1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Nikita Popov <nikic@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include <zend_language_parser.h>
22 #include "zend.h"
23 #include "zend_attributes.h"
24 #include "zend_compile.h"
25 #include "zend_constants.h"
26 #include "zend_llist.h"
27 #include "zend_API.h"
28 #include "zend_exceptions.h"
29 #include "zend_interfaces.h"
30 #include "zend_virtual_cwd.h"
31 #include "zend_multibyte.h"
32 #include "zend_language_scanner.h"
33 #include "zend_inheritance.h"
34 #include "zend_vm.h"
35 #include "zend_enum.h"
36 #include "zend_observer.h"
37 #include "zend_call_stack.h"
38 #include "zend_frameless_function.h"
39
40 #define SET_NODE(target, src) do { \
41 target ## _type = (src)->op_type; \
42 if ((src)->op_type == IS_CONST) { \
43 target.constant = zend_add_literal(&(src)->u.constant); \
44 } else { \
45 target = (src)->u.op; \
46 } \
47 } while (0)
48
49 #define GET_NODE(target, src) do { \
50 (target)->op_type = src ## _type; \
51 if ((target)->op_type == IS_CONST) { \
52 ZVAL_COPY_VALUE(&(target)->u.constant, CT_CONSTANT(src)); \
53 } else { \
54 (target)->u.op = src; \
55 } \
56 } while (0)
57
58 #define FC(member) (CG(file_context).member)
59
60 typedef struct _zend_loop_var {
61 uint8_t opcode;
62 uint8_t var_type;
63 uint32_t var_num;
64 uint32_t try_catch_offset;
65 } zend_loop_var;
66
zend_alloc_cache_slots(unsigned count)67 static inline uint32_t zend_alloc_cache_slots(unsigned count) {
68 if (count == 0) {
69 /* Even if no cache slots are desired, the VM handler may still want to acquire
70 * CACHE_ADDR() unconditionally. Returning zero makes sure that the address
71 * calculation is still legal and ubsan does not complain. */
72 return 0;
73 }
74
75 zend_op_array *op_array = CG(active_op_array);
76 uint32_t ret = op_array->cache_size;
77 op_array->cache_size += count * sizeof(void*);
78 return ret;
79 }
80
zend_alloc_cache_slot(void)81 static inline uint32_t zend_alloc_cache_slot(void) {
82 return zend_alloc_cache_slots(1);
83 }
84
85 ZEND_API zend_op_array *(*zend_compile_file)(zend_file_handle *file_handle, int type);
86 ZEND_API zend_op_array *(*zend_compile_string)(zend_string *source_string, const char *filename, zend_compile_position position);
87
88 #ifndef ZTS
89 ZEND_API zend_compiler_globals compiler_globals;
90 ZEND_API zend_executor_globals executor_globals;
91 #endif
92
93 static zend_op *zend_emit_op(znode *result, uint8_t opcode, znode *op1, znode *op2);
94 static bool zend_try_ct_eval_array(zval *result, zend_ast *ast);
95 static void zend_eval_const_expr(zend_ast **ast_ptr);
96
97 static zend_op *zend_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref);
98 static zend_op *zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref);
99 static void zend_compile_expr(znode *result, zend_ast *ast);
100 static void zend_compile_stmt(zend_ast *ast);
101 static void zend_compile_assign(znode *result, zend_ast *ast);
102
103 #ifdef ZEND_CHECK_STACK_LIMIT
zend_stack_limit_error(void)104 zend_never_inline static void zend_stack_limit_error(void)
105 {
106 zend_error_noreturn(E_COMPILE_ERROR,
107 "Maximum call stack size of %zu bytes (zend.max_allowed_stack_size - zend.reserved_stack_size) reached during compilation. Try splitting expression",
108 (size_t) ((uintptr_t) EG(stack_base) - (uintptr_t) EG(stack_limit)));
109 }
110
zend_check_stack_limit(void)111 static void zend_check_stack_limit(void)
112 {
113 if (UNEXPECTED(zend_call_stack_overflowed(EG(stack_limit)))) {
114 zend_stack_limit_error();
115 }
116 }
117 #else /* ZEND_CHECK_STACK_LIMIT */
zend_check_stack_limit(void)118 static void zend_check_stack_limit(void)
119 {
120 }
121 #endif /* ZEND_CHECK_STACK_LIMIT */
122
init_op(zend_op * op)123 static void init_op(zend_op *op)
124 {
125 MAKE_NOP(op);
126 op->extended_value = 0;
127 op->lineno = CG(zend_lineno);
128 #ifdef ZEND_VERIFY_TYPE_INFERENCE
129 op->op1_use_type = 0;
130 op->op2_use_type = 0;
131 op->result_use_type = 0;
132 op->op1_def_type = 0;
133 op->op2_def_type = 0;
134 op->result_def_type = 0;
135 #endif
136 }
137
get_next_op_number(void)138 static zend_always_inline uint32_t get_next_op_number(void)
139 {
140 return CG(active_op_array)->last;
141 }
142
get_next_op(void)143 static zend_op *get_next_op(void)
144 {
145 zend_op_array *op_array = CG(active_op_array);
146 uint32_t next_op_num = op_array->last++;
147 zend_op *next_op;
148
149 if (UNEXPECTED(next_op_num >= CG(context).opcodes_size)) {
150 CG(context).opcodes_size *= 4;
151 op_array->opcodes = erealloc(op_array->opcodes, CG(context).opcodes_size * sizeof(zend_op));
152 }
153
154 next_op = &(op_array->opcodes[next_op_num]);
155
156 init_op(next_op);
157
158 return next_op;
159 }
160
get_next_brk_cont_element(void)161 static zend_brk_cont_element *get_next_brk_cont_element(void)
162 {
163 CG(context).last_brk_cont++;
164 CG(context).brk_cont_array = erealloc(CG(context).brk_cont_array, sizeof(zend_brk_cont_element) * CG(context).last_brk_cont);
165 return &CG(context).brk_cont_array[CG(context).last_brk_cont-1];
166 }
167
zend_build_runtime_definition_key(zend_string * name,uint32_t start_lineno)168 static zend_string *zend_build_runtime_definition_key(zend_string *name, uint32_t start_lineno) /* {{{ */
169 {
170 zend_string *filename = CG(active_op_array)->filename;
171 zend_string *result = zend_strpprintf(0, "%c%s%s:%" PRIu32 "$%" PRIx32,
172 '\0', ZSTR_VAL(name), ZSTR_VAL(filename), start_lineno, CG(rtd_key_counter)++);
173 return zend_new_interned_string(result);
174 }
175 /* }}} */
176
zend_get_unqualified_name(const zend_string * name,const char ** result,size_t * result_len)177 static bool zend_get_unqualified_name(const zend_string *name, const char **result, size_t *result_len) /* {{{ */
