULL_HANDLER,
31290 ZEND_NULL_HANDLER,
31291 ZEND_NULL_HANDLER,
31292 ZEND_NULL_HANDLER,
31293 ZEND_JMPZNZ_SPEC_CV_HANDLER,
31294 ZEND_JMPZNZ_SPEC_CV_HANDLER,
31295 ZEND_JMPZNZ_SPEC_CV_HANDLER,
31296 ZEND_JMPZNZ_SPEC_CV_HANDLER,
31297 ZEND_JMPZNZ_SPEC_CV_HANDLER,
31298 ZEND_JMPZ_EX_SPEC_CONST_HANDLER,
31299 ZEND_JMPZ_EX_SPEC_CONST_HANDLER,
31300 ZEND_JMPZ_EX_SPEC_CONST_HANDLER,
31301 ZEND_JMPZ_EX_SPEC_CONST_HANDLER,
31302 ZEND_JMPZ_EX_SPEC_CONST_HANDLER,
31303 ZEND_JMPZ_EX_SPEC_TMP_HANDLER,
31304 ZEND_JMPZ_EX_SPEC_TMP_HANDLER,
31305 ZEND_JMPZ_EX_SPEC_TMP_HANDLER,
31306 ZEND_JMPZ_EX_SPEC_TMP_HANDLER,
31307 ZEND_JMPZ_EX_SPEC_TMP_HANDLER,
31308 ZEND_JMPZ_EX_SPEC_VAR_HANDLER,
31309 ZEND_JMPZ_EX_SPEC_VAR_HANDLER,
31310 ZEND_JMPZ_EX_SPEC_VAR_HANDLER,
31311 ZEND_JMPZ_EX_SPEC_VAR_HANDLER,
31312 ZEND_JMPZ_EX_SPEC_VAR_HANDLER,
31313 ZEND_NULL_HANDLER,
31314 ZEND_NULL_HANDLER,
31315 ZEND_NULL_HANDLER,
31316 ZEND_NULL_HANDLER,
31317 ZEND_NULL_HANDLER,
31318 ZEND_JMPZ_EX_SPEC_CV_HANDLER,
31319 ZEND_JMPZ_EX_SPEC_CV_HANDLER,
31320 ZEND_JMPZ_EX_SPEC_CV_HANDLER,
31321 ZEND_JMPZ_EX_SPEC_CV_HANDLER,
31322 ZEND_JMPZ_EX_SPEC_CV_HANDLER,
31323 ZEND_JMPNZ_EX_SPEC_CONST_HANDLER,
31324 ZEND_JMPNZ_EX_SPEC_CONST_HANDLER,
31325 ZEND_JMPNZ_EX_SPEC_CONST_HANDLER,
31326 ZEND_JMPNZ_EX_SPEC_CONST_HANDLER,
31327 ZEND_JMPNZ_EX_SPEC_CONST_HANDLER,
31328 ZEND_JMPNZ_EX_SPEC_TMP_HANDLER,
31329 ZEND_JMPNZ_EX_SPEC_TMP_HANDLER,
31330 ZEND_JMPNZ_EX_SPEC_TMP_HANDLER,
31331 ZEND_JMPNZ_EX_SPEC_TMP_HANDLER,
31332 ZEND_JMPNZ_EX_SPEC_TMP_HANDLER,
31333 ZEND_JMPNZ_EX_SPEC_VAR_HANDLER,
31334 ZEND_JMPNZ_EX_SPEC_VAR_HANDLER,
31335 ZEND_JMPNZ_EX_SPEC_VAR_HANDLER,
31336 ZEND_JMPNZ_EX_SPEC_VAR_HANDLER,
31337 ZEND_JMPNZ_EX_SPEC_VAR_HANDLER,
31338 ZEND_NULL_HANDLER,
31339 ZEND_NULL_HANDLER,
31340 ZEND_NULL_HANDLER,
31341 ZEND_NULL_HANDLER,
31342 ZEND_NULL_HANDLER,
31343 ZEND_JMPNZ_EX_SPEC_CV_HANDLER,
31344 ZEND_JMPNZ_EX_SPEC_CV_HANDLER,
31345 ZEND_JMPNZ_EX_SPEC_CV_HANDLER,
31346 ZEND_JMPNZ_EX_SPEC_CV_HANDLER,
31347 ZEND_JMPNZ_EX_SPEC_CV_HANDLER,
31348 ZEND_CASE_SPEC_CONST_CONST_HANDLER,
31349 ZEND_CASE_SPEC_CONST_TMP_HANDLER,
31350 ZEND_CASE_SPEC_CONST_VAR_HANDLER,
31351 ZEND_NULL_HANDLER,
31352 ZEND_CASE_SPEC_CONST_CV_HANDLER,
31353 ZEND_CASE_SPEC_TMP_CONST_HANDLER,
31354 ZEND_CASE_SPEC_TMP_TMP_HANDLER,
31355 ZEND_CASE_SPEC_TMP_VAR_HANDLER,
31356 ZEND_NULL_HANDLER,
31357 ZEND_CASE_SPEC_TMP_CV_HANDLER,
31358 ZEND_CASE_SPEC_VAR_CONST_HANDLER,
31359 ZEND_CASE_SPEC_VAR_TMP_HANDLER,
31360 ZEND_CASE_SPEC_VAR_VAR_HANDLER,
31361 ZEND_NULL_HANDLER,
31362 ZEND_CASE_SPEC_VAR_CV_HANDLER,
31363 ZEND_NULL_HANDLER,
31364 ZEND_NULL_HANDLER,
31365 ZEND_NULL_HANDLER,
31366 ZEND_NULL_HANDLER,
31367 ZEND_NULL_HANDLER,
31368 ZEND_CASE_SPEC_CV_CONST_HANDLER,
31369 ZEND_CASE_SPEC_CV_TMP_HANDLER,
31370 ZEND_CASE_SPEC_CV_VAR_HANDLER,
31371 ZEND_NULL_HANDLER,
31372 ZEND_CASE_SPEC_CV_CV_HANDLER,
31373 ZEND_NULL_HANDLER,
31374 ZEND_NULL_HANDLER,
31375 ZEND_NULL_HANDLER,
31376 ZEND_NULL_HANDLER,
31377 ZEND_NULL_HANDLER,
31378 ZEND_NULL_HANDLER,
31379 ZEND_NULL_HANDLER,
31380 ZEND_NULL_HANDLER,
31381 ZEND_NULL_HANDLER,
31382 ZEND_NULL_HANDLER,
31383 ZEND_SWITCH_FREE_SPEC_VAR_HANDLER,
31384 ZEND_SWITCH_FREE_SPEC_VAR_HANDLER,
31385 ZEND_SWITCH_FREE_SPEC_VAR_HANDLER,
31386 ZEND_SWITCH_FREE_SPEC_VAR_HANDLER,
31387 ZEND_SWITCH_FREE_SPEC_VAR_HANDLER,
31388 ZEND_NULL_HANDLER,
31389 ZEND_NULL_HANDLER,
31390 ZEND_NULL_HANDLER,
31391 ZEND_NULL_HANDLER,
31392 ZEND_NULL_HANDLER,
31393 ZEND_NULL_HANDLER,
31394 ZEND_NULL_HANDLER,
31395 ZEND_NULL_HANDLER,
31396 ZEND_NULL_HANDLER,
31397 ZEND_NULL_HANDLER,
31398 ZEND_BRK_SPEC_CONST_HANDLER,
31399 ZEND_BRK_SPEC_TMP_HANDLER,
31400 ZEND_BRK_SPEC_VAR_HANDLER,
31401 ZEND_NULL_HANDLER,
31402 ZEND_BRK_SPEC_CV_HANDLER,
31403 ZEND_BRK_SPEC_CONST_HANDLER,
31404 ZEND_BRK_SPEC_TMP_HANDLER,
31405 ZEND_BRK_SPEC_VAR_HANDLER,
31406 ZEND_NULL_HANDLER,
31407 ZEND_BRK_SPEC_CV_HANDLER,
31408 ZEND_BRK_SPEC_CONST_HANDLER,
31409 ZEND_BRK_SPEC_TMP_HANDLER,
31410 ZEND_BRK_SPEC_VAR_HANDLER,
31411 ZEND_NULL_HANDLER,
31412 ZEND_BRK_SPEC_CV_HANDLER,
31413 ZEND_BRK_SPEC_CONST_HANDLER,
31414 ZEND_BRK_SPEC_TMP_HANDLER,
31415 ZEND_BRK_SPEC_VAR_HANDLER,
31416 ZEND_NULL_HANDLER,
31417 ZEND_BRK_SPEC_CV_HANDLER,
31418 ZEND_BRK_SPEC_CONST_HANDLER,
31419 ZEND_BRK_SPEC_TMP_HANDLER,
31420 ZEND_BRK_SPEC_VAR_HANDLER,
31421 ZEND_NULL_HANDLER,
31422 ZEND_BRK_SPEC_CV_HANDLER,
31423 ZEND_CONT_SPEC_CONST_HANDLER,
31424 ZEND_CONT_SPEC_TMP_HANDLER,
31425 ZEND_CONT_SPEC_VAR_HANDLER,
31426 ZEND_NULL_HANDLER,
31427 ZEND_CONT_SPEC_CV_HANDLER,
31428 ZEND_CONT_SPEC_CONST_HANDLER,
31429 ZEND_CONT_SPEC_TMP_HANDLER,
31430 ZEND_CONT_SPEC_VAR_HANDLER,
31431 ZEND_NULL_HANDLER,
31432 ZEND_CONT_SPEC_CV_HANDLER,
31433 ZEND_CONT_SPEC_CONST_HANDLER,
31434 ZEND_CONT_SPEC_TMP_HANDLER,
31435 ZEND_CONT_SPEC_VAR_HANDLER,
31436 ZEND_NULL_HANDLER,
31437 ZEND_CONT_SPEC_CV_HANDLER,
31438 ZEND_CONT_SPEC_CONST_HANDLER,
31439 ZEND_CONT_SPEC_TMP_HANDLER,
31440 ZEND_CONT_SPEC_VAR_HANDLER,
31441 ZEND_NULL_HANDLER,
31442 ZEND_CONT_SPEC_CV_HANDLER,
31443 ZEND_CONT_SPEC_CONST_HANDLER,
31444 ZEND_CONT_SPEC_TMP_HANDLER,
31445 ZEND_CONT_SPEC_VAR_HANDLER,
31446 ZEND_NULL_HANDLER,
31447 ZEND_CONT_SPEC_CV_HANDLER,
31448 ZEND_BOOL_SPEC_CONST_HANDLER,
31449 ZEND_BOOL_SPEC_CONST_HANDLER,
31450 ZEND_BOOL_SPEC_CONST_HANDLER,
31451 ZEND_BOOL_SPEC_CONST_HANDLER,
31452 ZEND_BOOL_SPEC_CONST_HANDLER,
31453 ZEND_BOOL_SPEC_TMP_HANDLER,
31454 ZEND_BOOL_SPEC_TMP_HANDLER,
31455 ZEND_BOOL_SPEC_TMP_HANDLER,
31456 ZEND_BOOL_SPEC_TMP_HANDLER,
31457 ZEND_BOOL_SPEC_TMP_HANDLER,
31458 ZEND_BOOL_SPEC_VAR_HANDLER,
31459 ZEND_BOOL_SPEC_VAR_HANDLER,
31460 ZEND_BOOL_SPEC_VAR_HANDLER,
31461 ZEND_BOOL_SPEC_VAR_HANDLER,
31462 ZEND_BOOL_SPEC_VAR_HANDLER,
31463 ZEND_NULL_HANDLER,
31464 ZEND_NULL_HANDLER,
31465 ZEND_NULL_HANDLER,
31466 ZEND_NULL_HANDLER,
31467 ZEND_NULL_HANDLER,
31468 ZEND_BOOL_SPEC_CV_HANDLER,
31469 ZEND_BOOL_SPEC_CV_HANDLER,
31470 ZEND_BOOL_SPEC_CV_HANDLER,
31471 ZEND_BOOL_SPEC_CV_HANDLER,
31472 ZEND_BOOL_SPEC_CV_HANDLER,
31473 ZEND_INIT_STRING_SPEC_HANDLER,
31474 ZEND_INIT_STRING_SPEC_HANDLER,
31475 ZEND_INIT_STRING_SPEC_HANDLER,
31476 ZEND_INIT_STRING_SPEC_HANDLER,
31477 ZEND_INIT_STRING_SPEC_HANDLER,
31478 ZEND_INIT_STRING_SPEC_HANDLER,
31479 ZEND_INIT_STRING_SPEC_HANDLER,
31480 ZEND_INIT_STRING_SPEC_HANDLER,
31481 ZEND_INIT_STRING_SPEC_HANDLER,
31482 ZEND_INIT_STRING_SPEC_HANDLER,
31483 ZEND_INIT_STRING_SPEC_HANDLER,
31484 ZEND_INIT_STRING_SPEC_HANDLER,
31485 ZEND_INIT_STRING_SPEC_HANDLER,
31486 ZEND_INIT_STRING_SPEC_HANDLER,
31487 ZEND_INIT_STRING_SPEC_HANDLER,
31488 ZEND_INIT_STRING_SPEC_HANDLER,
31489 ZEND_INIT_STRING_SPEC_HANDLER,
31490 ZEND_INIT_STRING_SPEC_HANDLER,
31491 ZEND_INIT_STRING_SPEC_HANDLER,
31492 ZEND_INIT_STRING_SPEC_HANDLER,
31493 ZEND_INIT_STRING_SPEC_HANDLER,
31494 ZEND_INIT_STRING_SPEC_HANDLER,
31495 ZEND_INIT_STRING_SPEC_HANDLER,
31496 ZEND_INIT_STRING_SPEC_HANDLER,
31497 ZEND_INIT_STRING_SPEC_HANDLER,
31498 ZEND_NULL_HANDLER,
31499 ZEND_NULL_HANDLER,
31500 ZEND_NULL_HANDLER,
31501 ZEND_NULL_HANDLER,
31502 ZEND_NULL_HANDLER,
31503 ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER,
31504 ZEND_NULL_HANDLER,
31505 ZEND_NULL_HANDLER,
31506 ZEND_NULL_HANDLER,
31507 ZEND_NULL_HANDLER,
31508 ZEND_NULL_HANDLER,
31509 ZEND_NULL_HANDLER,
31510 ZEND_NULL_HANDLER,
31511 ZEND_NULL_HANDLER,
31512 ZEND_NULL_HANDLER,
31513 ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER,
31514 ZEND_NULL_HANDLER,
31515 ZEND_NULL_HANDLER,
31516 ZEND_NULL_HANDLER,
31517 ZEND_NULL_HANDLER,
31518 ZEND_NULL_HANDLER,
31519 ZEND_NULL_HANDLER,
31520 ZEND_NULL_HANDLER,
31521 ZEND_NULL_HANDLER,
31522 ZEND_NULL_HANDLER,
31523 ZEND_NULL_HANDLER,
31524 ZEND_NULL_HANDLER,
31525 ZEND_NULL_HANDLER,
31526 ZEND_NULL_HANDLER,
31527 ZEND_NULL_HANDLER,
31528 ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER,
31529 ZEND_NULL_HANDLER,
31530 ZEND_NULL_HANDLER,
31531 ZEND_NULL_HANDLER,
31532 ZEND_NULL_HANDLER,
31533 ZEND_NULL_HANDLER,
31534 ZEND_NULL_HANDLER,
31535 ZEND_NULL_HANDLER,
31536 ZEND_NULL_HANDLER,
31537 ZEND_NULL_HANDLER,
31538 ZEND_ADD_STRING_SPEC_UNUSED_CONST_HANDLER,
31539 ZEND_NULL_HANDLER,
31540 ZEND_NULL_HANDLER,
31541 ZEND_NULL_HANDLER,
31542 ZEND_NULL_HANDLER,
31543 ZEND_NULL_HANDLER,
31544 ZEND_NULL_HANDLER,
31545 ZEND_NULL_HANDLER,
31546 ZEND_NULL_HANDLER,
31547 ZEND_NULL_HANDLER,
31548 ZEND_NULL_HANDLER,
31549 ZEND_NULL_HANDLER,
31550 ZEND_NULL_HANDLER,
31551 ZEND_NULL_HANDLER,
31552 ZEND_NULL_HANDLER,
31553 ZEND_NULL_HANDLER,
31554 ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER,
31555 ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER,
31556 ZEND_NULL_HANDLER,
31557 ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER,
31558 ZEND_NULL_HANDLER,
31559 ZEND_NULL_HANDLER,
31560 ZEND_NULL_HANDLER,
31561 ZEND_NULL_HANDLER,
31562 ZEND_NULL_HANDLER,
31563 ZEND_NULL_HANDLER,
31564 ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER,
31565 ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER,
31566 ZEND_NULL_HANDLER,
31567 ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER,
31568 ZEND_NULL_HANDLER,
31569 ZEND_NULL_HANDLER,
31570 ZEND_NULL_HANDLER,
31571 ZEND_NULL_HANDLER,
31572 ZEND_NULL_HANDLER,
31573 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31574 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31575 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31576 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31577 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31578 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31579 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31580 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31581 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31582 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31583 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31584 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31585 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31586 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31587 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31588 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31589 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31590 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31591 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31592 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31593 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31594 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31595 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31596 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31597 ZEND_BEGIN_SILENCE_SPEC_HANDLER,
31598 ZEND_NULL_HANDLER,
31599 ZEND_NULL_HANDLER,
31600 ZEND_NULL_HANDLER,
31601 ZEND_NULL_HANDLER,
31602 ZEND_NULL_HANDLER,
31603 ZEND_END_SILENCE_SPEC_TMP_HANDLER,
31604 ZEND_END_SILENCE_SPEC_TMP_HANDLER,
31605 ZEND_END_SILENCE_SPEC_TMP_HANDLER,
31606 ZEND_END_SILENCE_SPEC_TMP_HANDLER,
31607 ZEND_END_SILENCE_SPEC_TMP_HANDLER,
31608 ZEND_NULL_HANDLER,
31609 ZEND_NULL_HANDLER,
31610 ZEND_NULL_HANDLER,
31611 ZEND_NULL_HANDLER,
31612 ZEND_NULL_HANDLER,
31613 ZEND_NULL_HANDLER,
31614 ZEND_NULL_HANDLER,
31615 ZEND_NULL_HANDLER,
31616 ZEND_NULL_HANDLER,
31617 ZEND_NULL_HANDLER,
31618 ZEND_NULL_HANDLER,
31619 ZEND_NULL_HANDLER,
31620 ZEND_NULL_HANDLER,
31621 ZEND_NULL_HANDLER,
31622 ZEND_NULL_HANDLER,
31623 ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31624 ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER,
31625 ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER,
31626 ZEND_NULL_HANDLER,
31627 ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER,
31628 ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31629 ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER,
31630 ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER,
31631 ZEND_NULL_HANDLER,
31632 ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER,
31633 ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31634 ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER,
31635 ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER,
31636 ZEND_NULL_HANDLER,
31637 ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER,
31638 ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31639 ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER,
31640 ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER,
31641 ZEND_NULL_HANDLER,
31642 ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER,
31643 ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31644 ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER,