178 {
179 const char *ns_separator = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
180 if (ns_separator != NULL) {
181 *result = ns_separator + 1;
182 *result_len = ZSTR_VAL(name) + ZSTR_LEN(name) - *result;
183 return 1;
184 }
185
186 return 0;
187 }
188 /* }}} */
189
190 struct reserved_class_name {
191 const char *name;
192 size_t len;
193 };
194 static const struct reserved_class_name reserved_class_names[] = {
195 {ZEND_STRL("bool")},
196 {ZEND_STRL("false")},
197 {ZEND_STRL("float")},
198 {ZEND_STRL("int")},
199 {ZEND_STRL("null")},
200 {ZEND_STRL("parent")},
201 {ZEND_STRL("self")},
202 {ZEND_STRL("static")},
203 {ZEND_STRL("string")},
204 {ZEND_STRL("true")},
205 {ZEND_STRL("void")},
206 {ZEND_STRL("never")},
207 {ZEND_STRL("iterable")},
208 {ZEND_STRL("object")},
209 {ZEND_STRL("mixed")},
210 {NULL, 0}
211 };
212
zend_is_reserved_class_name(const zend_string * name)213 static bool zend_is_reserved_class_name(const zend_string *name) /* {{{ */
214 {
215 const struct reserved_class_name *reserved = reserved_class_names;
216
217 const char *uqname = ZSTR_VAL(name);
218 size_t uqname_len = ZSTR_LEN(name);
219 zend_get_unqualified_name(name, &uqname, &uqname_len);
220
221 for (; reserved->name; ++reserved) {
222 if (uqname_len == reserved->len
223 && zend_binary_strcasecmp(uqname, uqname_len, reserved->name, reserved->len) == 0
224 ) {
225 return 1;
226 }
227 }
228
229 return 0;
230 }
231 /* }}} */
232
zend_assert_valid_class_name(const zend_string * name)233 void zend_assert_valid_class_name(const zend_string *name) /* {{{ */
234 {
235 if (zend_is_reserved_class_name(name)) {
236 zend_error_noreturn(E_COMPILE_ERROR,
237 "Cannot use '%s' as class name as it is reserved", ZSTR_VAL(name));
238 }
239 }
240 /* }}} */
241
242 typedef struct _builtin_type_info {
243 const char* name;
244 const size_t name_len;
245 const uint8_t type;
246 } builtin_type_info;
247
248 static const builtin_type_info builtin_types[] = {
249 {ZEND_STRL("null"), IS_NULL},
250 {ZEND_STRL("true"), IS_TRUE},
251 {ZEND_STRL("false"), IS_FALSE},
252 {ZEND_STRL("int"), IS_LONG},
253 {ZEND_STRL("float"), IS_DOUBLE},
254 {ZEND_STRL("string"), IS_STRING},
255 {ZEND_STRL("bool"), _IS_BOOL},
256 {ZEND_STRL("void"), IS_VOID},
257 {ZEND_STRL("never"), IS_NEVER},
258 {ZEND_STRL("iterable"), IS_ITERABLE},
259 {ZEND_STRL("object"), IS_OBJECT},
260 {ZEND_STRL("mixed"), IS_MIXED},
261 {NULL, 0, IS_UNDEF}
262 };
263
264 typedef struct {
265 const char *name;
266 size_t name_len;
267 const char *correct_name;
268 } confusable_type_info;
269
270 static const confusable_type_info confusable_types[] = {
271 {ZEND_STRL("boolean"), "bool"},
272 {ZEND_STRL("integer"), "int"},
273 {ZEND_STRL("double"), "float"},
274 {ZEND_STRL("resource"), NULL},
275 {NULL, 0, NULL},
276 };
277
zend_lookup_builtin_type_by_name(const zend_string * name)278 static zend_always_inline uint8_t zend_lookup_builtin_type_by_name(const zend_string *name) /* {{{ */
279 {
280 const builtin_type_info *info = &builtin_types[0];
281
282 for (; info->name; ++info) {
283 if (ZSTR_LEN(name) == info->name_len
284 && zend_binary_strcasecmp(ZSTR_VAL(name), ZSTR_LEN(name), info->name, info->name_len) == 0
285 ) {
286 return info->type;
287 }
288 }
289
290 return 0;
291 }
292 /* }}} */
293
zend_is_confusable_type(const zend_string * name,const char ** correct_name)294 static zend_always_inline bool zend_is_confusable_type(const zend_string *name, const char **correct_name) /* {{{ */
295 {
296 const confusable_type_info *info = confusable_types;
297
298 /* Intentionally using case-sensitive comparison here, because "integer" is likely intended
299 * as a scalar type, while "Integer" is likely a class type. */
300 for (; info->name; ++info) {
301 if (zend_string_equals_cstr(name, info->name, info->name_len)) {
302 *correct_name = info->correct_name;
303 return 1;
304 }
305 }
306
307 return 0;
308 }
309 /* }}} */
310
zend_is_not_imported(zend_string * name)311 static bool zend_is_not_imported(zend_string *name) {
312 /* Assuming "name" is unqualified here. */
313 return !FC(imports) || zend_hash_find_ptr_lc(FC(imports), name) == NULL;
314 }
315
zend_oparray_context_begin(zend_oparray_context * prev_context)316 void zend_oparray_context_begin(zend_oparray_context *prev_context) /* {{{ */
317 {
318 *prev_context = CG(context);
319 CG(context).opcodes_size = INITIAL_OP_ARRAY_SIZE;
320 CG(context).vars_size = 0;
321 CG(context).literals_size = 0;
322 CG(context).fast_call_var = -1;
323 CG(context).try_catch_offset = -1;
324 CG(context).current_brk_cont = -1;
325 CG(context).last_brk_cont = 0;
326 CG(context).brk_cont_array = NULL;
327 CG(context).labels = NULL;
328 CG(context).in_jmp_frameless_branch = false;
329 }
330 /* }}} */
331
zend_oparray_context_end(zend_oparray_context * prev_context)332 void zend_oparray_context_end(zend_oparray_context *prev_context) /* {{{ */
333 {
334 if (CG(context).brk_cont_array) {
335 efree(CG(context).brk_cont_array);
336 CG(context).brk_cont_array = NULL;
337 }
338 if (CG(context).labels) {
339 zend_hash_destroy(CG(context).labels);
340 FREE_HASHTABLE(CG(context).labels);
341 CG(context).labels = NULL;
342 }
343 CG(context) = *prev_context;
344 }
345 /* }}} */
346
zend_reset_import_tables(void)347 static void zend_reset_import_tables(void) /* {{{ */
348 {
349 if (FC(imports)) {
350 zend_hash_destroy(FC(imports));
351 efree(FC(imports));
352 FC(imports) = NULL;
353 }
354
355 if (FC(imports_function)) {
356 zend_hash_destroy(FC(imports_function));
357 efree(FC(imports_function));
358 FC(imports_function) = NULL;
359 }
360
361 if (FC(imports_const)) {
362 zend_hash_destroy(FC(imports_const));
363 efree(FC(imports_const));
364 FC(imports_const) = NULL;
365 }
366 }
367 /* }}} */
368
zend_end_namespace(void)369 static void zend_end_namespace(void) /* {{{ */ {
370 FC(in_namespace) = 0;
371 zend_reset_import_tables();
372 if (FC(current_namespace)) {
373 zend_string_release_ex(FC(current_namespace), 0);
374 FC(current_namespace) = NULL;
375 }
376 }
377 /* }}} */
378
zend_file_context_begin(zend_file_context * prev_context)379 void zend_file_context_begin(zend_file_context *prev_context) /* {{{ */
380 {
381 *prev_context = CG(file_context);
382 FC(imports) = NULL;
383 FC(imports_function) = NULL;
384 FC(imports_const) = NULL;
385 FC(current_namespace) = NULL;
386 FC(in_namespace) = 0;
387 FC(has_bracketed_namespaces) = 0;
388 FC(declarables).ticks = 0;
389 zend_hash_init(&FC(seen_symbols), 8, NULL, NULL, 0);
390 }
391 /* }}} */
392
zend_file_context_end(zend_file_context * prev_context)393 void zend_file_context_end(zend_file_context *prev_context) /* {{{ */
394 {
395 zend_end_namespace();
396 zend_hash_destroy(&FC(seen_symbols));
397 CG(file_context) = *prev_context;
398 }
399 /* }}} */
400
zend_init_compiler_data_structures(void)401 void zend_init_compiler_data_structures(void) /* {{{ */
402 {
403 zend_stack_init(&CG(loop_var_stack), sizeof(zend_loop_var));
404 zend_stack_init(&CG(delayed_oplines_stack), sizeof(zend_op));
405 zend_stack_init(&CG(short_circuiting_opnums), sizeof(uint32_t));
406 CG(active_class_entry) = NULL;
407 CG(in_compilation) = 0;
408 CG(skip_shebang) = 0;
409
410 CG(encoding_declared) = 0;
411 CG(memoized_exprs) = NULL;
412 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
413 }
414 /* }}} */
415
zend_register_seen_symbol(zend_string * name,uint32_t kind)416 static void zend_register_seen_symbol(zend_string *name, uint32_t kind) {
417 zval *zv = zend_hash_find(&FC(seen_symbols), name);
418 if (zv) {
419 Z_LVAL_P(zv) |= kind;
420 } else {
421 zval tmp;
422 ZVAL_LONG(&tmp, kind);
423 zend_hash_add_new(&FC(seen_symbols), name, &tmp);
424 }
425 }
426
zend_have_seen_symbol(zend_string * name,uint32_t kind)427 static bool zend_have_seen_symbol(zend_string *name, uint32_t kind) {
428 zval *zv = zend_hash_find(&FC(seen_symbols), name);
429 return zv && (Z_LVAL_P(zv) & kind) != 0;
430 }
431
init_compiler(void)432 void init_compiler(void) /* {{{ */
433 {
434 CG(arena) = zend_arena_create(64 * 1024);
435 CG(active_op_array) = NULL;
436 memset(&CG(context), 0, sizeof(CG(context)));
437 zend_init_compiler_data_structures();
438 zend_init_rsrc_list();
439 zend_stream_init();
440 CG(unclean_shutdown) = 0;
441
442 CG(delayed_variance_obligations) = NULL;
443 CG(delayed_autoloads) = NULL;
444 CG(unlinked_uses) = NULL;
445 CG(current_linking_class) = NULL;
446 }
447 /* }}} */
448
shutdown_compiler(void)449 void shutdown_compiler(void) /* {{{ */
450 {
451 /* Reset filename before destroying the arena, as file cache may use arena allocated strings. */
452 zend_restore_compiled_filename(NULL);
453
454 zend_stack_destroy(&CG(loop_var_stack));
455 zend_stack_destroy(&CG(delayed_oplines_stack));
456 zend_stack_destroy(&CG(short_circuiting_opnums));
457
458 if (CG(delayed_variance_obligations)) {
459 zend_hash_destroy(CG(delayed_variance_obligations));
460 FREE_HASHTABLE(CG(delayed_variance_obligations));
461 CG(delayed_variance_obligations) = NULL;
462 }
463 if (CG(delayed_autoloads)) {
464 zend_hash_destroy(CG(delayed_autoloads));
465 FREE_HASHTABLE(CG(delayed_autoloads));
466 CG(delayed_autoloads) = NULL;
467 }
468 if (CG(unlinked_uses)) {
469 zend_hash_destroy(CG(unlinked_uses));
470 FREE_HASHTABLE(CG(unlinked_uses));
471 CG(unlinked_uses) = NULL;
472 }
473 CG(current_linking_class) = NULL;
474 }
475 /* }}} */
476
zend_set_compiled_filename(zend_string * new_compiled_filename)477 ZEND_API zend_string *zend_set_compiled_filename(zend_string *new_compiled_filename) /* {{{ */
478 {
479 CG(compiled_filename) = zend_string_copy(new_compiled_filename);
480 return new_compiled_filename;
481 }
482 /* }}} */
483
zend_restore_compiled_filename(zend_string * original_compiled_filename)484 ZEND_API void zend_restore_compiled_filename(zend_string *original_compiled_filename) /* {{{ */
485 {
486 if (CG(compiled_filename)) {
487 zend_string_release(CG(compiled_filename));
488 CG(compiled_filename) = NULL;
489 }
490 CG(compiled_filename) = original_compiled_filename;
491 }
492 /* }}} */
493
zend_get_compiled_filename(void)494 ZEND_API zend_string *zend_get_compiled_filename(void) /* {{{ */
495 {
496 return CG(compiled_filename);
497 }
498 /* }}} */
499
zend_get_compiled_lineno(void)500 ZEND_API int zend_get_compiled_lineno(void) /* {{{ */
501 {
502 return CG(zend_lineno);
503 }
504 /* }}} */
505
zend_is_compiling(void)506 ZEND_API bool zend_is_compiling(void) /* {{{ */
507 {
508 return CG(in_compilation);
509 }
510 /* }}} */
511
get_temporary_variable(void)512 static zend_always_inline uint32_t get_temporary_variable(void) /* {{{ */
513 {
514 return (uint32_t)CG(active_op_array)->T++;
515 }
516 /* }}} */
517
lookup_cv(zend_string * name)518 static int lookup_cv(zend_string *name) /* {{{ */{
519 zend_op_array *op_array = CG(active_op_array);
520 int i = 0;
521 zend_ulong hash_value = zend_string_hash_val(name);
522
523 while (i < op_array->last_var) {
524 if (ZSTR_H(op_array->vars[i]) == hash_value
525 && zend_string_equals(op_array->vars[i], name)) {
526 return EX_NUM_TO_VAR(i);
527 }
528 i++;
529 }
530 i = op_array->last_var;
531 op_array->last_var++;
532 if (op_array->last_var > CG(context).vars_size) {
533 CG(context).vars_size += 16; /* FIXME */
534 op_array->vars = erealloc(op_array->vars, CG(context).vars_size * sizeof(zend_string*));
535 }
536