31645 ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER,
31646 ZEND_NULL_HANDLER,
31647 ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER,
31648 ZEND_DO_FCALL_SPEC_CONST_HANDLER,
31649 ZEND_DO_FCALL_SPEC_CONST_HANDLER,
31650 ZEND_DO_FCALL_SPEC_CONST_HANDLER,
31651 ZEND_DO_FCALL_SPEC_CONST_HANDLER,
31652 ZEND_DO_FCALL_SPEC_CONST_HANDLER,
31653 ZEND_NULL_HANDLER,
31654 ZEND_NULL_HANDLER,
31655 ZEND_NULL_HANDLER,
31656 ZEND_NULL_HANDLER,
31657 ZEND_NULL_HANDLER,
31658 ZEND_NULL_HANDLER,
31659 ZEND_NULL_HANDLER,
31660 ZEND_NULL_HANDLER,
31661 ZEND_NULL_HANDLER,
31662 ZEND_NULL_HANDLER,
31663 ZEND_NULL_HANDLER,
31664 ZEND_NULL_HANDLER,
31665 ZEND_NULL_HANDLER,
31666 ZEND_NULL_HANDLER,
31667 ZEND_NULL_HANDLER,
31668 ZEND_NULL_HANDLER,
31669 ZEND_NULL_HANDLER,
31670 ZEND_NULL_HANDLER,
31671 ZEND_NULL_HANDLER,
31672 ZEND_NULL_HANDLER,
31673 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31674 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31675 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31676 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31677 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31678 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31679 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31680 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31681 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31682 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31683 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31684 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31685 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31686 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31687 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31688 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31689 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31690 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31691 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31692 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31693 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31694 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31695 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31696 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31697 ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER,
31698 ZEND_RETURN_SPEC_CONST_HANDLER,
31699 ZEND_RETURN_SPEC_CONST_HANDLER,
31700 ZEND_RETURN_SPEC_CONST_HANDLER,
31701 ZEND_RETURN_SPEC_CONST_HANDLER,
31702 ZEND_RETURN_SPEC_CONST_HANDLER,
31703 ZEND_RETURN_SPEC_TMP_HANDLER,
31704 ZEND_RETURN_SPEC_TMP_HANDLER,
31705 ZEND_RETURN_SPEC_TMP_HANDLER,
31706 ZEND_RETURN_SPEC_TMP_HANDLER,
31707 ZEND_RETURN_SPEC_TMP_HANDLER,
31708 ZEND_RETURN_SPEC_VAR_HANDLER,
31709 ZEND_RETURN_SPEC_VAR_HANDLER,
31710 ZEND_RETURN_SPEC_VAR_HANDLER,
31711 ZEND_RETURN_SPEC_VAR_HANDLER,
31712 ZEND_RETURN_SPEC_VAR_HANDLER,
31713 ZEND_NULL_HANDLER,
31714 ZEND_NULL_HANDLER,
31715 ZEND_NULL_HANDLER,
31716 ZEND_NULL_HANDLER,
31717 ZEND_NULL_HANDLER,
31718 ZEND_RETURN_SPEC_CV_HANDLER,
31719 ZEND_RETURN_SPEC_CV_HANDLER,
31720 ZEND_RETURN_SPEC_CV_HANDLER,
31721 ZEND_RETURN_SPEC_CV_HANDLER,
31722 ZEND_RETURN_SPEC_CV_HANDLER,
31723 ZEND_RECV_SPEC_HANDLER,
31724 ZEND_RECV_SPEC_HANDLER,
31725 ZEND_RECV_SPEC_HANDLER,
31726 ZEND_RECV_SPEC_HANDLER,
31727 ZEND_RECV_SPEC_HANDLER,
31728 ZEND_RECV_SPEC_HANDLER,
31729 ZEND_RECV_SPEC_HANDLER,
31730 ZEND_RECV_SPEC_HANDLER,
31731 ZEND_RECV_SPEC_HANDLER,
31732 ZEND_RECV_SPEC_HANDLER,
31733 ZEND_RECV_SPEC_HANDLER,
31734 ZEND_RECV_SPEC_HANDLER,
31735 ZEND_RECV_SPEC_HANDLER,
31736 ZEND_RECV_SPEC_HANDLER,
31737 ZEND_RECV_SPEC_HANDLER,
31738 ZEND_RECV_SPEC_HANDLER,
31739 ZEND_RECV_SPEC_HANDLER,
31740 ZEND_RECV_SPEC_HANDLER,
31741 ZEND_RECV_SPEC_HANDLER,
31742 ZEND_RECV_SPEC_HANDLER,
31743 ZEND_RECV_SPEC_HANDLER,
31744 ZEND_RECV_SPEC_HANDLER,
31745 ZEND_RECV_SPEC_HANDLER,
31746 ZEND_RECV_SPEC_HANDLER,
31747 ZEND_RECV_SPEC_HANDLER,
31748 ZEND_RECV_INIT_SPEC_CONST_HANDLER,
31749 ZEND_NULL_HANDLER,
31750 ZEND_NULL_HANDLER,
31751 ZEND_NULL_HANDLER,
31752 ZEND_NULL_HANDLER,
31753 ZEND_RECV_INIT_SPEC_CONST_HANDLER,
31754 ZEND_NULL_HANDLER,
31755 ZEND_NULL_HANDLER,
31756 ZEND_NULL_HANDLER,
31757 ZEND_NULL_HANDLER,
31758 ZEND_RECV_INIT_SPEC_CONST_HANDLER,
31759 ZEND_NULL_HANDLER,
31760 ZEND_NULL_HANDLER,
31761 ZEND_NULL_HANDLER,
31762 ZEND_NULL_HANDLER,
31763 ZEND_RECV_INIT_SPEC_CONST_HANDLER,
31764 ZEND_NULL_HANDLER,
31765 ZEND_NULL_HANDLER,
31766 ZEND_NULL_HANDLER,
31767 ZEND_NULL_HANDLER,
31768 ZEND_RECV_INIT_SPEC_CONST_HANDLER,
31769 ZEND_NULL_HANDLER,
31770 ZEND_NULL_HANDLER,
31771 ZEND_NULL_HANDLER,
31772 ZEND_NULL_HANDLER,
31773 ZEND_SEND_VAL_SPEC_CONST_HANDLER,
31774 ZEND_SEND_VAL_SPEC_CONST_HANDLER,
31775 ZEND_SEND_VAL_SPEC_CONST_HANDLER,
31776 ZEND_SEND_VAL_SPEC_CONST_HANDLER,
31777 ZEND_SEND_VAL_SPEC_CONST_HANDLER,
31778 ZEND_SEND_VAL_SPEC_TMP_HANDLER,
31779 ZEND_SEND_VAL_SPEC_TMP_HANDLER,
31780 ZEND_SEND_VAL_SPEC_TMP_HANDLER,
31781 ZEND_SEND_VAL_SPEC_TMP_HANDLER,
31782 ZEND_SEND_VAL_SPEC_TMP_HANDLER,
31783 ZEND_SEND_VAL_SPEC_VAR_HANDLER,
31784 ZEND_SEND_VAL_SPEC_VAR_HANDLER,
31785 ZEND_SEND_VAL_SPEC_VAR_HANDLER,
31786 ZEND_SEND_VAL_SPEC_VAR_HANDLER,
31787 ZEND_SEND_VAL_SPEC_VAR_HANDLER,
31788 ZEND_NULL_HANDLER,
31789 ZEND_NULL_HANDLER,
31790 ZEND_NULL_HANDLER,
31791 ZEND_NULL_HANDLER,
31792 ZEND_NULL_HANDLER,
31793 ZEND_SEND_VAL_SPEC_CV_HANDLER,
31794 ZEND_SEND_VAL_SPEC_CV_HANDLER,
31795 ZEND_SEND_VAL_SPEC_CV_HANDLER,
31796 ZEND_SEND_VAL_SPEC_CV_HANDLER,
31797 ZEND_SEND_VAL_SPEC_CV_HANDLER,
31798 ZEND_NULL_HANDLER,
31799 ZEND_NULL_HANDLER,
31800 ZEND_NULL_HANDLER,
31801 ZEND_NULL_HANDLER,
31802 ZEND_NULL_HANDLER,
31803 ZEND_NULL_HANDLER,
31804 ZEND_NULL_HANDLER,
31805 ZEND_NULL_HANDLER,
31806 ZEND_NULL_HANDLER,
31807 ZEND_NULL_HANDLER,
31808 ZEND_SEND_VAR_SPEC_VAR_HANDLER,
31809 ZEND_SEND_VAR_SPEC_VAR_HANDLER,
31810 ZEND_SEND_VAR_SPEC_VAR_HANDLER,
31811 ZEND_SEND_VAR_SPEC_VAR_HANDLER,
31812 ZEND_SEND_VAR_SPEC_VAR_HANDLER,
31813 ZEND_NULL_HANDLER,
31814 ZEND_NULL_HANDLER,
31815 ZEND_NULL_HANDLER,
31816 ZEND_NULL_HANDLER,
31817 ZEND_NULL_HANDLER,
31818 ZEND_SEND_VAR_SPEC_CV_HANDLER,
31819 ZEND_SEND_VAR_SPEC_CV_HANDLER,
31820 ZEND_SEND_VAR_SPEC_CV_HANDLER,
31821 ZEND_SEND_VAR_SPEC_CV_HANDLER,
31822 ZEND_SEND_VAR_SPEC_CV_HANDLER,
31823 ZEND_NULL_HANDLER,
31824 ZEND_NULL_HANDLER,
31825 ZEND_NULL_HANDLER,
31826 ZEND_NULL_HANDLER,
31827 ZEND_NULL_HANDLER,
31828 ZEND_NULL_HANDLER,
31829 ZEND_NULL_HANDLER,
31830 ZEND_NULL_HANDLER,
31831 ZEND_NULL_HANDLER,
31832 ZEND_NULL_HANDLER,
31833 ZEND_SEND_REF_SPEC_VAR_HANDLER,
31834 ZEND_SEND_REF_SPEC_VAR_HANDLER,
31835 ZEND_SEND_REF_SPEC_VAR_HANDLER,
31836 ZEND_SEND_REF_SPEC_VAR_HANDLER,
31837 ZEND_SEND_REF_SPEC_VAR_HANDLER,
31838 ZEND_NULL_HANDLER,
31839 ZEND_NULL_HANDLER,
31840 ZEND_NULL_HANDLER,
31841 ZEND_NULL_HANDLER,
31842 ZEND_NULL_HANDLER,
31843 ZEND_SEND_REF_SPEC_CV_HANDLER,
31844 ZEND_SEND_REF_SPEC_CV_HANDLER,
31845 ZEND_SEND_REF_SPEC_CV_HANDLER,
31846 ZEND_SEND_REF_SPEC_CV_HANDLER,
31847 ZEND_SEND_REF_SPEC_CV_HANDLER,
31848 ZEND_NEW_SPEC_HANDLER,
31849 ZEND_NEW_SPEC_HANDLER,
31850 ZEND_NEW_SPEC_HANDLER,
31851 ZEND_NEW_SPEC_HANDLER,
31852 ZEND_NEW_SPEC_HANDLER,
31853 ZEND_NEW_SPEC_HANDLER,
31854 ZEND_NEW_SPEC_HANDLER,
31855 ZEND_NEW_SPEC_HANDLER,
31856 ZEND_NEW_SPEC_HANDLER,
31857 ZEND_NEW_SPEC_HANDLER,
31858 ZEND_NEW_SPEC_HANDLER,
31859 ZEND_NEW_SPEC_HANDLER,
31860 ZEND_NEW_SPEC_HANDLER,
31861 ZEND_NEW_SPEC_HANDLER,
31862 ZEND_NEW_SPEC_HANDLER,
31863 ZEND_NEW_SPEC_HANDLER,
31864 ZEND_NEW_SPEC_HANDLER,
31865 ZEND_NEW_SPEC_HANDLER,
31866 ZEND_NEW_SPEC_HANDLER,
31867 ZEND_NEW_SPEC_HANDLER,
31868 ZEND_NEW_SPEC_HANDLER,
31869 ZEND_NEW_SPEC_HANDLER,
31870 ZEND_NEW_SPEC_HANDLER,
31871 ZEND_NEW_SPEC_HANDLER,
31872 ZEND_NEW_SPEC_HANDLER,
31873 ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31874 ZEND_NULL_HANDLER,
31875 ZEND_NULL_HANDLER,
31876 ZEND_NULL_HANDLER,
31877 ZEND_NULL_HANDLER,
31878 ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31879 ZEND_NULL_HANDLER,
31880 ZEND_NULL_HANDLER,
31881 ZEND_NULL_HANDLER,
31882 ZEND_NULL_HANDLER,
31883 ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31884 ZEND_NULL_HANDLER,
31885 ZEND_NULL_HANDLER,
31886 ZEND_NULL_HANDLER,
31887 ZEND_NULL_HANDLER,
31888 ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31889 ZEND_NULL_HANDLER,
31890 ZEND_NULL_HANDLER,
31891 ZEND_NULL_HANDLER,
31892 ZEND_NULL_HANDLER,
31893 ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER,
31894 ZEND_NULL_HANDLER,
31895 ZEND_NULL_HANDLER,
31896 ZEND_NULL_HANDLER,
31897 ZEND_NULL_HANDLER,
31898 ZEND_NULL_HANDLER,
31899 ZEND_NULL_HANDLER,
31900 ZEND_NULL_HANDLER,
31901 ZEND_NULL_HANDLER,
31902 ZEND_NULL_HANDLER,
31903 ZEND_FREE_SPEC_TMP_HANDLER,
31904 ZEND_FREE_SPEC_TMP_HANDLER,
31905 ZEND_FREE_SPEC_TMP_HANDLER,
31906 ZEND_FREE_SPEC_TMP_HANDLER,
31907 ZEND_FREE_SPEC_TMP_HANDLER,
31908 ZEND_NULL_HANDLER,
31909 ZEND_NULL_HANDLER,
31910 ZEND_NULL_HANDLER,
31911 ZEND_NULL_HANDLER,
31912 ZEND_NULL_HANDLER,
31913 ZEND_NULL_HANDLER,
31914 ZEND_NULL_HANDLER,
31915 ZEND_NULL_HANDLER,
31916 ZEND_NULL_HANDLER,
31917 ZEND_NULL_HANDLER,
31918 ZEND_NULL_HANDLER,
31919 ZEND_NULL_HANDLER,
31920 ZEND_NULL_HANDLER,
31921 ZEND_NULL_HANDLER,
31922 ZEND_NULL_HANDLER,
31923 ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER,
31924 ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER,
31925 ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER,
31926 ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER,
31927 ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER,
31928 ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER,
31929 ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER,
31930 ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER,
31931 ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER,
31932 ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER,
31933 ZEND_INIT_ARRAY_SPEC_VAR_CONST_HANDLER,
31934 ZEND_INIT_ARRAY_SPEC_VAR_TMP_HANDLER,
31935 ZEND_INIT_ARRAY_SPEC_VAR_VAR_HANDLER,
31936 ZEND_INIT_ARRAY_SPEC_VAR_UNUSED_HANDLER,
31937 ZEND_INIT_ARRAY_SPEC_VAR_CV_HANDLER,
31938 ZEND_INIT_ARRAY_SPEC_UNUSED_CONST_HANDLER,
31939 ZEND_INIT_ARRAY_SPEC_UNUSED_TMP_HANDLER,
31940 ZEND_INIT_ARRAY_SPEC_UNUSED_VAR_HANDLER,
31941 ZEND_INIT_ARRAY_SPEC_UNUSED_UNUSED_HANDLER,
31942 ZEND_INIT_ARRAY_SPEC_UNUSED_CV_HANDLER,
31943 ZEND_INIT_ARRAY_SPEC_CV_CONST_HANDLER,
31944 ZEND_INIT_ARRAY_SPEC_CV_TMP_HANDLER,
31945 ZEND_INIT_ARRAY_SPEC_CV_VAR_HANDLER,
31946 ZEND_INIT_ARRAY_SPEC_CV_UNUSED_HANDLER,
31947 ZEND_INIT_ARRAY_SPEC_CV_CV_HANDLER,
31948 ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER,
31949 ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER,
31950 ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER,
31951 ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER,
31952 ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER,
31953 ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER,
31954 ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER,
31955 ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER,
31956 ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER,
31957 ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER,
31958 ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER,
31959 ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER,
31960 ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER,
31961 ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER,
31962 ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER,
31963 ZEND_NULL_HANDLER,
31964 ZEND_NULL_HANDLER,
31965 ZEND_NULL_HANDLER,
31966 ZEND_NULL_HANDLER,
31967 ZEND_NULL_HANDLER,
31968 ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER,
31969 ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER,
31970 ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER,
31971 ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER,
31972 ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER,
31973 ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER,
31974 ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER,
31975 ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER,
31976 ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER,
31977 ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER,
31978 ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER,
31979 ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER,
31980 ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER,
31981 ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER,
31982 ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER,
31983 ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER,
31984 ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER,
31985 ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER,
31986 ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER,
31987 ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER,
31988 ZEND_NULL_HANDLER,
31989 ZEND_NULL_HANDLER,
31990 ZEND_NULL_HANDLER,
31991 ZEND_NULL_HANDLER,
31992 ZEND_NULL_HANDLER,
31993 ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER,
31994 ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER,
31995 ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER,
31996 ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER,
31997 ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER,
31998 ZEND_UNSET_VAR_SPEC_CONST_HANDLER,
31999 ZEND_UNSET_VAR_SPEC_CONST_HANDLER,
32000 ZEND_UNSET_VAR_SPEC_CONST_HANDLER,
32001 ZEND_UNSET_VAR_SPEC_CONST_HANDLER,
32002 ZEND_UNSET_VAR_SPEC_CONST_HANDLER,
32003 ZEND_UNSET_VAR_SPEC_TMP_HANDLER,
32004 ZEND_UNSET_VAR_SPEC_TMP_HANDLER,
32005 ZEND_UNSET_VAR_SPEC_TMP_HANDLER,
32006 ZEND_UNSET_VAR_SPEC_TMP_HANDLER,
32007 ZEND_UNSET_VAR_SPEC_TMP_HANDLER,
32008 ZEND_UNSET_VAR_SPEC_VAR_HANDLER,
32009 ZEND_UNSET_VAR_SPEC_VAR_HANDLER,
32010 ZEND_UNSET_VAR_SPEC_VAR_HANDLER,
32011 ZEND_UNSET_VAR_SPEC_VAR_HANDLER,
32012 ZEND_UNSET_VAR_SPEC_VAR_HANDLER,
32013 ZEND_NULL_HANDLER,
32014 ZEND_NULL_HANDLER,
32015 ZEND_NULL_HANDLER,
32016 ZEND_NULL_HANDLER,
32017 ZEND_NULL_HANDLER,
32018 ZEND_UNSET_VAR_SPEC_CV_HANDLER,
32019 ZEND_UNSET_VAR_SPEC_CV_HANDLER,
32020 ZEND_UNSET_VAR_SPEC_CV_HANDLER,
32021 ZEND_UNSET_VAR_SPEC_CV_HANDLER,
32022 ZEND_UNSET_VAR_SPEC_CV_HANDLER,
32023 ZEND_NULL_HANDLER,
32024 ZEND_NULL_HANDLER,
32025 ZEND_NULL_HANDLER,
32026 ZEND_NULL_HANDLER,
32027 ZEND_NULL_HANDLER,
32028 ZEND_NULL_HANDLER,
32029 ZEND_NULL_HANDLER,
32030 ZEND_NULL_HANDLER,
32031 ZEND_NULL_HANDLER,
32032 ZEND_NULL_HANDLER,
32033 ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER,
32034 ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER,
32035 ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER,
32036 ZEND_NULL_HANDLER,
32037 ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER,
32038 ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER,
32039 ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER,
32040 ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER,
32041 ZEND_NULL_HANDLER,
32042 ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER,
32043 ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER,
32044 ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER,
32045 ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER,
32046 ZEND_NULL_HANDLER,
32047 ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER,
32048 ZEND_NULL_HANDLER,
32049 ZEND_NULL_HANDLER,
32050 ZEND_NULL_HANDLER,
32051 ZEND_NULL_HANDLER,
32052 ZEND_NULL_HANDLER,
32053 ZEND_NULL_HANDLER,
32054 ZEND_NULL_HANDLER,
32055 ZEND_NULL_HANDLER,
32056 ZEND_NULL_HANDLER,
32057 ZEND_NULL_HANDLER,
32058 ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER,
32059 ZEND_UNSET_OBJ_SPEC_VAR_TMP_HANDLER,
32060 ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER,
32061 ZEND_NULL_HANDLER,
32062 ZEND_UNSET_OBJ_SPEC_VAR_CV_HANDLER,
32063 ZEND_UNSET_OBJ_SPEC_UNUSED_CONST_HANDLER,
32064 ZEND_UNSET_OBJ_SPEC_UNUSED_TMP_HANDLER,
32065 ZEND_UNSET_OBJ_SPEC_UNUSED_VAR_HANDLER,
32066 ZEND_NULL_HANDLER,
32067 ZEND_UNSET_OBJ_SPEC_UNUSED_CV_HANDLER,
32068 ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER,
32069 ZEND_UNSET_OBJ_SPEC_CV_TMP_HANDLER,
32070 ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER,
32071 ZEND_NULL_HANDLER,
32072 ZEND_UNSET_OBJ_SPEC_CV_CV_HANDLER,
32073 ZEND_FE_RESET_SPEC_CONST_HANDLER,
32074 ZEND_FE_RESET_SPEC_CONST_HANDLER,
32075 ZEND_FE_RESET_SPEC_CONST_HANDLER,
32076 ZEND_FE_RESET_SPEC_CONST_HANDLER,
32077 ZEND_FE_RESET_SPEC_CONST_HANDLER,
32078 ZEND_FE_RESET_SPEC_TMP_HANDLER,
32079 ZEND_FE_RESET_SPEC_TMP_HANDLER,
32080 ZEND_FE_RESET_SPEC_TMP_HANDLER,
32081 ZEND_FE_RESET_SPEC_TMP_HANDLER,
32082 ZEND_FE_RESET_SPEC_TMP_HANDLER,
32083 ZEND_FE_RESET_SPEC_VAR_HANDLER,
32084 ZEND_FE_RESET_SPEC_VAR_HANDLER,
32085 ZEND_FE_RESET_SPEC_VAR_HANDLER,
32086 ZEND_FE_RESET_SPEC_VAR_HANDLER,
32087 ZEND_FE_RESET_SPEC_VAR_HANDLER,
32088 ZEND_NULL_HANDLER,
32089 ZEND_NULL_HANDLER,
32090 ZEND_NULL_HANDLER,
32091 ZEND_NULL_HANDLER,
32092 ZEND_NULL_HANDLER,
32093 ZEND_FE_RESET_SPEC_CV_HANDLER,
32094 ZEND_FE_RESET_SPEC_CV_HANDLER,
32095 ZEND_FE_RESET_SPEC_CV_HANDLER,
32096 ZEND_FE_RESET_SPEC_CV_HANDLER,
32097 ZEND_FE_RESET_SPEC_CV_HANDLER,
32098 ZEND_NULL_HANDLER,
32099 ZEND_NULL_HANDLER,
32100 ZEND_NULL_HANDLER,
32101 ZEND_NULL_HANDLER,
32102 ZEND_NULL_HANDLER,
32103 ZEND_NULL_HANDLER,
32104 ZEND_NULL_HANDLER,
32105 ZEND_NULL_HANDLER,
32106 ZEND_NULL_HANDLER,
32107 ZEND_NULL_HANDLER,
32108 ZEND_FE_FETCH_SPEC_VAR_HANDLER,
32109 ZEND_FE_FETCH_SPEC_VAR_HANDLER,
32110 ZEND_FE_FETCH_SPEC_VAR_HANDLER,
32111 ZEND_FE_FETCH_SPEC_VAR_HANDLER,
32112 ZEND_FE_FETCH_SPEC_VAR_HANDLER,
32113 ZEND_NULL_HANDLER,
32114 ZEND_NULL_HANDLER,
32115 ZEND_NULL_HANDLER,
32116 ZEND_NULL_HANDLER,
32117 ZEND_NULL_HANDLER,
32118 ZEND_NULL_HANDLER,
32119 ZEND_NULL_HANDLER,
32120 ZEND_NULL_HANDLER,
32121 ZEND_NULL_HANDLER,
32122 ZEND_NULL_HANDLER,
32123 ZEND_EXIT_SPEC_CONST_HANDLER,
32124 ZEND_EXIT_SPEC_CONST_HANDLER,
32125 ZEND_EXIT_SPEC_CONST_HANDLER,
32126 ZEND_EXIT_SPEC_CONST_HANDLER,
32127 ZEND_EXIT_SPEC_CONST_HANDLER,
32128 ZEND_EXIT_SPEC_TMP_HANDLER,
32129 ZEND_EXIT_SPEC_TMP_HANDLER,
32130 ZEND_EXIT_SPEC_TMP_HANDLER,
32131 ZEND_EXIT_SPEC_TMP_HANDLER,
32132 ZEND_EXIT_SPEC_TMP_HANDLER,
32133 ZEND_EXIT_SPEC_VAR_HANDLER,
32134 ZEND_EXIT_SPEC_VAR_HANDLER,
32135 ZEND_EXIT_SPEC_VAR_HANDLER,
32136 ZEND_EXIT_SPEC_VAR_HANDLER,
32137 ZEND_EXIT_SPEC_VAR_HANDLER,
32138 ZEND_EXIT_SPEC_UNUSED_HANDLER,
32139 ZEND_EXIT_SPEC_UNUSED_HANDLER,
32140 ZEND_EXIT_SPEC_UNUSED_HANDLER,
32141 ZEND_EXIT_SPEC_UNUSED_HANDLER,
32142 ZEND_EXIT_SPEC_UNUSED_HANDLER,
32143 ZEND_EXIT_SPEC_CV_HANDLER,
32144 ZEND_EXIT_SPEC_CV_HANDLER,
32145 ZEND_EXIT_SPEC_CV_HANDLER,
32146 ZEND_EXIT_SPEC_CV_HANDLER,
32147 ZEND_EXIT_SPEC_CV_HANDLER,
32148 ZEND_FETCH_R_SPEC_CONST_HANDLER,
32149 ZEND_FETCH_R_SPEC_CONST_HANDLER,
32150 ZEND_FETCH_R_SPEC_CONST_HANDLER,
32151 ZEND_FETCH_R_SPEC_CONST_HANDLER,
32152 ZEND_FETCH_R_SPEC_CONST_HANDLER,
32153 ZEND_FETCH_R_SPEC_TMP_HANDLER,
32154 ZEND_FETCH_R_SPEC_TMP_HANDLER,
32155 ZEND_FETCH_R_SPEC_TMP_HANDLER,
32156 ZEND_FETCH_R_SPEC_TMP_HANDLER,
32157 ZEND_FETCH_R_SPEC_TMP_HANDLER,
32158 ZEND_FETCH_R_SPEC_VAR_HANDLER,
32159 ZEND_FETCH_R_SPEC_VAR_HANDLER,
32160 ZEND_FETCH_R_SPEC_VAR_HANDLER,
32161 ZEND_FETCH_R_SPEC_VAR_HANDLER,
32162 ZEND_FETCH_R_SPEC_VAR_HANDLER,
32163 ZEND_NULL_HANDLER,
32164 ZEND_NULL_HANDLER,
32165 ZEND_NULL_HANDLER,
32166 ZEND_NULL_HANDLER,
32167 ZEND_NULL_HANDLER,
32168 ZEND_FETCH_R_SPEC_CV_HANDLER,
32169 ZEND_FETCH_R_SPEC_CV_HANDLER,
32170 ZEND_FETCH_R_SPEC_CV_HANDLER,
32171 ZEND_FETCH_R_SPEC_CV_HANDLER,
32172 ZEND_FETCH_R_SPEC_CV_HANDLER,
32173 ZEND_NULL_HANDLER,
32174 ZEND_NULL_HANDLER,
32175 ZEND_NULL_HANDLER,
32176 ZEND_NULL_HANDLER,
32177 ZEND_NULL_HANDLER,
32178 ZEND_NULL_HANDLER,
32179 ZEND_NULL_HANDLER,
32180 ZEND_NULL_HANDLER,
32181 ZEND_NULL_HANDLER,
32182 ZEND_NULL_HANDLER,
32183 ZEND_FETCH_DIM_R_SPEC_VAR_CONST_HANDLER,
32184 ZEND_FETCH_DIM_R_SPEC_VAR_TMP_HANDLER,
32185 ZEND_FETCH_DIM_R_SPEC_VAR_VAR_HANDLER,
32186 ZEND_NULL_HANDLER,
32187 ZEND_FETCH_DIM_R_SPEC_VAR_CV_HANDLER,
32188 ZEND_NULL_HANDLER,
32189 ZEND_NULL_HANDLER,
32190 ZEND_NULL_HANDLER,
32191 ZEND_NULL_HANDLER,
32192 ZEND_NULL_HANDLER,
32193 ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER,
32194 ZEND_FETCH_DIM_R_SPEC_CV_TMP_HANDLER,
32195 ZEND_FETCH_DIM_R_SPEC_CV_VAR_HANDLER,
32196 ZEND_NULL_HANDLER,
32197 ZEND_FETCH_DIM_R_SPEC_CV_CV_HANDLER,
32198 ZEND_NULL_HANDLER,
32199 ZEND_NULL_HANDLER,
32200 ZEND_NULL_HANDLER,
32201 ZEND_NULL_HANDLER,
32202 ZEND_NULL_HANDLER,
32203 ZEND_NULL_HANDLER,
32204 ZEND_NULL_HANDLER,
32205 ZEND_NULL_HANDLER,
32206 ZEND_NULL_HANDLER,
32207 ZEND_NULL_HANDLER,
32208 ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER,
32209 ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER,
32210 ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER,
32211 ZEND_NULL_HANDLER,
32212 ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER,
32213 ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER,
32214 ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER,
32215 ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER,
32216 ZEND_NULL_HANDLER,
32217 ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER,
32218 ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER,
32219 ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER,
32220 ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER,
32221 ZEND_NULL_HANDLER,
32222 ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER,
32223 ZEND_FETCH_W_SPEC_CONST_HANDLER,
32224 ZEND_FETCH_W_SPEC_CONST_HANDLER,
32225 ZEND_FETCH_W_SPEC_CONST_HANDLER,
32226 ZEND_FETCH_W_SPEC_CONST_HANDLER,
32227 ZEND_FETCH_W_SPEC_CONST_HANDLER,
32228 ZEND_FETCH_W_SPEC_TMP_HANDLER,
32229 ZEND_FETCH_W_SPEC_TMP_HANDLER,
32230 ZEND_FETCH_W_SPEC_TMP_HANDLER,
32231 ZEND_FETCH_W_SPEC_TMP_HANDLER,
32232 ZEND_FETCH_W_SPEC_TMP_HANDLER,
32233 ZEND_FETCH_W_SPEC_VAR_HANDLER,
32234 ZEND_FETCH_W_SPEC_VAR_HANDLER,
32235 ZEND_FETCH_W_SPEC_VAR_HANDLER,
32236 ZEND_FETCH_W_SPEC_VAR_HANDLER,
32237 ZEND_FETCH_W_SPEC_VAR_HANDLER,
32238 ZEND_NULL_HANDLER,
32239 ZEND_NULL_HANDLER,
32240 ZEND_NULL_HANDLER,
32241 ZEND_NULL_HANDLER,
32242 ZEND_NULL_HANDLER,
32243 ZEND_FETCH_W_SPEC_CV_HANDLER,
32244 ZEND_FETCH_W_SPEC_CV_HANDLER,
32245 ZEND_FETCH_W_SPEC_CV_HANDLER,
32246 ZEND_FETCH_W_SPEC_CV_HANDLER,
32247 ZEND_FETCH_W_SPEC_CV_HANDLER,
32248 ZEND_NULL_HANDLER,
32249 ZEND_NULL_HANDLER,
32250 ZEND_NULL_HANDLER,
32251 ZEND_NULL_HANDLER,
32252 ZEND_NULL_HANDLER,
32253 ZEND_NULL_HANDLER,
32254 ZEND_NULL_HANDLER,
32255 ZEND_NULL_HANDLER,
32256 ZEND_NULL_HANDLER,
32257 ZEND_NULL_HANDLER,
32258 ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER,
32259 ZEND_FETCH_DIM_W_SPEC_VAR_TMP_HANDLER,
32260 ZEND_FETCH_DIM_W_SPEC_VAR_VAR_HANDLER,
32261 ZEND_FETCH_DIM_W_SPEC_VAR_UNUSED_HANDLER,
32262 ZEND_FETCH_DIM_W_SPEC_VAR_CV_HANDLER,
32263 ZEND_NULL_HANDLER,
32264 ZEND_NULL_HANDLER,
32265 ZEND_NULL_HANDLER,
32266 ZEND_NULL_HANDLER,
32267 ZEND_NULL_HANDLER,
32268 ZEND_FETCH_DIM_W_SPEC_CV_CONST_HANDLER,
32269 ZEND_FETCH_DIM_W_SPEC_CV_TMP_HANDLER,
32270 ZEND_FETCH_DIM_W_SPEC_CV_VAR_HANDLER,
32271 ZEND_FETCH_DIM_W_SPEC_CV_UNUSED_HANDLER,
32272 ZEND_FETCH_DIM_W_SPEC_CV_CV_HANDLER,
32273 ZEND_NULL_HANDLER,
32274 ZEND_NULL_HANDLER,
32275 ZEND_NULL_HANDLER,
32276 ZEND_NULL_HANDLER,
32277 ZEND_NULL_HANDLER,
32278 ZEND_NULL_HANDLER,
32279 ZEND_NULL_HANDLER,
32280 ZEND_NULL_HANDLER,
32281 ZEND_NULL_HANDLER,
32282 ZEND_NULL_HANDLER,
32283 ZEND_FETCH_OBJ_W_SPEC_VAR_CONST_HANDLER,
32284 ZEND_FETCH_OBJ_W_SPEC_VAR_TMP_HANDLER,
32285 ZEND_FETCH_OBJ_W_SPEC_VAR_VAR_HANDLER,
32286 ZEND_NULL_HANDLER,
32287 ZEND_FETCH_OBJ_W_SPEC_VAR_CV_HANDLER,
32288 ZEND_FETCH_OBJ_W_SPEC_UNUSED_CONST_HANDLER,
32289 ZEND_FETCH_OBJ_W_SPEC_UNUSED_TMP_HANDLER,
32290 ZEND_FETCH_OBJ_W_SPEC_UNUSED_VAR_HANDLER,
32291 ZEND_NULL_HANDLER,
32292 ZEND_FETCH_OBJ_W_SPEC_UNUSED_CV_HANDLER,
32293 ZEND_FETCH_OBJ_W_SPEC_CV_CONST_HANDLER,
32294 ZEND_FETCH_OBJ_W_SPEC_CV_TMP_HANDLER,
32295 ZEND_FETCH_OBJ_W_SPEC_CV_VAR_HANDLER,
32296 ZEND_NULL_HANDLER,
32297 ZEND_FETCH_OBJ_W_SPEC_CV_CV_HANDLER,
32298 ZEND_FETCH_RW_SPEC_CONST_HANDLER,
32299 ZEND_FETCH_RW_SPEC_CONST_HANDLER,
32300 ZEND_FETCH_RW_SPEC_CONST_HANDLER,
32301 ZEND_FETCH_RW_SPEC_CONST_HANDLER,
32302 ZEND_FETCH_RW_SPEC_CONST_HANDLER,
32303 ZEND_FETCH_RW_SPEC_TMP_HANDLER,
32304 ZEND_FETCH_RW_SPEC_TMP_HANDLER,
32305 ZEND_FETCH_RW_SPEC_TMP_HANDLER,
32306 ZEND_FETCH_RW_SPEC_TMP_HANDLER,
32307 ZEND_FETCH_RW_SPEC_TMP_HANDLER,
32308 ZEND_FETCH_RW_SPEC_VAR_HANDLER,
32309 ZEND_FETCH_RW_SPEC_VAR_HANDLER,
32310 ZEND_FETCH_RW_SPEC_VAR_HANDLER,
32311 ZEND_FETCH_RW_SPEC_VAR_HANDLER,
32312 ZEND_FETCH_RW_SPEC_VAR_HANDLER,
32313 ZEND_NULL_HANDLER,
32314 ZEND_NULL_HANDLER,
32315 ZEND_NULL_HANDLER,
32316 ZEND_NULL_HANDLER,
32317 ZEND_NULL_HANDLER,
32318 ZEND_FETCH_RW_SPEC_CV_HANDLER,
32319 ZEND_FETCH_RW_SPEC_CV_HANDLER,
32320 ZEND_FETCH_RW_SPEC_CV_HANDLER,
32321 ZEND_FETCH_RW_SPEC_CV_HANDLER,
32322 ZEND_FETCH_RW_SPEC_CV_HANDLER,
32323 ZEND_NULL_HANDLER,
32324 ZEND_NULL_HANDLER,
32325 ZEND_NULL_HANDLER,
32326 ZEND_NULL_HANDLER,
32327 ZEND_NULL_HANDLER,
32328 ZEND_NULL_HANDLER,
32329 ZEND_NULL_HANDLER,
32330 ZEND_NULL_HANDLER,