537 op_array->vars[i] = zend_string_copy(name);
538 return EX_NUM_TO_VAR(i);
539 }
540 /* }}} */
541
zval_make_interned_string(zval * zv)542 zend_string *zval_make_interned_string(zval *zv)
543 {
544 ZEND_ASSERT(Z_TYPE_P(zv) == IS_STRING);
545 Z_STR_P(zv) = zend_new_interned_string(Z_STR_P(zv));
546 if (ZSTR_IS_INTERNED(Z_STR_P(zv))) {
547 Z_TYPE_FLAGS_P(zv) = 0;
548 }
549 return Z_STR_P(zv);
550 }
551
552 /* Common part of zend_add_literal and zend_append_individual_literal */
zend_insert_literal(zend_op_array * op_array,zval * zv,int literal_position)553 static inline void zend_insert_literal(zend_op_array *op_array, zval *zv, int literal_position) /* {{{ */
554 {
555 zval *lit = CT_CONSTANT_EX(op_array, literal_position);
556 if (Z_TYPE_P(zv) == IS_STRING) {
557 zval_make_interned_string(zv);
558 }
559 ZVAL_COPY_VALUE(lit, zv);
560 Z_EXTRA_P(lit) = 0;
561 }
562 /* }}} */
563
564 /* Is used while compiling a function, using the context to keep track
565 of an approximate size to avoid to relocate to often.
566 Literals are truncated to actual size in the second compiler pass (pass_two()). */
zend_add_literal(zval * zv)567 static int zend_add_literal(zval *zv) /* {{{ */
568 {
569 zend_op_array *op_array = CG(active_op_array);
570 int i = op_array->last_literal;
571 op_array->last_literal++;
572 if (i >= CG(context).literals_size) {
573 while (i >= CG(context).literals_size) {
574 CG(context).literals_size += 16; /* FIXME */
575 }
576 op_array->literals = (zval*)erealloc(op_array->literals, CG(context).literals_size * sizeof(zval));
577 }
578 zend_insert_literal(op_array, zv, i);
579 return i;
580 }
581 /* }}} */
582
zend_add_literal_string(zend_string ** str)583 static inline int zend_add_literal_string(zend_string **str) /* {{{ */
584 {
585 int ret;
586 zval zv;
587 ZVAL_STR(&zv, *str);
588 ret = zend_add_literal(&zv);
589 *str = Z_STR(zv);
590 return ret;
591 }
592 /* }}} */
593
zend_add_func_name_literal(zend_string * name)594 static int zend_add_func_name_literal(zend_string *name) /* {{{ */
595 {
596 /* Original name */
597 int ret = zend_add_literal_string(&name);
598
599 /* Lowercased name */
600 zend_string *lc_name = zend_string_tolower(name);
601 zend_add_literal_string(&lc_name);
602
603 return ret;
604 }
605 /* }}} */
606
zend_add_ns_func_name_literal(zend_string * name)607 static int zend_add_ns_func_name_literal(zend_string *name) /* {{{ */
608 {
609 const char *unqualified_name;
610 size_t unqualified_name_len;
611
612 /* Original name */
613 int ret = zend_add_literal_string(&name);
614
615 /* Lowercased name */
616 zend_string *lc_name = zend_string_tolower(name);
617 zend_add_literal_string(&lc_name);
618
619 /* Lowercased unqualified name */
620 if (zend_get_unqualified_name(name, &unqualified_name, &unqualified_name_len)) {
621 lc_name = zend_string_alloc(unqualified_name_len, 0);
622 zend_str_tolower_copy(ZSTR_VAL(lc_name), unqualified_name, unqualified_name_len);
623 zend_add_literal_string(&lc_name);
624 }
625
626 return ret;
627 }
628 /* }}} */
629
zend_add_class_name_literal(zend_string * name)630 static int zend_add_class_name_literal(zend_string *name) /* {{{ */
631 {
632 /* Original name */
633 int ret = zend_add_literal_string(&name);
634
635 /* Lowercased name */
636 zend_string *lc_name = zend_string_tolower(name);
637 zend_add_literal_string(&lc_name);
638
639 return ret;
640 }
641 /* }}} */
642
zend_add_const_name_literal(zend_string * name,bool unqualified)643 static int zend_add_const_name_literal(zend_string *name, bool unqualified) /* {{{ */
644 {
645 zend_string *tmp_name;
646
647 int ret = zend_add_literal_string(&name);
648
649 size_t ns_len = 0, after_ns_len = ZSTR_LEN(name);
650 const char *after_ns = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
651 if (after_ns) {
652 after_ns += 1;
653 ns_len = after_ns - ZSTR_VAL(name) - 1;
654 after_ns_len = ZSTR_LEN(name) - ns_len - 1;
655
656 /* lowercased namespace name & original constant name */
657 tmp_name = zend_string_init(ZSTR_VAL(name), ZSTR_LEN(name), 0);
658 zend_str_tolower(ZSTR_VAL(tmp_name), ns_len);
659 zend_add_literal_string(&tmp_name);
660
661 if (!unqualified) {
662 return ret;
663 }
664 } else {
665 after_ns = ZSTR_VAL(name);
666 }
667
668 /* original unqualified constant name */
669 tmp_name = zend_string_init(after_ns, after_ns_len, 0);
670 zend_add_literal_string(&tmp_name);
671
672 return ret;
673 }
674 /* }}} */
675
676 #define LITERAL_STR(op, str) do { \
677 zval _c; \
678 ZVAL_STR(&_c, str); \
679 op.constant = zend_add_literal(&_c); \
680 } while (0)
681
zend_stop_lexing(void)682 void zend_stop_lexing(void)
683 {
684 if (LANG_SCNG(on_event)) {
685 LANG_SCNG(on_event)(ON_STOP, END, 0, NULL, 0, LANG_SCNG(on_event_context));
686 }
687
688 LANG_SCNG(yy_cursor) = LANG_SCNG(yy_limit);
689 }
690
zend_begin_loop(uint8_t free_opcode,const znode * loop_var,bool is_switch)691 static inline void zend_begin_loop(
692 uint8_t free_opcode, const znode *loop_var, bool is_switch) /* {{{ */
693 {
694 zend_brk_cont_element *brk_cont_element;
695 int parent = CG(context).current_brk_cont;
696 zend_loop_var info = {0};
697
698 CG(context).current_brk_cont = CG(context).last_brk_cont;
699 brk_cont_element = get_next_brk_cont_element();
700 brk_cont_element->parent = parent;
701 brk_cont_element->is_switch = is_switch;
702
703 if (loop_var && (loop_var->op_type & (IS_VAR|IS_TMP_VAR))) {
704 uint32_t start = get_next_op_number();
705
706 info.opcode = free_opcode;
707 info.var_type = loop_var->op_type;
708 info.var_num = loop_var->u.op.var;
709 brk_cont_element->start = start;
710 } else {
711 info.opcode = ZEND_NOP;
712 /* The start field is used to free temporary variables in case of exceptions.