32331 ZEND_NULL_HANDLER,
32332 ZEND_NULL_HANDLER,
32333 ZEND_FETCH_DIM_RW_SPEC_VAR_CONST_HANDLER,
32334 ZEND_FETCH_DIM_RW_SPEC_VAR_TMP_HANDLER,
32335 ZEND_FETCH_DIM_RW_SPEC_VAR_VAR_HANDLER,
32336 ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER,
32337 ZEND_FETCH_DIM_RW_SPEC_VAR_CV_HANDLER,
32338 ZEND_NULL_HANDLER,
32339 ZEND_NULL_HANDLER,
32340 ZEND_NULL_HANDLER,
32341 ZEND_NULL_HANDLER,
32342 ZEND_NULL_HANDLER,
32343 ZEND_FETCH_DIM_RW_SPEC_CV_CONST_HANDLER,
32344 ZEND_FETCH_DIM_RW_SPEC_CV_TMP_HANDLER,
32345 ZEND_FETCH_DIM_RW_SPEC_CV_VAR_HANDLER,
32346 ZEND_FETCH_DIM_RW_SPEC_CV_UNUSED_HANDLER,
32347 ZEND_FETCH_DIM_RW_SPEC_CV_CV_HANDLER,
32348 ZEND_NULL_HANDLER,
32349 ZEND_NULL_HANDLER,
32350 ZEND_NULL_HANDLER,
32351 ZEND_NULL_HANDLER,
32352 ZEND_NULL_HANDLER,
32353 ZEND_NULL_HANDLER,
32354 ZEND_NULL_HANDLER,
32355 ZEND_NULL_HANDLER,
32356 ZEND_NULL_HANDLER,
32357 ZEND_NULL_HANDLER,
32358 ZEND_FETCH_OBJ_RW_SPEC_VAR_CONST_HANDLER,
32359 ZEND_FETCH_OBJ_RW_SPEC_VAR_TMP_HANDLER,
32360 ZEND_FETCH_OBJ_RW_SPEC_VAR_VAR_HANDLER,
32361 ZEND_NULL_HANDLER,
32362 ZEND_FETCH_OBJ_RW_SPEC_VAR_CV_HANDLER,
32363 ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CONST_HANDLER,
32364 ZEND_FETCH_OBJ_RW_SPEC_UNUSED_TMP_HANDLER,
32365 ZEND_FETCH_OBJ_RW_SPEC_UNUSED_VAR_HANDLER,
32366 ZEND_NULL_HANDLER,
32367 ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CV_HANDLER,
32368 ZEND_FETCH_OBJ_RW_SPEC_CV_CONST_HANDLER,
32369 ZEND_FETCH_OBJ_RW_SPEC_CV_TMP_HANDLER,
32370 ZEND_FETCH_OBJ_RW_SPEC_CV_VAR_HANDLER,
32371 ZEND_NULL_HANDLER,
32372 ZEND_FETCH_OBJ_RW_SPEC_CV_CV_HANDLER,
32373 ZEND_FETCH_IS_SPEC_CONST_HANDLER,
32374 ZEND_FETCH_IS_SPEC_CONST_HANDLER,
32375 ZEND_FETCH_IS_SPEC_CONST_HANDLER,
32376 ZEND_FETCH_IS_SPEC_CONST_HANDLER,
32377 ZEND_FETCH_IS_SPEC_CONST_HANDLER,
32378 ZEND_FETCH_IS_SPEC_TMP_HANDLER,
32379 ZEND_FETCH_IS_SPEC_TMP_HANDLER,
32380 ZEND_FETCH_IS_SPEC_TMP_HANDLER,
32381 ZEND_FETCH_IS_SPEC_TMP_HANDLER,
32382 ZEND_FETCH_IS_SPEC_TMP_HANDLER,
32383 ZEND_FETCH_IS_SPEC_VAR_HANDLER,
32384 ZEND_FETCH_IS_SPEC_VAR_HANDLER,
32385 ZEND_FETCH_IS_SPEC_VAR_HANDLER,
32386 ZEND_FETCH_IS_SPEC_VAR_HANDLER,
32387 ZEND_FETCH_IS_SPEC_VAR_HANDLER,
32388 ZEND_NULL_HANDLER,
32389 ZEND_NULL_HANDLER,
32390 ZEND_NULL_HANDLER,
32391 ZEND_NULL_HANDLER,
32392 ZEND_NULL_HANDLER,
32393 ZEND_FETCH_IS_SPEC_CV_HANDLER,
32394 ZEND_FETCH_IS_SPEC_CV_HANDLER,
32395 ZEND_FETCH_IS_SPEC_CV_HANDLER,
32396 ZEND_FETCH_IS_SPEC_CV_HANDLER,
32397 ZEND_FETCH_IS_SPEC_CV_HANDLER,
32398 ZEND_NULL_HANDLER,
32399 ZEND_NULL_HANDLER,
32400 ZEND_NULL_HANDLER,
32401 ZEND_NULL_HANDLER,
32402 ZEND_NULL_HANDLER,
32403 ZEND_NULL_HANDLER,
32404 ZEND_NULL_HANDLER,
32405 ZEND_NULL_HANDLER,
32406 ZEND_NULL_HANDLER,
32407 ZEND_NULL_HANDLER,
32408 ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER,
32409 ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER,
32410 ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER,
32411 ZEND_NULL_HANDLER,
32412 ZEND_FETCH_DIM_IS_SPEC_VAR_CV_HANDLER,
32413 ZEND_NULL_HANDLER,
32414 ZEND_NULL_HANDLER,
32415 ZEND_NULL_HANDLER,
32416 ZEND_NULL_HANDLER,
32417 ZEND_NULL_HANDLER,
32418 ZEND_FETCH_DIM_IS_SPEC_CV_CONST_HANDLER,
32419 ZEND_FETCH_DIM_IS_SPEC_CV_TMP_HANDLER,
32420 ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER,
32421 ZEND_NULL_HANDLER,
32422 ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER,
32423 ZEND_NULL_HANDLER,
32424 ZEND_NULL_HANDLER,
32425 ZEND_NULL_HANDLER,
32426 ZEND_NULL_HANDLER,
32427 ZEND_NULL_HANDLER,
32428 ZEND_NULL_HANDLER,
32429 ZEND_NULL_HANDLER,
32430 ZEND_NULL_HANDLER,
32431 ZEND_NULL_HANDLER,
32432 ZEND_NULL_HANDLER,
32433 ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER,
32434 ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER,
32435 ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER,
32436 ZEND_NULL_HANDLER,
32437 ZEND_FETCH_OBJ_IS_SPEC_VAR_CV_HANDLER,
32438 ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CONST_HANDLER,
32439 ZEND_FETCH_OBJ_IS_SPEC_UNUSED_TMP_HANDLER,
32440 ZEND_FETCH_OBJ_IS_SPEC_UNUSED_VAR_HANDLER,
32441 ZEND_NULL_HANDLER,
32442 ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CV_HANDLER,
32443 ZEND_FETCH_OBJ_IS_SPEC_CV_CONST_HANDLER,
32444 ZEND_FETCH_OBJ_IS_SPEC_CV_TMP_HANDLER,
32445 ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER,
32446 ZEND_NULL_HANDLER,
32447 ZEND_FETCH_OBJ_IS_SPEC_CV_CV_HANDLER,
32448 ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER,
32449 ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER,
32450 ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER,
32451 ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER,
32452 ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER,
32453 ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER,
32454 ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER,
32455 ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER,
32456 ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER,
32457 ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER,
32458 ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER,
32459 ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER,
32460 ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER,
32461 ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER,
32462 ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER,
32463 ZEND_NULL_HANDLER,
32464 ZEND_NULL_HANDLER,
32465 ZEND_NULL_HANDLER,
32466 ZEND_NULL_HANDLER,
32467 ZEND_NULL_HANDLER,
32468 ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER,
32469 ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER,
32470 ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER,
32471 ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER,
32472 ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER,
32473 ZEND_NULL_HANDLER,
32474 ZEND_NULL_HANDLER,
32475 ZEND_NULL_HANDLER,
32476 ZEND_NULL_HANDLER,
32477 ZEND_NULL_HANDLER,
32478 ZEND_NULL_HANDLER,
32479 ZEND_NULL_HANDLER,
32480 ZEND_NULL_HANDLER,
32481 ZEND_NULL_HANDLER,
32482 ZEND_NULL_HANDLER,
32483 ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CONST_HANDLER,
32484 ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_TMP_HANDLER,
32485 ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_VAR_HANDLER,
32486 ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_UNUSED_HANDLER,
32487 ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CV_HANDLER,
32488 ZEND_NULL_HANDLER,
32489 ZEND_NULL_HANDLER,
32490 ZEND_NULL_HANDLER,
32491 ZEND_NULL_HANDLER,
32492 ZEND_NULL_HANDLER,
32493 ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CONST_HANDLER,
32494 ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_TMP_HANDLER,
32495 ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_VAR_HANDLER,
32496 ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER,
32497 ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER,
32498 ZEND_NULL_HANDLER,
32499 ZEND_NULL_HANDLER,
32500 ZEND_NULL_HANDLER,
32501 ZEND_NULL_HANDLER,
32502 ZEND_NULL_HANDLER,
32503 ZEND_NULL_HANDLER,
32504 ZEND_NULL_HANDLER,
32505 ZEND_NULL_HANDLER,
32506 ZEND_NULL_HANDLER,
32507 ZEND_NULL_HANDLER,
32508 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER,
32509 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER,
32510 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER,
32511 ZEND_NULL_HANDLER,
32512 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CV_HANDLER,
32513 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CONST_HANDLER,
32514 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_TMP_HANDLER,
32515 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_VAR_HANDLER,
32516 ZEND_NULL_HANDLER,
32517 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CV_HANDLER,
32518 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CONST_HANDLER,
32519 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_TMP_HANDLER,
32520 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_VAR_HANDLER,
32521 ZEND_NULL_HANDLER,
32522 ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CV_HANDLER,
32523 ZEND_FETCH_UNSET_SPEC_CONST_HANDLER,
32524 ZEND_FETCH_UNSET_SPEC_CONST_HANDLER,
32525 ZEND_FETCH_UNSET_SPEC_CONST_HANDLER,
32526 ZEND_FETCH_UNSET_SPEC_CONST_HANDLER,
32527 ZEND_FETCH_UNSET_SPEC_CONST_HANDLER,
32528 ZEND_FETCH_UNSET_SPEC_TMP_HANDLER,
32529 ZEND_FETCH_UNSET_SPEC_TMP_HANDLER,
32530 ZEND_FETCH_UNSET_SPEC_TMP_HANDLER,
32531 ZEND_FETCH_UNSET_SPEC_TMP_HANDLER,
32532 ZEND_FETCH_UNSET_SPEC_TMP_HANDLER,
32533 ZEND_FETCH_UNSET_SPEC_VAR_HANDLER,
32534 ZEND_FETCH_UNSET_SPEC_VAR_HANDLER,
32535 ZEND_FETCH_UNSET_SPEC_VAR_HANDLER,
32536 ZEND_FETCH_UNSET_SPEC_VAR_HANDLER,
32537 ZEND_FETCH_UNSET_SPEC_VAR_HANDLER,
32538 ZEND_NULL_HANDLER,
32539 ZEND_NULL_HANDLER,
32540 ZEND_NULL_HANDLER,
32541 ZEND_NULL_HANDLER,
32542 ZEND_NULL_HANDLER,
32543 ZEND_FETCH_UNSET_SPEC_CV_HANDLER,
32544 ZEND_FETCH_UNSET_SPEC_CV_HANDLER,
32545 ZEND_FETCH_UNSET_SPEC_CV_HANDLER,
32546 ZEND_FETCH_UNSET_SPEC_CV_HANDLER,
32547 ZEND_FETCH_UNSET_SPEC_CV_HANDLER,
32548 ZEND_NULL_HANDLER,
32549 ZEND_NULL_HANDLER,
32550 ZEND_NULL_HANDLER,
32551 ZEND_NULL_HANDLER,
32552 ZEND_NULL_HANDLER,
32553 ZEND_NULL_HANDLER,
32554 ZEND_NULL_HANDLER,
32555 ZEND_NULL_HANDLER,
32556 ZEND_NULL_HANDLER,
32557 ZEND_NULL_HANDLER,
32558 ZEND_FETCH_DIM_UNSET_SPEC_VAR_CONST_HANDLER,
32559 ZEND_FETCH_DIM_UNSET_SPEC_VAR_TMP_HANDLER,
32560 ZEND_FETCH_DIM_UNSET_SPEC_VAR_VAR_HANDLER,
32561 ZEND_NULL_HANDLER,
32562 ZEND_FETCH_DIM_UNSET_SPEC_VAR_CV_HANDLER,
32563 ZEND_NULL_HANDLER,
32564 ZEND_NULL_HANDLER,
32565 ZEND_NULL_HANDLER,
32566 ZEND_NULL_HANDLER,
32567 ZEND_NULL_HANDLER,
32568 ZEND_FETCH_DIM_UNSET_SPEC_CV_CONST_HANDLER,
32569 ZEND_FETCH_DIM_UNSET_SPEC_CV_TMP_HANDLER,
32570 ZEND_FETCH_DIM_UNSET_SPEC_CV_VAR_HANDLER,
32571 ZEND_NULL_HANDLER,
32572 ZEND_FETCH_DIM_UNSET_SPEC_CV_CV_HANDLER,
32573 ZEND_NULL_HANDLER,
32574 ZEND_NULL_HANDLER,
32575 ZEND_NULL_HANDLER,
32576 ZEND_NULL_HANDLER,
32577 ZEND_NULL_HANDLER,
32578 ZEND_NULL_HANDLER,
32579 ZEND_NULL_HANDLER,
32580 ZEND_NULL_HANDLER,
32581 ZEND_NULL_HANDLER,
32582 ZEND_NULL_HANDLER,
32583 ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER,
32584 ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER,
32585 ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER,
32586 ZEND_NULL_HANDLER,
32587 ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER,
32588 ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER,
32589 ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER,
32590 ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER,
32591 ZEND_NULL_HANDLER,
32592 ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER,
32593 ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER,
32594 ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER,
32595 ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER,
32596 ZEND_NULL_HANDLER,
32597 ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER,
32598 ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER,
32599 ZEND_NULL_HANDLER,
32600 ZEND_NULL_HANDLER,
32601 ZEND_NULL_HANDLER,
32602 ZEND_NULL_HANDLER,
32603 ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER,
32604 ZEND_NULL_HANDLER,
32605 ZEND_NULL_HANDLER,
32606 ZEND_NULL_HANDLER,
32607 ZEND_NULL_HANDLER,
32608 ZEND_NULL_HANDLER,
32609 ZEND_NULL_HANDLER,
32610 ZEND_NULL_HANDLER,
32611 ZEND_NULL_HANDLER,
32612 ZEND_NULL_HANDLER,
32613 ZEND_NULL_HANDLER,
32614 ZEND_NULL_HANDLER,
32615 ZEND_NULL_HANDLER,
32616 ZEND_NULL_HANDLER,
32617 ZEND_NULL_HANDLER,
32618 ZEND_NULL_HANDLER,
32619 ZEND_NULL_HANDLER,
32620 ZEND_NULL_HANDLER,
32621 ZEND_NULL_HANDLER,
32622 ZEND_NULL_HANDLER,
32623 ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER,
32624 ZEND_NULL_HANDLER,
32625 ZEND_NULL_HANDLER,
32626 ZEND_NULL_HANDLER,
32627 ZEND_NULL_HANDLER,
32628 ZEND_NULL_HANDLER,
32629 ZEND_NULL_HANDLER,
32630 ZEND_NULL_HANDLER,
32631 ZEND_NULL_HANDLER,
32632 ZEND_NULL_HANDLER,
32633 ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER,
32634 ZEND_NULL_HANDLER,
32635 ZEND_NULL_HANDLER,
32636 ZEND_NULL_HANDLER,
32637 ZEND_NULL_HANDLER,
32638 ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER,
32639 ZEND_NULL_HANDLER,
32640 ZEND_NULL_HANDLER,
32641 ZEND_NULL_HANDLER,
32642 ZEND_NULL_HANDLER,
32643 ZEND_NULL_HANDLER,
32644 ZEND_NULL_HANDLER,
32645 ZEND_NULL_HANDLER,
32646 ZEND_NULL_HANDLER,
32647 ZEND_NULL_HANDLER,
32648 ZEND_GOTO_SPEC_CONST_HANDLER,
32649 ZEND_NULL_HANDLER,
32650 ZEND_NULL_HANDLER,
32651 ZEND_NULL_HANDLER,
32652 ZEND_NULL_HANDLER,
32653 ZEND_GOTO_SPEC_CONST_HANDLER,
32654 ZEND_NULL_HANDLER,
32655 ZEND_NULL_HANDLER,
32656 ZEND_NULL_HANDLER,
32657 ZEND_NULL_HANDLER,
32658 ZEND_GOTO_SPEC_CONST_HANDLER,
32659 ZEND_NULL_HANDLER,
32660 ZEND_NULL_HANDLER,
32661 ZEND_NULL_HANDLER,
32662 ZEND_NULL_HANDLER,
32663 ZEND_GOTO_SPEC_CONST_HANDLER,
32664 ZEND_NULL_HANDLER,
32665 ZEND_NULL_HANDLER,
32666 ZEND_NULL_HANDLER,
32667 ZEND_NULL_HANDLER,
32668 ZEND_GOTO_SPEC_CONST_HANDLER,
32669 ZEND_NULL_HANDLER,
32670 ZEND_NULL_HANDLER,
32671 ZEND_NULL_HANDLER,
32672 ZEND_NULL_HANDLER,
32673 ZEND_EXT_STMT_SPEC_HANDLER,
32674 ZEND_EXT_STMT_SPEC_HANDLER,
32675 ZEND_EXT_STMT_SPEC_HANDLER,
32676 ZEND_EXT_STMT_SPEC_HANDLER,
32677 ZEND_EXT_STMT_SPEC_HANDLER,
32678 ZEND_EXT_STMT_SPEC_HANDLER,
32679 ZEND_EXT_STMT_SPEC_HANDLER,
32680 ZEND_EXT_STMT_SPEC_HANDLER,
32681 ZEND_EXT_STMT_SPEC_HANDLER,
32682 ZEND_EXT_STMT_SPEC_HANDLER,
32683 ZEND_EXT_STMT_SPEC_HANDLER,
32684 ZEND_EXT_STMT_SPEC_HANDLER,
32685 ZEND_EXT_STMT_SPEC_HANDLER,
32686 ZEND_EXT_STMT_SPEC_HANDLER,
32687 ZEND_EXT_STMT_SPEC_HANDLER,
32688 ZEND_EXT_STMT_SPEC_HANDLER,
32689 ZEND_EXT_STMT_SPEC_HANDLER,
32690 ZEND_EXT_STMT_SPEC_HANDLER,
32691 ZEND_EXT_STMT_SPEC_HANDLER,
32692 ZEND_EXT_STMT_SPEC_HANDLER,
32693 ZEND_EXT_STMT_SPEC_HANDLER,
32694 ZEND_EXT_STMT_SPEC_HANDLER,
32695 ZEND_EXT_STMT_SPEC_HANDLER,
32696 ZEND_EXT_STMT_SPEC_HANDLER,
32697 ZEND_EXT_STMT_SPEC_HANDLER,
32698 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32699 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32700 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32701 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32702 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32703 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32704 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32705 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32706 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32707 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32708 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32709 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32710 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32711 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32712 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32713 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32714 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32715 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32716 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32717 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32718 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32719 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32720 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32721 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32722 ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER,
32723 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32724 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32725 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32726 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32727 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32728 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32729 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32730 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32731 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32732 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32733 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32734 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32735 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32736 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32737 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32738 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32739 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32740 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32741 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32742 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32743 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32744 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32745 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32746 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32747 ZEND_EXT_FCALL_END_SPEC_HANDLER,
32748 ZEND_EXT_NOP_SPEC_HANDLER,
32749 ZEND_EXT_NOP_SPEC_HANDLER,
32750 ZEND_EXT_NOP_SPEC_HANDLER,
32751 ZEND_EXT_NOP_SPEC_HANDLER,
32752 ZEND_EXT_NOP_SPEC_HANDLER,
32753 ZEND_EXT_NOP_SPEC_HANDLER,
32754 ZEND_EXT_NOP_SPEC_HANDLER,
32755 ZEND_EXT_NOP_SPEC_HANDLER,
32756 ZEND_EXT_NOP_SPEC_HANDLER,
32757 ZEND_EXT_NOP_SPEC_HANDLER,
32758 ZEND_EXT_NOP_SPEC_HANDLER,
32759 ZEND_EXT_NOP_SPEC_HANDLER,
32760 ZEND_EXT_NOP_SPEC_HANDLER,
32761 ZEND_EXT_NOP_SPEC_HANDLER,
32762 ZEND_EXT_NOP_SPEC_HANDLER,
32763 ZEND_EXT_NOP_SPEC_HANDLER,
32764 ZEND_EXT_NOP_SPEC_HANDLER,
32765 ZEND_EXT_NOP_SPEC_HANDLER,
32766 ZEND_EXT_NOP_SPEC_HANDLER,
32767 ZEND_EXT_NOP_SPEC_HANDLER,
32768 ZEND_EXT_NOP_SPEC_HANDLER,
32769 ZEND_EXT_NOP_SPEC_HANDLER,
32770 ZEND_EXT_NOP_SPEC_HANDLER,
32771 ZEND_EXT_NOP_SPEC_HANDLER,
32772 ZEND_EXT_NOP_SPEC_HANDLER,
32773 ZEND_TICKS_SPEC_CONST_HANDLER,
32774 ZEND_TICKS_SPEC_CONST_HANDLER,
32775 ZEND_TICKS_SPEC_CONST_HANDLER,
32776 ZEND_TICKS_SPEC_CONST_HANDLER,
32777 ZEND_TICKS_SPEC_CONST_HANDLER,
32778 ZEND_NULL_HANDLER,
32779 ZEND_NULL_HANDLER,
32780 ZEND_NULL_HANDLER,
32781 ZEND_NULL_HANDLER,
32782 ZEND_NULL_HANDLER,
32783 ZEND_NULL_HANDLER,
32784 ZEND_NULL_HANDLER,
32785 ZEND_NULL_HANDLER,
32786 ZEND_NULL_HANDLER,
32787 ZEND_NULL_HANDLER,
32788 ZEND_NULL_HANDLER,
32789 ZEND_NULL_HANDLER,
32790 ZEND_NULL_HANDLER,
32791 ZEND_NULL_HANDLER,
32792 ZEND_NULL_HANDLER,
32793 ZEND_NULL_HANDLER,
32794 ZEND_NULL_HANDLER,
32795 ZEND_NULL_HANDLER,
32796 ZEND_NULL_HANDLER,
32797 ZEND_NULL_HANDLER,
32798 ZEND_NULL_HANDLER,
32799 ZEND_NULL_HANDLER,
32800 ZEND_NULL_HANDLER,
32801 ZEND_NULL_HANDLER,
32802 ZEND_NULL_HANDLER,
32803 ZEND_NULL_HANDLER,
32804 ZEND_NULL_HANDLER,
32805 ZEND_NULL_HANDLER,
32806 ZEND_NULL_HANDLER,
32807 ZEND_NULL_HANDLER,
32808 ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER,
32809 ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER,
32810 ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER,
32811 ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER,
32812 ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER,
32813 ZEND_NULL_HANDLER,
32814 ZEND_NULL_HANDLER,
32815 ZEND_NULL_HANDLER,
32816 ZEND_NULL_HANDLER,
32817 ZEND_NULL_HANDLER,
32818 ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER,
32819 ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER,
32820 ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER,
32821 ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER,
32822 ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER,
32823 ZEND_NULL_HANDLER,
32824 ZEND_NULL_HANDLER,
32825 ZEND_NULL_HANDLER,
32826 ZEND_NULL_HANDLER,
32827 ZEND_CATCH_SPEC_CV_HANDLER,
32828 ZEND_NULL_HANDLER,
32829 ZEND_NULL_HANDLER,
32830 ZEND_NULL_HANDLER,
32831 ZEND_NULL_HANDLER,
32832 ZEND_CATCH_SPEC_CV_HANDLER,
32833 ZEND_NULL_HANDLER,
32834 ZEND_NULL_HANDLER,
32835 ZEND_NULL_HANDLER,
32836 ZEND_NULL_HANDLER,
32837 ZEND_CATCH_SPEC_CV_HANDLER,
32838 ZEND_NULL_HANDLER,
32839 ZEND_NULL_HANDLER,
32840 ZEND_NULL_HANDLER,
32841 ZEND_NULL_HANDLER,
32842 ZEND_CATCH_SPEC_CV_HANDLER,
32843 ZEND_NULL_HANDLER,
32844 ZEND_NULL_HANDLER,
32845 ZEND_NULL_HANDLER,
32846 ZEND_NULL_HANDLER,
32847 ZEND_CATCH_SPEC_CV_HANDLER,
32848 ZEND_THROW_SPEC_CONST_HANDLER,
32849 ZEND_THROW_SPEC_CONST_HANDLER,
32850 ZEND_THROW_SPEC_CONST_HANDLER,
32851 ZEND_THROW_SPEC_CONST_HANDLER,
32852 ZEND_THROW_SPEC_CONST_HANDLER,
32853 ZEND_THROW_SPEC_TMP_HANDLER,
32854 ZEND_THROW_SPEC_TMP_HANDLER,
32855 ZEND_THROW_SPEC_TMP_HANDLER,
32856 ZEND_THROW_SPEC_TMP_HANDLER,
32857 ZEND_THROW_SPEC_TMP_HANDLER,
32858 ZEND_THROW_SPEC_VAR_HANDLER,
32859 ZEND_THROW_SPEC_VAR_HANDLER,
32860 ZEND_THROW_SPEC_VAR_HANDLER,
32861 ZEND_THROW_SPEC_VAR_HANDLER,
32862 ZEND_THROW_SPEC_VAR_HANDLER,
32863 ZEND_NULL_HANDLER,
32864 ZEND_NULL_HANDLER,
32865 ZEND_NULL_HANDLER,
32866 ZEND_NULL_HANDLER,
32867 ZEND_NULL_HANDLER,
32868 ZEND_THROW_SPEC_CV_HANDLER,
32869 ZEND_THROW_SPEC_CV_HANDLER,
32870 ZEND_THROW_SPEC_CV_HANDLER,
32871 ZEND_THROW_SPEC_CV_HANDLER,
32872 ZEND_THROW_SPEC_CV_HANDLER,
32873 ZEND_FETCH_CLASS_SPEC_CONST_HANDLER,
32874 ZEND_FETCH_CLASS_SPEC_TMP_HANDLER,
32875 ZEND_FETCH_CLASS_SPEC_VAR_HANDLER,
32876 ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER,
32877 ZEND_FETCH_CLASS_SPEC_CV_HANDLER,
32878 ZEND_FETCH_CLASS_SPEC_CONST_HANDLER,
32879 ZEND_FETCH_CLASS_SPEC_TMP_HANDLER,
32880 ZEND_FETCH_CLASS_SPEC_VAR_HANDLER,
32881 ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER,
32882 ZEND_FETCH_CLASS_SPEC_CV_HANDLER,
32883 ZEND_FETCH_CLASS_SPEC_CONST_HANDLER,
32884 ZEND_FETCH_CLASS_SPEC_TMP_HANDLER,
32885 ZEND_FETCH_CLASS_SPEC_VAR_HANDLER,
32886 ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER,
32887 ZEND_FETCH_CLASS_SPEC_CV_HANDLER,
32888 ZEND_FETCH_CLASS_SPEC_CONST_HANDLER,
32889 ZEND_FETCH_CLASS_SPEC_TMP_HANDLER,
32890 ZEND_FETCH_CLASS_SPEC_VAR_HANDLER,
32891 ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER,
32892 ZEND_FETCH_CLASS_SPEC_CV_HANDLER,
32893 ZEND_FETCH_CLASS_SPEC_CONST_HANDLER,
32894 ZEND_FETCH_CLASS_SPEC_TMP_HANDLER,
32895 ZEND_FETCH_CLASS_SPEC_VAR_HANDLER,
32896 ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER,
32897 ZEND_FETCH_CLASS_SPEC_CV_HANDLER,
32898 ZEND_CLONE_SPEC_CONST_HANDLER,
32899 ZEND_CLONE_SPEC_CONST_HANDLER,
32900 ZEND_CLONE_SPEC_CONST_HANDLER,
32901 ZEND_CLONE_SPEC_CONST_HANDLER,
32902 ZEND_CLONE_SPEC_CONST_HANDLER,
32903 ZEND_CLONE_SPEC_TMP_HANDLER,
32904 ZEND_CLONE_SPEC_TMP_HANDLER,
32905 ZEND_CLONE_SPEC_TMP_HANDLER,
32906 ZEND_CLONE_SPEC_TMP_HANDLER,
32907 ZEND_CLONE_SPEC_TMP_HANDLER,
32908 ZEND_CLONE_SPEC_VAR_HANDLER,
32909 ZEND_CLONE_SPEC_VAR_HANDLER,
32910 ZEND_CLONE_SPEC_VAR_HANDLER,
32911 ZEND_CLONE_SPEC_VAR_HANDLER,
32912 ZEND_CLONE_SPEC_VAR_HANDLER,
32913 ZEND_CLONE_SPEC_UNUSED_HANDLER,
32914 ZEND_CLONE_SPEC_UNUSED_HANDLER,
32915 ZEND_CLONE_SPEC_UNUSED_HANDLER,
32916 ZEND_CLONE_SPEC_UNUSED_HANDLER,
32917 ZEND_CLONE_SPEC_UNUSED_HANDLER,
32918 ZEND_CLONE_SPEC_CV_HANDLER,
32919 ZEND_CLONE_SPEC_CV_HANDLER,
32920 ZEND_CLONE_SPEC_CV_HANDLER,
32921 ZEND_CLONE_SPEC_CV_HANDLER,
32922 ZEND_CLONE_SPEC_CV_HANDLER,
32923 ZEND_NULL_HANDLER,
32924 ZEND_NULL_HANDLER,
32925 ZEND_NULL_HANDLER,
32926 ZEND_NULL_HANDLER,
32927 ZEND_NULL_HANDLER,
32928 ZEND_NULL_HANDLER,
32929 ZEND_NULL_HANDLER,
32930 ZEND_NULL_HANDLER,
32931 ZEND_NULL_HANDLER,
32932 ZEND_NULL_HANDLER,
32933 ZEND_NULL_HANDLER,
32934 ZEND_NULL_HANDLER,
32935 ZEND_NULL_HANDLER,
32936 ZEND_NULL_HANDLER,
32937 ZEND_NULL_HANDLER,
32938 ZEND_NULL_HANDLER,
32939 ZEND_NULL_HANDLER,
32940 ZEND_NULL_HANDLER,
32941 ZEND_NULL_HANDLER,
32942 ZEND_NULL_HANDLER,
32943 ZEND_NULL_HANDLER,
32944 ZEND_NULL_HANDLER,
32945 ZEND_NULL_HANDLER,
32946 ZEND_NULL_HANDLER,
32947 ZEND_NULL_HANDLER,
32948 ZEND_NULL_HANDLER,
32949 ZEND_NULL_HANDLER,
32950 ZEND_NULL_HANDLER,
32951 ZEND_NULL_HANDLER,
32952 ZEND_NULL_HANDLER,
32953 ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER,
32954 ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER,
32955 ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER,
32956 ZEND_NULL_HANDLER,
32957 ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER,
32958 ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER,
32959 ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER,
32960 ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER,
32961 ZEND_NULL_HANDLER,
32962 ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER,
32963 ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER,
32964 ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER,
32965 ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER,
32966 ZEND_NULL_HANDLER,
32967 ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER,
32968 ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER,
32969 ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER,
32970 ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER,
32971 ZEND_NULL_HANDLER,
32972 ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER,
32973 ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER,
32974 ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER,
32975 ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER,
32976 ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER,
32977 ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER,
32978 ZEND_NULL_HANDLER,
32979 ZEND_NULL_HANDLER,
32980 ZEND_NULL_HANDLER,
32981 ZEND_NULL_HANDLER,