713 * We won't try to free something of we don't have loop variable. */
714 brk_cont_element->start = -1;
715 }
716
717 zend_stack_push(&CG(loop_var_stack), &info);
718 }
719 /* }}} */
720
zend_end_loop(int cont_addr,const znode * var_node)721 static inline void zend_end_loop(int cont_addr, const znode *var_node) /* {{{ */
722 {
723 uint32_t end = get_next_op_number();
724 zend_brk_cont_element *brk_cont_element
725 = &CG(context).brk_cont_array[CG(context).current_brk_cont];
726 brk_cont_element->cont = cont_addr;
727 brk_cont_element->brk = end;
728 CG(context).current_brk_cont = brk_cont_element->parent;
729
730 zend_stack_del_top(&CG(loop_var_stack));
731 }
732 /* }}} */
733
zend_do_free(znode * op1)734 static void zend_do_free(znode *op1) /* {{{ */
735 {
736 if (op1->op_type == IS_TMP_VAR) {
737 zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
738
739 while (opline->opcode == ZEND_END_SILENCE ||
740 opline->opcode == ZEND_OP_DATA) {
741 opline--;
742 }
743
744 if (opline->result_type == IS_TMP_VAR && opline->result.var == op1->u.op.var) {
745 switch (opline->opcode) {
746 case ZEND_BOOL:
747 case ZEND_BOOL_NOT:
748 /* boolean results don't have to be freed */
749 return;
750 case ZEND_POST_INC_STATIC_PROP:
751 case ZEND_POST_DEC_STATIC_PROP:
752 case ZEND_POST_INC_OBJ:
753 case ZEND_POST_DEC_OBJ:
754 case ZEND_POST_INC:
755 case ZEND_POST_DEC:
756 /* convert $i++ to ++$i */
757 opline->opcode -= 2;
758 SET_UNUSED(opline->result);
759 return;
760 case ZEND_ASSIGN:
761 case ZEND_ASSIGN_DIM:
762 case ZEND_ASSIGN_OBJ:
763 case ZEND_ASSIGN_STATIC_PROP:
764 case ZEND_ASSIGN_OP:
765 case ZEND_ASSIGN_DIM_OP:
766 case ZEND_ASSIGN_OBJ_OP:
767 case ZEND_ASSIGN_STATIC_PROP_OP:
768 case ZEND_PRE_INC_STATIC_PROP:
769 case ZEND_PRE_DEC_STATIC_PROP:
770 case ZEND_PRE_INC_OBJ:
771 case ZEND_PRE_DEC_OBJ:
772 case ZEND_PRE_INC:
773 case ZEND_PRE_DEC:
774 SET_UNUSED(opline->result);
775 return;
776 }
777 }
778
779 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
780 } else if (op1->op_type == IS_VAR) {
781 zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
782 while (opline->opcode == ZEND_END_SILENCE ||
783 opline->opcode == ZEND_EXT_FCALL_END ||
784 opline->opcode == ZEND_OP_DATA) {
785 opline--;
786 }
787 if (opline->result_type == IS_VAR
788 && opline->result.var == op1->u.op.var) {
789 if (opline->opcode == ZEND_FETCH_THIS) {
790 opline->opcode = ZEND_NOP;
791 }
792 if (!ZEND_OP_IS_FRAMELESS_ICALL(opline->opcode)) {
793 SET_UNUSED(opline->result);
794 } else {
795 /* Frameless calls usually use the return value, so always emit a free. This should be
796 * faster than checking RETURN_VALUE_USED inside the handler. */
797 // FIXME: We may actually look at the function signature to determine whether a free
798 // is necessary.