32982 ZEND_NULL_HANDLER,
32983 ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER,
32984 ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER,
32985 ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER,
32986 ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER,
32987 ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER,
32988 ZEND_NULL_HANDLER,
32989 ZEND_NULL_HANDLER,
32990 ZEND_NULL_HANDLER,
32991 ZEND_NULL_HANDLER,
32992 ZEND_NULL_HANDLER,
32993 ZEND_NULL_HANDLER,
32994 ZEND_NULL_HANDLER,
32995 ZEND_NULL_HANDLER,
32996 ZEND_NULL_HANDLER,
32997 ZEND_NULL_HANDLER,
32998 ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER,
32999 ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER,
33000 ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER,
33001 ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER,
33002 ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER,
33003 ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER,
33004 ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER,
33005 ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER,
33006 ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER,
33007 ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER,
33008 ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER,
33009 ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER,
33010 ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER,
33011 ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER,
33012 ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER,
33013 ZEND_NULL_HANDLER,
33014 ZEND_NULL_HANDLER,
33015 ZEND_NULL_HANDLER,
33016 ZEND_NULL_HANDLER,
33017 ZEND_NULL_HANDLER,
33018 ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER,
33019 ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER,
33020 ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER,
33021 ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER,
33022 ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER,
33023 ZEND_NULL_HANDLER,
33024 ZEND_NULL_HANDLER,
33025 ZEND_NULL_HANDLER,
33026 ZEND_NULL_HANDLER,
33027 ZEND_NULL_HANDLER,
33028 ZEND_NULL_HANDLER,
33029 ZEND_NULL_HANDLER,
33030 ZEND_NULL_HANDLER,
33031 ZEND_NULL_HANDLER,
33032 ZEND_NULL_HANDLER,
33033 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CONST_HANDLER,
33034 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_TMP_HANDLER,
33035 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_VAR_HANDLER,
33036 ZEND_NULL_HANDLER,
33037 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_VAR_CV_HANDLER,
33038 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CONST_HANDLER,
33039 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_TMP_HANDLER,
33040 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_VAR_HANDLER,
33041 ZEND_NULL_HANDLER,
33042 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_UNUSED_CV_HANDLER,
33043 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CONST_HANDLER,
33044 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_TMP_HANDLER,
33045 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_VAR_HANDLER,
33046 ZEND_NULL_HANDLER,
33047 ZEND_ISSET_ISEMPTY_DIM_OBJ_SPEC_CV_CV_HANDLER,
33048 ZEND_NULL_HANDLER,
33049 ZEND_NULL_HANDLER,
33050 ZEND_NULL_HANDLER,
33051 ZEND_NULL_HANDLER,
33052 ZEND_NULL_HANDLER,
33053 ZEND_NULL_HANDLER,
33054 ZEND_NULL_HANDLER,
33055 ZEND_NULL_HANDLER,
33056 ZEND_NULL_HANDLER,
33057 ZEND_NULL_HANDLER,
33058 ZEND_NULL_HANDLER,
33059 ZEND_NULL_HANDLER,
33060 ZEND_NULL_HANDLER,
33061 ZEND_NULL_HANDLER,
33062 ZEND_NULL_HANDLER,
33063 ZEND_NULL_HANDLER,
33064 ZEND_NULL_HANDLER,
33065 ZEND_NULL_HANDLER,
33066 ZEND_NULL_HANDLER,
33067 ZEND_NULL_HANDLER,
33068 ZEND_NULL_HANDLER,
33069 ZEND_NULL_HANDLER,
33070 ZEND_NULL_HANDLER,
33071 ZEND_NULL_HANDLER,
33072 ZEND_NULL_HANDLER,
33073 ZEND_NULL_HANDLER,
33074 ZEND_NULL_HANDLER,
33075 ZEND_NULL_HANDLER,
33076 ZEND_NULL_HANDLER,
33077 ZEND_NULL_HANDLER,
33078 ZEND_NULL_HANDLER,
33079 ZEND_NULL_HANDLER,
33080 ZEND_NULL_HANDLER,
33081 ZEND_NULL_HANDLER,
33082 ZEND_NULL_HANDLER,
33083 ZEND_NULL_HANDLER,
33084 ZEND_NULL_HANDLER,
33085 ZEND_NULL_HANDLER,
33086 ZEND_NULL_HANDLER,
33087 ZEND_NULL_HANDLER,
33088 ZEND_NULL_HANDLER,
33089 ZEND_NULL_HANDLER,
33090 ZEND_NULL_HANDLER,
33091 ZEND_NULL_HANDLER,
33092 ZEND_NULL_HANDLER,
33093 ZEND_NULL_HANDLER,
33094 ZEND_NULL_HANDLER,
33095 ZEND_NULL_HANDLER,
33096 ZEND_NULL_HANDLER,
33097 ZEND_NULL_HANDLER,
33098 ZEND_NULL_HANDLER,
33099 ZEND_NULL_HANDLER,
33100 ZEND_NULL_HANDLER,
33101 ZEND_NULL_HANDLER,
33102 ZEND_NULL_HANDLER,
33103 ZEND_NULL_HANDLER,
33104 ZEND_NULL_HANDLER,
33105 ZEND_NULL_HANDLER,
33106 ZEND_NULL_HANDLER,
33107 ZEND_NULL_HANDLER,
33108 ZEND_NULL_HANDLER,
33109 ZEND_NULL_HANDLER,
33110 ZEND_NULL_HANDLER,
33111 ZEND_NULL_HANDLER,
33112 ZEND_NULL_HANDLER,
33113 ZEND_NULL_HANDLER,
33114 ZEND_NULL_HANDLER,
33115 ZEND_NULL_HANDLER,
33116 ZEND_NULL_HANDLER,
33117 ZEND_NULL_HANDLER,
33118 ZEND_NULL_HANDLER,
33119 ZEND_NULL_HANDLER,
33120 ZEND_NULL_HANDLER,
33121 ZEND_NULL_HANDLER,
33122 ZEND_NULL_HANDLER,
33123 ZEND_NULL_HANDLER,
33124 ZEND_NULL_HANDLER,
33125 ZEND_NULL_HANDLER,
33126 ZEND_NULL_HANDLER,
33127 ZEND_NULL_HANDLER,
33128 ZEND_NULL_HANDLER,
33129 ZEND_NULL_HANDLER,
33130 ZEND_NULL_HANDLER,
33131 ZEND_NULL_HANDLER,
33132 ZEND_NULL_HANDLER,
33133 ZEND_NULL_HANDLER,
33134 ZEND_NULL_HANDLER,
33135 ZEND_NULL_HANDLER,
33136 ZEND_NULL_HANDLER,
33137 ZEND_NULL_HANDLER,
33138 ZEND_NULL_HANDLER,
33139 ZEND_NULL_HANDLER,
33140 ZEND_NULL_HANDLER,
33141 ZEND_NULL_HANDLER,
33142 ZEND_NULL_HANDLER,
33143 ZEND_NULL_HANDLER,
33144 ZEND_NULL_HANDLER,
33145 ZEND_NULL_HANDLER,
33146 ZEND_NULL_HANDLER,
33147 ZEND_NULL_HANDLER,
33148 ZEND_NULL_HANDLER,
33149 ZEND_NULL_HANDLER,
33150 ZEND_NULL_HANDLER,
33151 ZEND_NULL_HANDLER,
33152 ZEND_NULL_HANDLER,
33153 ZEND_NULL_HANDLER,
33154 ZEND_NULL_HANDLER,
33155 ZEND_NULL_HANDLER,
33156 ZEND_NULL_HANDLER,
33157 ZEND_NULL_HANDLER,
33158 ZEND_NULL_HANDLER,
33159 ZEND_NULL_HANDLER,
33160 ZEND_NULL_HANDLER,
33161 ZEND_NULL_HANDLER,
33162 ZEND_NULL_HANDLER,
33163 ZEND_NULL_HANDLER,
33164 ZEND_NULL_HANDLER,
33165 ZEND_NULL_HANDLER,
33166 ZEND_NULL_HANDLER,
33167 ZEND_NULL_HANDLER,
33168 ZEND_NULL_HANDLER,
33169 ZEND_NULL_HANDLER,
33170 ZEND_NULL_HANDLER,
33171 ZEND_NULL_HANDLER,
33172 ZEND_NULL_HANDLER,
33173 ZEND_NULL_HANDLER,
33174 ZEND_NULL_HANDLER,
33175 ZEND_NULL_HANDLER,
33176 ZEND_NULL_HANDLER,
33177 ZEND_NULL_HANDLER,
33178 ZEND_NULL_HANDLER,
33179 ZEND_NULL_HANDLER,
33180 ZEND_NULL_HANDLER,
33181 ZEND_NULL_HANDLER,
33182 ZEND_NULL_HANDLER,
33183 ZEND_NULL_HANDLER,
33184 ZEND_NULL_HANDLER,
33185 ZEND_NULL_HANDLER,
33186 ZEND_NULL_HANDLER,
33187 ZEND_NULL_HANDLER,
33188 ZEND_NULL_HANDLER,
33189 ZEND_NULL_HANDLER,
33190 ZEND_NULL_HANDLER,
33191 ZEND_NULL_HANDLER,
33192 ZEND_NULL_HANDLER,
33193 ZEND_NULL_HANDLER,
33194 ZEND_NULL_HANDLER,
33195 ZEND_NULL_HANDLER,
33196 ZEND_NULL_HANDLER,
33197 ZEND_NULL_HANDLER,
33198 ZEND_NULL_HANDLER,
33199 ZEND_NULL_HANDLER,
33200 ZEND_NULL_HANDLER,
33201 ZEND_NULL_HANDLER,
33202 ZEND_NULL_HANDLER,
33203 ZEND_NULL_HANDLER,
33204 ZEND_NULL_HANDLER,
33205 ZEND_NULL_HANDLER,
33206 ZEND_NULL_HANDLER,
33207 ZEND_NULL_HANDLER,
33208 ZEND_NULL_HANDLER,
33209 ZEND_NULL_HANDLER,
33210 ZEND_NULL_HANDLER,
33211 ZEND_NULL_HANDLER,
33212 ZEND_NULL_HANDLER,
33213 ZEND_NULL_HANDLER,
33214 ZEND_NULL_HANDLER,
33215 ZEND_NULL_HANDLER,
33216 ZEND_NULL_HANDLER,
33217 ZEND_NULL_HANDLER,
33218 ZEND_NULL_HANDLER,
33219 ZEND_NULL_HANDLER,
33220 ZEND_NULL_HANDLER,
33221 ZEND_NULL_HANDLER,
33222 ZEND_NULL_HANDLER,
33223 ZEND_NULL_HANDLER,
33224 ZEND_NULL_HANDLER,
33225 ZEND_NULL_HANDLER,
33226 ZEND_NULL_HANDLER,
33227 ZEND_NULL_HANDLER,
33228 ZEND_NULL_HANDLER,
33229 ZEND_NULL_HANDLER,
33230 ZEND_NULL_HANDLER,
33231 ZEND_NULL_HANDLER,
33232 ZEND_NULL_HANDLER,
33233 ZEND_NULL_HANDLER,
33234 ZEND_NULL_HANDLER,
33235 ZEND_NULL_HANDLER,
33236 ZEND_NULL_HANDLER,
33237 ZEND_NULL_HANDLER,
33238 ZEND_NULL_HANDLER,
33239 ZEND_NULL_HANDLER,
33240 ZEND_NULL_HANDLER,
33241 ZEND_NULL_HANDLER,
33242 ZEND_NULL_HANDLER,
33243 ZEND_NULL_HANDLER,
33244 ZEND_NULL_HANDLER,
33245 ZEND_NULL_HANDLER,
33246 ZEND_NULL_HANDLER,
33247 ZEND_NULL_HANDLER,
33248 ZEND_NULL_HANDLER,
33249 ZEND_NULL_HANDLER,
33250 ZEND_NULL_HANDLER,
33251 ZEND_NULL_HANDLER,
33252 ZEND_NULL_HANDLER,
33253 ZEND_NULL_HANDLER,
33254 ZEND_NULL_HANDLER,
33255 ZEND_NULL_HANDLER,
33256 ZEND_NULL_HANDLER,
33257 ZEND_NULL_HANDLER,
33258 ZEND_NULL_HANDLER,
33259 ZEND_NULL_HANDLER,
33260 ZEND_NULL_HANDLER,
33261 ZEND_NULL_HANDLER,
33262 ZEND_NULL_HANDLER,
33263 ZEND_NULL_HANDLER,
33264 ZEND_NULL_HANDLER,
33265 ZEND_NULL_HANDLER,
33266 ZEND_NULL_HANDLER,
33267 ZEND_NULL_HANDLER,
33268 ZEND_NULL_HANDLER,
33269 ZEND_NULL_HANDLER,
33270 ZEND_NULL_HANDLER,
33271 ZEND_NULL_HANDLER,
33272 ZEND_NULL_HANDLER,
33273 ZEND_NULL_HANDLER,
33274 ZEND_NULL_HANDLER,
33275 ZEND_NULL_HANDLER,
33276 ZEND_NULL_HANDLER,
33277 ZEND_NULL_HANDLER,
33278 ZEND_NULL_HANDLER,
33279 ZEND_NULL_HANDLER,
33280 ZEND_NULL_HANDLER,
33281 ZEND_NULL_HANDLER,
33282 ZEND_NULL_HANDLER,
33283 ZEND_NULL_HANDLER,
33284 ZEND_NULL_HANDLER,
33285 ZEND_NULL_HANDLER,
33286 ZEND_NULL_HANDLER,
33287 ZEND_NULL_HANDLER,
33288 ZEND_NULL_HANDLER,
33289 ZEND_NULL_HANDLER,
33290 ZEND_NULL_HANDLER,
33291 ZEND_NULL_HANDLER,
33292 ZEND_NULL_HANDLER,
33293 ZEND_NULL_HANDLER,
33294 ZEND_NULL_HANDLER,
33295 ZEND_NULL_HANDLER,
33296 ZEND_NULL_HANDLER,
33297 ZEND_NULL_HANDLER,
33298 ZEND_NULL_HANDLER,
33299 ZEND_NULL_HANDLER,
33300 ZEND_NULL_HANDLER,
33301 ZEND_NULL_HANDLER,
33302 ZEND_NULL_HANDLER,
33303 ZEND_NULL_HANDLER,
33304 ZEND_NULL_HANDLER,
33305 ZEND_NULL_HANDLER,
33306 ZEND_NULL_HANDLER,
33307 ZEND_NULL_HANDLER,
33308 ZEND_NULL_HANDLER,
33309 ZEND_NULL_HANDLER,
33310 ZEND_NULL_HANDLER,
33311 ZEND_NULL_HANDLER,
33312 ZEND_NULL_HANDLER,
33313 ZEND_NULL_HANDLER,
33314 ZEND_NULL_HANDLER,
33315 ZEND_NULL_HANDLER,
33316 ZEND_NULL_HANDLER,
33317 ZEND_NULL_HANDLER,
33318 ZEND_NULL_HANDLER,
33319 ZEND_NULL_HANDLER,
33320 ZEND_NULL_HANDLER,
33321 ZEND_NULL_HANDLER,
33322 ZEND_NULL_HANDLER,
33323 ZEND_NULL_HANDLER,
33324 ZEND_NULL_HANDLER,
33325 ZEND_NULL_HANDLER,
33326 ZEND_NULL_HANDLER,
33327 ZEND_NULL_HANDLER,
33328 ZEND_NULL_HANDLER,
33329 ZEND_NULL_HANDLER,
33330 ZEND_NULL_HANDLER,
33331 ZEND_NULL_HANDLER,
33332 ZEND_NULL_HANDLER,
33333 ZEND_NULL_HANDLER,
33334 ZEND_NULL_HANDLER,
33335 ZEND_NULL_HANDLER,
33336 ZEND_NULL_HANDLER,
33337 ZEND_NULL_HANDLER,
33338 ZEND_NULL_HANDLER,
33339 ZEND_NULL_HANDLER,
33340 ZEND_NULL_HANDLER,
33341 ZEND_NULL_HANDLER,
33342 ZEND_NULL_HANDLER,
33343 ZEND_NULL_HANDLER,
33344 ZEND_NULL_HANDLER,
33345 ZEND_NULL_HANDLER,
33346 ZEND_NULL_HANDLER,
33347 ZEND_NULL_HANDLER,
33348 ZEND_NULL_HANDLER,
33349 ZEND_NULL_HANDLER,
33350 ZEND_NULL_HANDLER,
33351 ZEND_NULL_HANDLER,
33352 ZEND_NULL_HANDLER,
33353 ZEND_NULL_HANDLER,
33354 ZEND_NULL_HANDLER,
33355 ZEND_NULL_HANDLER,
33356 ZEND_NULL_HANDLER,
33357 ZEND_NULL_HANDLER,
33358 ZEND_NULL_HANDLER,
33359 ZEND_NULL_HANDLER,
33360 ZEND_NULL_HANDLER,
33361 ZEND_NULL_HANDLER,
33362 ZEND_NULL_HANDLER,
33363 ZEND_NULL_HANDLER,
33364 ZEND_NULL_HANDLER,
33365 ZEND_NULL_HANDLER,
33366 ZEND_NULL_HANDLER,
33367 ZEND_NULL_HANDLER,
33368 ZEND_NULL_HANDLER,
33369 ZEND_NULL_HANDLER,
33370 ZEND_NULL_HANDLER,
33371 ZEND_NULL_HANDLER,
33372 ZEND_NULL_HANDLER,
33373 ZEND_NULL_HANDLER,
33374 ZEND_NULL_HANDLER,
33375 ZEND_NULL_HANDLER,
33376 ZEND_NULL_HANDLER,
33377 ZEND_NULL_HANDLER,
33378 ZEND_NULL_HANDLER,
33379 ZEND_NULL_HANDLER,
33380 ZEND_NULL_HANDLER,
33381 ZEND_NULL_HANDLER,
33382 ZEND_NULL_HANDLER,
33383 ZEND_NULL_HANDLER,
33384 ZEND_NULL_HANDLER,
33385 ZEND_NULL_HANDLER,
33386 ZEND_NULL_HANDLER,
33387 ZEND_NULL_HANDLER,
33388 ZEND_NULL_HANDLER,
33389 ZEND_NULL_HANDLER,
33390 ZEND_NULL_HANDLER,
33391 ZEND_NULL_HANDLER,
33392 ZEND_NULL_HANDLER,
33393 ZEND_NULL_HANDLER,
33394 ZEND_NULL_HANDLER,
33395 ZEND_NULL_HANDLER,
33396 ZEND_NULL_HANDLER,
33397 ZEND_NULL_HANDLER,
33398 ZEND_NULL_HANDLER,
33399 ZEND_NULL_HANDLER,
33400 ZEND_NULL_HANDLER,
33401 ZEND_NULL_HANDLER,
33402 ZEND_NULL_HANDLER,
33403 ZEND_NULL_HANDLER,
33404 ZEND_NULL_HANDLER,
33405 ZEND_NULL_HANDLER,
33406 ZEND_NULL_HANDLER,
33407 ZEND_NULL_HANDLER,
33408 ZEND_NULL_HANDLER,
33409 ZEND_NULL_HANDLER,
33410 ZEND_NULL_HANDLER,
33411 ZEND_NULL_HANDLER,
33412 ZEND_NULL_HANDLER,
33413 ZEND_NULL_HANDLER,
33414 ZEND_NULL_HANDLER,
33415 ZEND_NULL_HANDLER,
33416 ZEND_NULL_HANDLER,
33417 ZEND_NULL_HANDLER,
33418 ZEND_NULL_HANDLER,
33419 ZEND_NULL_HANDLER,
33420 ZEND_NULL_HANDLER,
33421 ZEND_NULL_HANDLER,
33422 ZEND_NULL_HANDLER,