799 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
800 }
801 } else {
802 while (opline >= CG(active_op_array)->opcodes) {
803 if ((opline->opcode == ZEND_FETCH_LIST_R ||
804 opline->opcode == ZEND_FETCH_LIST_W) &&
805 opline->op1_type == IS_VAR &&
806 opline->op1.var == op1->u.op.var) {
807 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
808 return;
809 }
810 if (opline->result_type == IS_VAR
811 && opline->result.var == op1->u.op.var) {
812 if (opline->opcode == ZEND_NEW) {
813 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
814 }
815 break;
816 }
817 opline--;
818 }
819 }
820 } else if (op1->op_type == IS_CONST) {
821 /* Destroy value without using GC: When opcache moves arrays into SHM it will
822 * free the zend_array structure, so references to it from outside the op array
823 * become invalid. GC would cause such a reference in the root buffer. */
824 zval_ptr_dtor_nogc(&op1->u.constant);
825 }
826 }
827 /* }}} */
828
829
zend_modifier_token_to_string(uint32_t token)830 static char *zend_modifier_token_to_string(uint32_t token)
831 {
832 switch (token) {
833 case T_PUBLIC:
834 return "public";
835 case T_PROTECTED:
836 return "protected";
837 case T_PRIVATE:
838 return "private";
839 case T_STATIC:
840 return "static";
841 case T_FINAL:
842 return "final";
843 case T_READONLY:
844 return "readonly";
845 case T_ABSTRACT:
846 return "abstract";
847 EMPTY_SWITCH_DEFAULT_CASE()
848 }
849 }
850
zend_modifier_token_to_flag(zend_modifier_target target,uint32_t token)851 uint32_t zend_modifier_token_to_flag(zend_modifier_target target, uint32_t token)
852 {
853 switch (token) {
854 case T_PUBLIC:
855 return ZEND_ACC_PUBLIC;
856 case T_PROTECTED:
857 return ZEND_ACC_PROTECTED;
858 case T_PRIVATE:
859 return ZEND_ACC_PRIVATE;
860 case T_READONLY:
861 if (target == ZEND_MODIFIER_TARGET_PROPERTY || target == ZEND_MODIFIER_TARGET_CPP) {
862 return ZEND_ACC_READONLY;
863 }
864 break;
865 case T_ABSTRACT:
866 if (target == ZEND_MODIFIER_TARGET_METHOD) {
867 return ZEND_ACC_ABSTRACT;
868 }
869 break;
870 case T_FINAL:
871 if (target == ZEND_MODIFIER_TARGET_METHOD || target == ZEND_MODIFIER_TARGET_CONSTANT) {
872 return ZEND_ACC_FINAL;
873 }
874 break;
875 case T_STATIC:
876 if (target == ZEND_MODIFIER_TARGET_PROPERTY || target == ZEND_MODIFIER_TARGET_METHOD) {
877 return ZEND_ACC_STATIC;
878 }
879 break;
880 }
881
882 char *member;
883 if (target == ZEND_MODIFIER_TARGET_PROPERTY) {
884 member = "property";
885 } else if (target == ZEND_MODIFIER_TARGET_METHOD) {
886 member = "method";
887 } else if (target == ZEND_MODIFIER_TARGET_CONSTANT) {
888 member = "class constant";
889 } else if (target == ZEND_MODIFIER_TARGET_CPP) {
890 member = "parameter";
891 } else {
892 ZEND_UNREACHABLE();
893 }
894
895 zend_throw_exception_ex(zend_ce_compile_error, 0,
896 "Cannot use the %s modifier on a %s", zend_modifier_token_to_string(token), member);
897 return 0;
898 }
899
zend_modifier_list_to_flags(zend_modifier_target target,zend_ast * modifiers)900 uint32_t zend_modifier_list_to_flags(zend_modifier_target target, zend_ast *modifiers)
901 {
902 uint32_t flags = 0;
903 zend_ast_list *modifier_list = zend_ast_get_list(modifiers);
904
905 for (uint32_t i = 0; i < modifier_list->children; i++) {
906 uint32_t new_flag = zend_modifier_token_to_flag(target, (uint32_t) Z_LVAL_P(zend_ast_get_zval(modifier_list->child[i])));
907 if (!new_flag) {
908 return 0;
909 }
910 flags = zend_add_member_modifier(flags, new_flag, target);
911 if (!flags) {
912 return 0;
913 }
914 }
915
916 return flags;
917 }
918
zend_add_class_modifier(uint32_t flags,uint32_t new_flag)919 uint32_t zend_add_class_modifier(uint32_t flags, uint32_t new_flag) /* {{{ */
920 {
921 uint32_t new_flags = flags | new_flag;
922 if ((flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flag & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) {
923 zend_throw_exception(zend_ce_compile_error,
924 "Multiple abstract modifiers are not allowed", 0);
925 return 0;
926 }
927 if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
928 zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
929 return 0;
930 }
931 if ((flags & ZEND_ACC_READONLY_CLASS) && (new_flag & ZEND_ACC_READONLY_CLASS)) {
932 zend_throw_exception(zend_ce_compile_error, "Multiple readonly modifiers are not allowed", 0);
933 return 0;
934 }
935 if ((new_flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flags & ZEND_ACC_FINAL)) {
936 zend_throw_exception(zend_ce_compile_error,
937 "Cannot use the final modifier on an abstract class", 0);
938 return 0;
939 }
940 return new_flags;
941 }
942 /* }}} */
943
zend_add_anonymous_class_modifier(uint32_t flags,uint32_t new_flag)944 uint32_t zend_add_anonymous_class_modifier(uint32_t flags, uint32_t new_flag)
945 {
946 uint32_t new_flags = flags | new_flag;
947 if (new_flag & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) {
948 zend_throw_exception(zend_ce_compile_error,
949 "Cannot use the abstract modifier on an anonymous class", 0);
950 return 0;
951 }
952 if (new_flag & ZEND_ACC_FINAL) {
953 zend_throw_exception(zend_ce_compile_error, "Cannot use the final modifier on an anonymous class", 0);
954 return 0;
955 }
956 if ((flags & ZEND_ACC_READONLY_CLASS) && (new_flag & ZEND_ACC_READONLY_CLASS)) {
957 zend_throw_exception(zend_ce_compile_error, "Multiple readonly modifiers are not allowed", 0);
958 return 0;
959 }
960 return new_flags;
961 }
962
zend_add_member_modifier(uint32_t flags,uint32_t new_flag,zend_modifier_target target)963 uint32_t zend_add_member_modifier(uint32_t flags, uint32_t new_flag, zend_modifier_target target) /* {{{ */
964 {
965 uint32_t new_flags = flags | new_flag;
966 if ((flags & ZEND_ACC_PPP_MASK) && (new_flag & ZEND_ACC_PPP_MASK)) {
967 zend_throw_exception(zend_ce_compile_error,
968 "Multiple access type modifiers are not allowed", 0);
969 return 0;
970 }
971 if ((flags & ZEND_ACC_ABSTRACT) && (new_flag & ZEND_ACC_ABSTRACT)) {