33423 ZEND_NULL_HANDLER,
33424 ZEND_NULL_HANDLER,
33425 ZEND_NULL_HANDLER,
33426 ZEND_NULL_HANDLER,
33427 ZEND_NULL_HANDLER,
33428 ZEND_NULL_HANDLER,
33429 ZEND_NULL_HANDLER,
33430 ZEND_NULL_HANDLER,
33431 ZEND_NULL_HANDLER,
33432 ZEND_NULL_HANDLER,
33433 ZEND_NULL_HANDLER,
33434 ZEND_NULL_HANDLER,
33435 ZEND_NULL_HANDLER,
33436 ZEND_NULL_HANDLER,
33437 ZEND_NULL_HANDLER,
33438 ZEND_NULL_HANDLER,
33439 ZEND_NULL_HANDLER,
33440 ZEND_NULL_HANDLER,
33441 ZEND_NULL_HANDLER,
33442 ZEND_NULL_HANDLER,
33443 ZEND_NULL_HANDLER,
33444 ZEND_NULL_HANDLER,
33445 ZEND_NULL_HANDLER,
33446 ZEND_NULL_HANDLER,
33447 ZEND_NULL_HANDLER,
33448 ZEND_NULL_HANDLER,
33449 ZEND_NULL_HANDLER,
33450 ZEND_NULL_HANDLER,
33451 ZEND_NULL_HANDLER,
33452 ZEND_NULL_HANDLER,
33453 ZEND_NULL_HANDLER,
33454 ZEND_NULL_HANDLER,
33455 ZEND_NULL_HANDLER,
33456 ZEND_NULL_HANDLER,
33457 ZEND_NULL_HANDLER,
33458 ZEND_PRE_INC_OBJ_SPEC_VAR_CONST_HANDLER,
33459 ZEND_PRE_INC_OBJ_SPEC_VAR_TMP_HANDLER,
33460 ZEND_PRE_INC_OBJ_SPEC_VAR_VAR_HANDLER,
33461 ZEND_NULL_HANDLER,
33462 ZEND_PRE_INC_OBJ_SPEC_VAR_CV_HANDLER,
33463 ZEND_PRE_INC_OBJ_SPEC_UNUSED_CONST_HANDLER,
33464 ZEND_PRE_INC_OBJ_SPEC_UNUSED_TMP_HANDLER,
33465 ZEND_PRE_INC_OBJ_SPEC_UNUSED_VAR_HANDLER,
33466 ZEND_NULL_HANDLER,
33467 ZEND_PRE_INC_OBJ_SPEC_UNUSED_CV_HANDLER,
33468 ZEND_PRE_INC_OBJ_SPEC_CV_CONST_HANDLER,
33469 ZEND_PRE_INC_OBJ_SPEC_CV_TMP_HANDLER,
33470 ZEND_PRE_INC_OBJ_SPEC_CV_VAR_HANDLER,
33471 ZEND_NULL_HANDLER,
33472 ZEND_PRE_INC_OBJ_SPEC_CV_CV_HANDLER,
33473 ZEND_NULL_HANDLER,
33474 ZEND_NULL_HANDLER,
33475 ZEND_NULL_HANDLER,
33476 ZEND_NULL_HANDLER,
33477 ZEND_NULL_HANDLER,
33478 ZEND_NULL_HANDLER,
33479 ZEND_NULL_HANDLER,
33480 ZEND_NULL_HANDLER,
33481 ZEND_NULL_HANDLER,
33482 ZEND_NULL_HANDLER,
33483 ZEND_PRE_DEC_OBJ_SPEC_VAR_CONST_HANDLER,
33484 ZEND_PRE_DEC_OBJ_SPEC_VAR_TMP_HANDLER,
33485 ZEND_PRE_DEC_OBJ_SPEC_VAR_VAR_HANDLER,
33486 ZEND_NULL_HANDLER,
33487 ZEND_PRE_DEC_OBJ_SPEC_VAR_CV_HANDLER,
33488 ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER,
33489 ZEND_PRE_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER,
33490 ZEND_PRE_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER,
33491 ZEND_NULL_HANDLER,
33492 ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CV_HANDLER,
33493 ZEND_PRE_DEC_OBJ_SPEC_CV_CONST_HANDLER,
33494 ZEND_PRE_DEC_OBJ_SPEC_CV_TMP_HANDLER,
33495 ZEND_PRE_DEC_OBJ_SPEC_CV_VAR_HANDLER,
33496 ZEND_NULL_HANDLER,
33497 ZEND_PRE_DEC_OBJ_SPEC_CV_CV_HANDLER,
33498 ZEND_NULL_HANDLER,
33499 ZEND_NULL_HANDLER,
33500 ZEND_NULL_HANDLER,
33501 ZEND_NULL_HANDLER,
33502 ZEND_NULL_HANDLER,
33503 ZEND_NULL_HANDLER,
33504 ZEND_NULL_HANDLER,
33505 ZEND_NULL_HANDLER,
33506 ZEND_NULL_HANDLER,
33507 ZEND_NULL_HANDLER,
33508 ZEND_POST_INC_OBJ_SPEC_VAR_CONST_HANDLER,
33509 ZEND_POST_INC_OBJ_SPEC_VAR_TMP_HANDLER,
33510 ZEND_POST_INC_OBJ_SPEC_VAR_VAR_HANDLER,
33511 ZEND_NULL_HANDLER,
33512 ZEND_POST_INC_OBJ_SPEC_VAR_CV_HANDLER,
33513 ZEND_POST_INC_OBJ_SPEC_UNUSED_CONST_HANDLER,
33514 ZEND_POST_INC_OBJ_SPEC_UNUSED_TMP_HANDLER,
33515 ZEND_POST_INC_OBJ_SPEC_UNUSED_VAR_HANDLER,
33516 ZEND_NULL_HANDLER,
33517 ZEND_POST_INC_OBJ_SPEC_UNUSED_CV_HANDLER,
33518 ZEND_POST_INC_OBJ_SPEC_CV_CONST_HANDLER,
33519 ZEND_POST_INC_OBJ_SPEC_CV_TMP_HANDLER,
33520 ZEND_POST_INC_OBJ_SPEC_CV_VAR_HANDLER,
33521 ZEND_NULL_HANDLER,
33522 ZEND_POST_INC_OBJ_SPEC_CV_CV_HANDLER,
33523 ZEND_NULL_HANDLER,
33524 ZEND_NULL_HANDLER,
33525 ZEND_NULL_HANDLER,
33526 ZEND_NULL_HANDLER,
33527 ZEND_NULL_HANDLER,
33528 ZEND_NULL_HANDLER,
33529 ZEND_NULL_HANDLER,
33530 ZEND_NULL_HANDLER,
33531 ZEND_NULL_HANDLER,
33532 ZEND_NULL_HANDLER,
33533 ZEND_POST_DEC_OBJ_SPEC_VAR_CONST_HANDLER,
33534 ZEND_POST_DEC_OBJ_SPEC_VAR_TMP_HANDLER,
33535 ZEND_POST_DEC_OBJ_SPEC_VAR_VAR_HANDLER,
33536 ZEND_NULL_HANDLER,
33537 ZEND_POST_DEC_OBJ_SPEC_VAR_CV_HANDLER,
33538 ZEND_POST_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER,
33539 ZEND_POST_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER,
33540 ZEND_POST_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER,
33541 ZEND_NULL_HANDLER,
33542 ZEND_POST_DEC_OBJ_SPEC_UNUSED_CV_HANDLER,
33543 ZEND_POST_DEC_OBJ_SPEC_CV_CONST_HANDLER,
33544 ZEND_POST_DEC_OBJ_SPEC_CV_TMP_HANDLER,
33545 ZEND_POST_DEC_OBJ_SPEC_CV_VAR_HANDLER,
33546 ZEND_NULL_HANDLER,
33547 ZEND_POST_DEC_OBJ_SPEC_CV_CV_HANDLER,
33548 ZEND_NULL_HANDLER,
33549 ZEND_NULL_HANDLER,
33550 ZEND_NULL_HANDLER,
33551 ZEND_NULL_HANDLER,
33552 ZEND_NULL_HANDLER,
33553 ZEND_NULL_HANDLER,
33554 ZEND_NULL_HANDLER,
33555 ZEND_NULL_HANDLER,
33556 ZEND_NULL_HANDLER,
33557 ZEND_NULL_HANDLER,
33558 ZEND_ASSIGN_OBJ_SPEC_VAR_CONST_HANDLER,
33559 ZEND_ASSIGN_OBJ_SPEC_VAR_TMP_HANDLER,
33560 ZEND_ASSIGN_OBJ_SPEC_VAR_VAR_HANDLER,
33561 ZEND_NULL_HANDLER,
33562 ZEND_ASSIGN_OBJ_SPEC_VAR_CV_HANDLER,
33563 ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER,
33564 ZEND_ASSIGN_OBJ_SPEC_UNUSED_TMP_HANDLER,
33565 ZEND_ASSIGN_OBJ_SPEC_UNUSED_VAR_HANDLER,
33566 ZEND_NULL_HANDLER,
33567 ZEND_ASSIGN_OBJ_SPEC_UNUSED_CV_HANDLER,
33568 ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER,
33569 ZEND_ASSIGN_OBJ_SPEC_CV_TMP_HANDLER,
33570 ZEND_ASSIGN_OBJ_SPEC_CV_VAR_HANDLER,
33571 ZEND_NULL_HANDLER,
33572 ZEND_ASSIGN_OBJ_SPEC_CV_CV_HANDLER,
33573 ZEND_NULL_HANDLER,
33574 ZEND_NULL_HANDLER,
33575 ZEND_NULL_HANDLER,
33576 ZEND_NULL_HANDLER,
33577 ZEND_NULL_HANDLER,
33578 ZEND_NULL_HANDLER,
33579 ZEND_NULL_HANDLER,
33580 ZEND_NULL_HANDLER,
33581 ZEND_NULL_HANDLER,
33582 ZEND_NULL_HANDLER,
33583 ZEND_NULL_HANDLER,
33584 ZEND_NULL_HANDLER,
33585 ZEND_NULL_HANDLER,
33586 ZEND_NULL_HANDLER,
33587 ZEND_NULL_HANDLER,
33588 ZEND_NULL_HANDLER,
33589 ZEND_NULL_HANDLER,
33590 ZEND_NULL_HANDLER,
33591 ZEND_NULL_HANDLER,
33592 ZEND_NULL_HANDLER,
33593 ZEND_NULL_HANDLER,
33594 ZEND_NULL_HANDLER,
33595 ZEND_NULL_HANDLER,
33596 ZEND_NULL_HANDLER,
33597 ZEND_NULL_HANDLER,
33598 ZEND_NULL_HANDLER,
33599 ZEND_NULL_HANDLER,
33600 ZEND_NULL_HANDLER,
33601 ZEND_NULL_HANDLER,
33602 ZEND_NULL_HANDLER,
33603 ZEND_INSTANCEOF_SPEC_TMP_HANDLER,
33604 ZEND_INSTANCEOF_SPEC_TMP_HANDLER,
33605 ZEND_INSTANCEOF_SPEC_TMP_HANDLER,
33606 ZEND_INSTANCEOF_SPEC_TMP_HANDLER,
33607 ZEND_INSTANCEOF_SPEC_TMP_HANDLER,
33608 ZEND_INSTANCEOF_SPEC_VAR_HANDLER,
33609 ZEND_INSTANCEOF_SPEC_VAR_HANDLER,
33610 ZEND_INSTANCEOF_SPEC_VAR_HANDLER,
33611 ZEND_INSTANCEOF_SPEC_VAR_HANDLER,
33612 ZEND_INSTANCEOF_SPEC_VAR_HANDLER,
33613 ZEND_NULL_HANDLER,
33614 ZEND_NULL_HANDLER,
33615 ZEND_NULL_HANDLER,
33616 ZEND_NULL_HANDLER,
33617 ZEND_NULL_HANDLER,
33618 ZEND_INSTANCEOF_SPEC_CV_HANDLER,
33619 ZEND_INSTANCEOF_SPEC_CV_HANDLER,
33620 ZEND_INSTANCEOF_SPEC_CV_HANDLER,
33621 ZEND_INSTANCEOF_SPEC_CV_HANDLER,
33622 ZEND_INSTANCEOF_SPEC_CV_HANDLER,
33623 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33624 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33625 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33626 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33627 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33628 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33629 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33630 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33631 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33632 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33633 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33634 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33635 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33636 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33637 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33638 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33639 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33640 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33641 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33642 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33643 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33644 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33645 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33646 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33647 ZEND_DECLARE_CLASS_SPEC_HANDLER,
33648 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33649 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33650 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33651 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33652 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33653 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33654 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33655 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33656 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33657 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33658 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33659 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33660 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33661 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33662 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33663 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33664 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33665 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33666 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33667 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33668 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33669 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33670 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33671 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33672 ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER,
33673 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33674 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33675 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33676 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33677 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33678 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33679 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33680 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33681 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33682 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33683 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33684 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33685 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33686 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33687 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33688 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33689 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33690 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33691 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33692 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33693 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33694 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33695 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33696 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33697 ZEND_DECLARE_FUNCTION_SPEC_HANDLER,
33698 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33699 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33700 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33701 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33702 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33703 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33704 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33705 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33706 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33707 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33708 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33709 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33710 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33711 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33712 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33713 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33714 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33715 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33716 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33717 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33718 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33719 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33720 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33721 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33722 ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER,
33723 ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER,
33724 ZEND_NULL_HANDLER,
33725 ZEND_NULL_HANDLER,
33726 ZEND_NULL_HANDLER,
33727 ZEND_NULL_HANDLER,
33728 ZEND_NULL_HANDLER,
33729 ZEND_NULL_HANDLER,
33730 ZEND_NULL_HANDLER,
33731 ZEND_NULL_HANDLER,
33732 ZEND_NULL_HANDLER,
33733 ZEND_NULL_HANDLER,
33734 ZEND_NULL_HANDLER,
33735 ZEND_NULL_HANDLER,
33736 ZEND_NULL_HANDLER,
33737 ZEND_NULL_HANDLER,
33738 ZEND_NULL_HANDLER,
33739 ZEND_NULL_HANDLER,
33740 ZEND_NULL_HANDLER,
33741 ZEND_NULL_HANDLER,
33742 ZEND_NULL_HANDLER,
33743 ZEND_NULL_HANDLER,
33744 ZEND_NULL_HANDLER,
33745 ZEND_NULL_HANDLER,
33746 ZEND_NULL_HANDLER,
33747 ZEND_NULL_HANDLER,
33748 ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER,
33749 ZEND_NULL_HANDLER,
33750 ZEND_NULL_HANDLER,
33751 ZEND_NULL_HANDLER,
33752 ZEND_NULL_HANDLER,
33753 ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER,
33754 ZEND_NULL_HANDLER,
33755 ZEND_NULL_HANDLER,
33756 ZEND_NULL_HANDLER,
33757 ZEND_NULL_HANDLER,
33758 ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER,
33759 ZEND_NULL_HANDLER,
33760 ZEND_NULL_HANDLER,
33761 ZEND_NULL_HANDLER,
33762 ZEND_NULL_HANDLER,
33763 ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER,
33764 ZEND_NULL_HANDLER,
33765 ZEND_NULL_HANDLER,
33766 ZEND_NULL_HANDLER,
33767 ZEND_NULL_HANDLER,
33768 ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER,
33769 ZEND_NULL_HANDLER,
33770 ZEND_NULL_HANDLER,
33771 ZEND_NULL_HANDLER,
33772 ZEND_NULL_HANDLER,
33773 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33774 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33775 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33776 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33777 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33778 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33779 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33780 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33781 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33782 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33783 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33784 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33785 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33786 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33787 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33788 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33789 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33790 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33791 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33792 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33793 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33794 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33795 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33796 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33797 ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER,
33798 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33799 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33800 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33801 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33802 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33803 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33804 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33805 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33806 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33807 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33808 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33809 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33810 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33811 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33812 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33813 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33814 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33815 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33816 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33817 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33818 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33819 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33820 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33821 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33822 ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER,
33823 ZEND_NULL_HANDLER,
33824 ZEND_NULL_HANDLER,
33825 ZEND_NULL_HANDLER,
33826 ZEND_NULL_HANDLER,
33827 ZEND_NULL_HANDLER,
33828 ZEND_NULL_HANDLER,
33829 ZEND_NULL_HANDLER,
33830 ZEND_NULL_HANDLER,
33831 ZEND_NULL_HANDLER,
33832 ZEND_NULL_HANDLER,
33833 ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER,
33834 ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER,
33835 ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER,
33836 ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER,
33837 ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER,
33838 ZEND_NULL_HANDLER,
33839 ZEND_NULL_HANDLER,
33840 ZEND_NULL_HANDLER,
33841 ZEND_NULL_HANDLER,
33842 ZEND_NULL_HANDLER,
33843 ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER,
33844 ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER,
33845 ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER,
33846 ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER,
33847 ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER,
33848 ZEND_NULL_HANDLER,
33849 ZEND_NULL_HANDLER,
33850 ZEND_NULL_HANDLER,
33851 ZEND_NULL_HANDLER,
33852 ZEND_NULL_HANDLER,
33853 ZEND_NULL_HANDLER,
33854 ZEND_NULL_HANDLER,
33855 ZEND_NULL_HANDLER,
33856 ZEND_NULL_HANDLER,
33857 ZEND_NULL_HANDLER,
33858 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CONST_HANDLER,
33859 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_TMP_HANDLER,
33860 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_VAR_HANDLER,
33861 ZEND_NULL_HANDLER,
33862 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CV_HANDLER,
33863 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CONST_HANDLER,
33864 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_TMP_HANDLER,
33865 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_VAR_HANDLER,
33866 ZEND_NULL_HANDLER,
33867 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CV_HANDLER,
33868 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CONST_HANDLER,
33869 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_TMP_HANDLER,
33870 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_VAR_HANDLER,
33871 ZEND_NULL_HANDLER,
33872 ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CV_HANDLER,
33873 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33874 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33875 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33876 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33877 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33878 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33879 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33880 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33881 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33882 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33883 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33884 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33885 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33886 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33887 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33888 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33889 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33890 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33891 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33892 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33893 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33894 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33895 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33896 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33897 ZEND_HANDLE_EXCEPTION_SPEC_HANDLER,
33898 ZEND_USER_OPCODE_SPEC_HANDLER,
33899 ZEND_USER_OPCODE_SPEC_HANDLER,
33900 ZEND_USER_OPCODE_SPEC_HANDLER,
33901 ZEND_USER_OPCODE_SPEC_HANDLER,
33902 ZEND_USER_OPCODE_SPEC_HANDLER,
33903 ZEND_USER_OPCODE_SPEC_HANDLER,
33904 ZEND_USER_OPCODE_SPEC_HANDLER,
33905 ZEND_USER_OPCODE_SPEC_HANDLER,
33906 ZEND_USER_OPCODE_SPEC_HANDLER,
33907 ZEND_USER_OPCODE_SPEC_HANDLER,
33908 ZEND_USER_OPCODE_SPEC_HANDLER,
33909 ZEND_USER_OPCODE_SPEC_HANDLER,
33910 ZEND_USER_OPCODE_SPEC_HANDLER,
33911 ZEND_USER_OPCODE_SPEC_HANDLER,
33912 ZEND_USER_OPCODE_SPEC_HANDLER,
33913 ZEND_USER_OPCODE_SPEC_HANDLER,
33914 ZEND_USER_OPCODE_SPEC_HANDLER,
33915 ZEND_USER_OPCODE_SPEC_HANDLER,
33916 ZEND_USER_OPCODE_SPEC_HANDLER,
33917 ZEND_USER_OPCODE_SPEC_HANDLER,
33918 ZEND_USER_OPCODE_SPEC_HANDLER,
33919 ZEND_USER_OPCODE_SPEC_HANDLER,
33920 ZEND_USER_OPCODE_SPEC_HANDLER,
33921 ZEND_USER_OPCODE_SPEC_HANDLER,
33922 ZEND_USER_OPCODE_SPEC_HANDLER,
33923 ZEND_NULL_HANDLER,
33924 ZEND_NULL_HANDLER,
33925 ZEND_NULL_HANDLER,
33926 ZEND_NULL_HANDLER,
33927 ZEND_NULL_HANDLER,
33928 ZEND_NULL_HANDLER,
33929 ZEND_NULL_HANDLER,
33930 ZEND_NULL_HANDLER,
33931 ZEND_NULL_HANDLER,
33932 ZEND_NULL_HANDLER,
33933 ZEND_NULL_HANDLER,
33934 ZEND_NULL_HANDLER,
33935 ZEND_NULL_HANDLER,
33936 ZEND_NULL_HANDLER,
33937 ZEND_NULL_HANDLER,
33938 ZEND_NULL_HANDLER,
33939 ZEND_NULL_HANDLER,
33940 ZEND_NULL_HANDLER,
33941 ZEND_NULL_HANDLER,
33942 ZEND_NULL_HANDLER,
33943 ZEND_NULL_HANDLER,
33944 ZEND_NULL_HANDLER,
33945 ZEND_NULL_HANDLER,
33946 ZEND_NULL_HANDLER,
33947 ZEND_NULL_HANDLER,
33948 ZEND_JMP_SET_SPEC_CONST_HANDLER,
33949 ZEND_JMP_SET_SPEC_CONST_HANDLER,
33950 ZEND_JMP_SET_SPEC_CONST_HANDLER,
33951 ZEND_JMP_SET_SPEC_CONST_HANDLER,
33952 ZEND_JMP_SET_SPEC_CONST_HANDLER,
33953 ZEND_JMP_SET_SPEC_TMP_HANDLER,
33954 ZEND_JMP_SET_SPEC_TMP_HANDLER,
33955 ZEND_JMP_SET_SPEC_TMP_HANDLER,
33956 ZEND_JMP_SET_SPEC_TMP_HANDLER,
33957 ZEND_JMP_SET_SPEC_TMP_HANDLER,
33958 ZEND_JMP_SET_SPEC_VAR_HANDLER,
33959 ZEND_JMP_SET_SPEC_VAR_HANDLER,
33960 ZEND_JMP_SET_SPEC_VAR_HANDLER,
33961 ZEND_JMP_SET_SPEC_VAR_HANDLER,
33962 ZEND_JMP_SET_SPEC_VAR_HANDLER,
33963 ZEND_NULL_HANDLER,
33964 ZEND_NULL_HANDLER,
33965 ZEND_NULL_HANDLER,
33966 ZEND_NULL_HANDLER,
33967 ZEND_NULL_HANDLER,
33968 ZEND_JMP_SET_SPEC_CV_HANDLER,
33969 ZEND_JMP_SET_SPEC_CV_HANDLER,
33970 ZEND_JMP_SET_SPEC_CV_HANDLER,
33971 ZEND_JMP_SET_SPEC_CV_HANDLER,
33972 ZEND_JMP_SET_SPEC_CV_HANDLER,
33973 ZEND_DECLARE_LAMBDA_FUNCTION_SPEC_CONST_CONST_HANDLER,
33974 ZEND_NULL_HANDLER,
33975 ZEND_NULL_HANDLER,
33976 ZEND_NULL_HANDLER,
33977 ZEND_NULL_HANDLER,
33978 ZEND_NULL_HANDLER,
33979 ZEND_NULL_HANDLER,
33980 ZEND_NULL_HANDLER,
33981 ZEND_NULL_HANDLER,
33982 ZEND_NULL_HANDLER,
33983 ZEND_NULL_HANDLER,
33984 ZEND_NULL_HANDLER,
33985 ZEND_NULL_HANDLER,
33986 ZEND_NULL_HANDLER,
33987 ZEND_NULL_HANDLER,
33988 ZEND_NULL_HANDLER,
33989 ZEND_NULL_HANDLER,
33990 ZEND_NULL_HANDLER,
33991 ZEND_NULL_HANDLER,
33992 ZEND_NULL_HANDLER,
33993 ZEND_NULL_HANDLER,
33994 ZEND_NULL_HANDLER,
33995 ZEND_NULL_HANDLER,
33996 ZEND_NULL_HANDLER,
33997 ZEND_NULL_HANDLER,
33998 ZEND_NULL_HANDLER
33999 };
34000 zend_opcode_handlers = (opcode_handler_t*)labels;
34001 }
zend_vm_get_opcode_handler(zend_uchar opcode,zend_op * op)34002 static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op)
34003 {
34004 static const int zend_vm_decode[] = {
34005 _UNUSED_CODE, /* 0 */
34006 _CONST_CODE, /* 1 = IS_CONST */
34007 _TMP_CODE, /* 2 = IS_TMP_VAR */
34008 _UNUSED_CODE, /* 3 */
34009 _VAR_CODE, /* 4 = IS_VAR */
34010 _UNUSED_CODE, /* 5 */
34011 _UNUSED_CODE, /* 6 */
34012 _UNUSED_CODE, /* 7 */
34013 _UNUSED_CODE, /* 8 = IS_UNUSED */
34014 _UNUSED_CODE, /* 9 */
34015 _UNUSED_CODE, /* 10 */
34016 _UNUSED_CODE, /* 11 */
34017 _UNUSED_CODE, /* 12 */
34018 _UNUSED_CODE, /* 13 */
34019 _UNUSED_CODE, /* 14 */
34020 _UNUSED_CODE, /* 15 */
34021 _CV_CODE /* 16 = IS_CV */
34022 };
34023 return zend_opcode_handlers[opcode * 25 + zend_vm_decode[op->op1.op_type] * 5 + zend_vm_decode[op->op2.op_type]];
34024 }
34025
zend_vm_set_opcode_handler(zend_op * op)34026 ZEND_API void zend_vm_set_opcode_handler(zend_op* op)
34027 {
34028 op->handler = zend_vm_get_opcode_handler(zend_user_opcodes[op->opcode], op);
34029 }
34030
zend_do_fcall(ZEND_OPCODE_HANDLER_ARGS)34031 ZEND_API int zend_do_fcall(ZEND_OPCODE_HANDLER_ARGS)
34032 {
34033 return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
34034 }
34035
34036