972 zend_throw_exception(zend_ce_compile_error, "Multiple abstract modifiers are not allowed", 0);
973 return 0;
974 }
975 if ((flags & ZEND_ACC_STATIC) && (new_flag & ZEND_ACC_STATIC)) {
976 zend_throw_exception(zend_ce_compile_error, "Multiple static modifiers are not allowed", 0);
977 return 0;
978 }
979 if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
980 zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
981 return 0;
982 }
983 if ((flags & ZEND_ACC_READONLY) && (new_flag & ZEND_ACC_READONLY)) {
984 zend_throw_exception(zend_ce_compile_error,
985 "Multiple readonly modifiers are not allowed", 0);
986 return 0;
987 }
988 if (target == ZEND_MODIFIER_TARGET_METHOD && (new_flags & ZEND_ACC_ABSTRACT) && (new_flags & ZEND_ACC_FINAL)) {
989 zend_throw_exception(zend_ce_compile_error,
990 "Cannot use the final modifier on an abstract method", 0);
991 return 0;
992 }
993 return new_flags;
994 }
995 /* }}} */
996
zend_create_member_string(zend_string * class_name,zend_string * member_name)997 ZEND_API zend_string *zend_create_member_string(zend_string *class_name, zend_string *member_name) {
998 return zend_string_concat3(
999 ZSTR_VAL(class_name), ZSTR_LEN(class_name),
1000 "::", sizeof("::") - 1,
1001 ZSTR_VAL(member_name), ZSTR_LEN(member_name));
1002 }
1003
zend_concat_names(char * name1,size_t name1_len,char * name2,size_t name2_len)1004 static zend_string *zend_concat_names(char *name1, size_t name1_len, char *name2, size_t name2_len) {
1005 return zend_string_concat3(name1, name1_len, "\\", 1, name2, name2_len);
1006 }
1007
zend_prefix_with_ns(zend_string * name)1008 static zend_string *zend_prefix_with_ns(zend_string *name) {
1009 if (FC(current_namespace)) {
1010 zend_string *ns = FC(current_namespace);
1011 return zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
1012 } else {
1013 return zend_string_copy(name);
1014 }
1015 }
1016
zend_resolve_non_class_name(zend_string * name,uint32_t type,bool * is_fully_qualified,bool case_sensitive,HashTable * current_import_sub)1017 static zend_string *zend_resolve_non_class_name(
1018 zend_string *name, uint32_t type, bool *is_fully_qualified,
1019 bool case_sensitive, HashTable *current_import_sub
1020 ) {
1021 char *compound;
1022 *is_fully_qualified = 0;
1023
1024 if (ZSTR_VAL(name)[0] == '\\') {
1025 /* Remove \ prefix (only relevant if this is a string rather than a label) */
1026 *is_fully_qualified = 1;
1027 return zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
1028 }
1029
1030 if (type == ZEND_NAME_FQ) {
1031 *is_fully_qualified = 1;
1032 return zend_string_copy(name);
1033 }
1034
1035 if (type == ZEND_NAME_RELATIVE) {
1036 *is_fully_qualified = 1;
1037 return zend_prefix_with_ns(name);
1038 }
1039
1040 if (current_import_sub) {
1041 /* If an unqualified name is a function/const alias, replace it. */
1042 zend_string *import_name;
1043 if (case_sensitive) {
1044 import_name = zend_hash_find_ptr(current_import_sub, name);
1045 } else {
1046 import_name = zend_hash_find_ptr_lc(current_import_sub, name);
1047 }
1048
1049 if (import_name) {
1050 *is_fully_qualified = 1;
1051 return zend_string_copy(import_name);
1052 }
1053 }
1054
1055 compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
1056 if (compound) {
1057 *is_fully_qualified = 1;
1058 }
1059
1060 if (compound && FC(imports)) {
1061 /* If the first part of a qualified name is an alias, substitute it. */
1062 size_t len = compound - ZSTR_VAL(name);
1063 zend_string *import_name = zend_hash_str_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
1064
1065 if (import_name) {
1066 return zend_concat_names(
1067 ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
1068 }
1069 }
1070
1071 return zend_prefix_with_ns(name);
1072 }
1073 /* }}} */
1074
zend_resolve_function_name(zend_string * name,uint32_t type,bool * is_fully_qualified)1075 static zend_string *zend_resolve_function_name(zend_string *name, uint32_t type, bool *is_fully_qualified)
1076 {
1077 return zend_resolve_non_class_name(
1078 name, type, is_fully_qualified, 0, FC(imports_function));
1079 }
1080
zend_resolve_const_name(zend_string * name,uint32_t type,bool * is_fully_qualified)1081 static zend_string *zend_resolve_const_name(zend_string *name, uint32_t type, bool *is_fully_qualified)
1082 {
1083 return zend_resolve_non_class_name(
1084 name, type, is_fully_qualified, 1, FC(imports_const));
1085 }
1086
zend_resolve_class_name(zend_string * name,uint32_t type)1087 static zend_string *zend_resolve_class_name(zend_string *name, uint32_t type) /* {{{ */
1088 {
1089 char *compound;
1090
1091 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type(name)) {
1092 if (type == ZEND_NAME_FQ) {
1093 zend_error_noreturn(E_COMPILE_ERROR,
1094 "'\\%s' is an invalid class name", ZSTR_VAL(name));
1095 }
1096 if (type == ZEND_NAME_RELATIVE) {
1097 zend_error_noreturn(E_COMPILE_ERROR,
1098 "'namespace\\%s' is an invalid class name", ZSTR_VAL(name));
1099 }
1100 ZEND_ASSERT(type == ZEND_NAME_NOT_FQ);
1101 return zend_string_copy(name);
1102 }
1103
1104 if (type == ZEND_NAME_RELATIVE) {
1105 return zend_prefix_with_ns(name);
1106 }
1107
1108 if (type == ZEND_NAME_FQ) {
1109 if (ZSTR_VAL(name)[0] == '\\') {
1110 /* Remove \ prefix (only relevant if this is a string rather than a label) */
1111 name = zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
1112 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type(name)) {
1113 zend_error_noreturn(E_COMPILE_ERROR,
1114 "'\\%s' is an invalid class name", ZSTR_VAL(name));
1115 }
1116 return name;
1117 }
1118
1119 return zend_string_copy(name);
1120 }
1121
1122 if (FC(imports)) {
1123 compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
1124 if (compound) {
1125 /* If the first part of a qualified name is an alias, substitute it. */
1126 size_t len = compound - ZSTR_VAL(name);
1127 zend_string *import_name =
1128 zend_hash_str_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
1129
1130 if (import_name) {
1131 return zend_concat_names(
1132 ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
1133 }
1134 } else {
1135 /* If an unqualified name is an alias, replace it. */
1136 zend_string *import_name
1137 = zend_hash_find_ptr_lc(FC(imports), name);
1138
1139 if (import_name) {
1140 return zend_string_copy(import_name);
1141 }
1142 }
1143 }
1144
1145 /* If not fully qualified and not an alias, prepend the current namespace */
1146 return zend_prefix_with_ns(name);
1147 }
1148 /* }}} */
1149
zend_resolve_class_name_ast(zend_ast * ast)1150 zend_string *zend_resolve_class_name_ast(zend_ast *ast) /* {{{ */
1151 {
1152 zval *class_name = zend_ast_get_zval(ast);
1153 if (Z_TYPE_P(class_name) != IS_STRING) {
1154 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
1155 }
1156 return zend_resolve_class_name(Z_STR_P(class_name), ast->attr);
1157 }
1158 /* }}} */
1159
label_ptr_dtor(zval * zv)1160 static void label_ptr_dtor(zval *zv) /* {{{ */
1161 {
1162 efree_size(Z_PTR_P(zv), sizeof(zend_label));
1163 }
1164 /* }}} */
1165
str_dtor(zval * zv)1166 static void str_dtor(zval *zv) /* {{{ */ {
1167 zend_string_release_ex(Z_STR_P(zv), 0);
1168 }
1169 /* }}} */
1170
1171 static bool zend_is_call(zend_ast *ast);
1172
zend_add_try_element(uint32_t try_op)1173 static uint32_t zend_add_try_element(uint32_t try_op) /* {{{ */
1174 {
1175 zend_op_array *op_array = CG(active_op_array);
1176 uint32_t try_catch_offset = op_array->last_try_catch++;
1177 zend_try_catch_element *elem;
1178
1179 op_array->try_catch_array = safe_erealloc(
1180 op_array->try_catch_array, sizeof(zend_try_catch_element), op_array->last_try_catch, 0);
1181
1182 elem = &op_array->try_catch_array[try_catch_offset];
1183 elem->try_op = try_op;
1184 elem->catch_op = 0;
1185 elem->finally_op = 0;
1186 elem->finally_end = 0;
1187
1188 return try_catch_offset;
1189 }
1190 /* }}} */
1191
function_add_ref(zend_function * function)1192 ZEND_API void function_add_ref(zend_function *function) /* {{{ */
1193 {
1194 if (function->type == ZEND_USER_FUNCTION) {
1195 zend_op_array *op_array = &function->op_array;
1196 if (op_array->refcount) {
1197 (*op_array->refcount)++;
1198 }
1199
1200 ZEND_MAP_PTR_INIT(op_array->run_time_cache, NULL);
1201 ZEND_MAP_PTR_INIT(op_array->static_variables_ptr, NULL);
1202 }
1203
1204 if (function->common.function_name) {
1205 zend_string_addref(function->common.function_name);
1206 }
1207 }
1208 /* }}} */
1209
do_bind_function_error(zend_string * lcname,zend_op_array * op_array,bool compile_time)1210 static zend_never_inline ZEND_COLD ZEND_NORETURN void do_bind_function_error(zend_string *lcname, zend_op_array *op_array, bool compile_time) /* {{{ */
1211 {
1212 zval *zv = zend_hash_find_known_hash(compile_time ? CG(function_table) : EG(function_table), lcname);
1213 int error_level = compile_time ? E_COMPILE_ERROR : E_ERROR;
1214 zend_function *old_function;
1215
1216 ZEND_ASSERT(zv != NULL);
1217 old_function = (zend_function*)Z_PTR_P(zv);
1218 if (old_function->type == ZEND_USER_FUNCTION
1219 && old_function->op_array.last > 0) {
1220 zend_error_noreturn(error_level, "Cannot redeclare %s() (previously declared in %s:%d)",
1221 op_array ? ZSTR_VAL(op_array->function_name) : ZSTR_VAL(old_function->common.function_name),
1222 ZSTR_VAL(old_function->op_array.filename),
1223 old_function->op_array.opcodes[0].lineno);
1224 } else {
1225 zend_error_noreturn(error_level, "Cannot redeclare %s()",
1226 op_array ? ZSTR_VAL(op_array->function_name) : ZSTR_VAL(old_function->common.function_name));
1227 }
1228 }
1229
do_bind_function(zend_function * func,zval * lcname)1230 ZEND_API zend_result do_bind_function(zend_function *func, zval *lcname) /* {{{ */
1231 {
1232 zend_function *added_func = zend_hash_add_ptr(EG(function_table), Z_STR_P(lcname), func);
1233 if (UNEXPECTED(!added_func)) {
1234 do_bind_function_error(Z_STR_P(lcname), &func->op_array, 0);
1235 return FAILURE;
1236 }
1237
1238 if (func->op_array.refcount) {
1239 ++*func->op_array.refcount;
1240 }
1241 if (func->common.function_name) {
1242 zend_string_addref(func->common.function_name);
1243 }
1244 zend_observer_function_declared_notify(&func->op_array, Z_STR_P(lcname));
1245 return SUCCESS;
1246 }
1247 /* }}} */
1248
zend_bind_class_in_slot(zval * class_table_slot,zval * lcname,zend_string * lc_parent_name)1249 ZEND_API zend_class_entry *zend_bind_class_in_slot(
1250 zval *class_table_slot, zval *lcname, zend_string *lc_parent_name)
1251 {
1252 zend_class_entry *ce = Z_PTR_P(class_table_slot);
1253 bool is_preloaded =
1254 (ce->ce_flags & ZEND_ACC_PRELOADED) && !(CG(compiler_options) & ZEND_COMPILE_PRELOAD);
1255 bool success;
1256 if (EXPECTED(!is_preloaded)) {
1257 success = zend_hash_set_bucket_key(EG(class_table), (Bucket*) class_table_slot, Z_STR_P(lcname)) != NULL;
1258 } else {
1259 /* If preloading is used, don't replace the existing bucket, add a new one. */
1260 success = zend_hash_add_ptr(EG(class_table), Z_STR_P(lcname), ce) != NULL;
1261 }
1262 if (UNEXPECTED(!success)) {
1263 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1264 return NULL;
1265 }
1266
1267 if (ce->ce_flags & ZEND_ACC_LINKED) {
1268 zend_observer_class_linked_notify(ce, Z_STR_P(lcname));
1269 return ce;
1270 }
1271
1272 ce = zend_do_link_class(ce, lc_parent_name, Z_STR_P(lcname));
1273 if (ce) {
1274 ZEND_ASSERT(!EG(exception));
1275 zend_observer_class_linked_notify(ce, Z_STR_P(lcname));
1276 return ce;
1277 }
1278
1279 if (!is_preloaded) {
1280 /* Reload bucket pointer, the hash table may have been reallocated */
1281 zval *zv = zend_hash_find(EG(class_table), Z_STR_P(lcname));
1282 zend_hash_set_bucket_key(EG(class_table), (Bucket *) zv, Z_STR_P(lcname + 1));
1283 } else {
1284 zend_hash_del(EG(class_table), Z_STR_P(lcname));
1285 }
1286 return NULL;
1287 }
1288
do_bind_class(zval * lcname,zend_string * lc_parent_name)1289 ZEND_API zend_result do_bind_class(zval *lcname, zend_string *lc_parent_name) /* {{{ */
1290 {
1291 zend_class_entry *ce;
1292 zval *rtd_key, *zv;
1293
1294 rtd_key = lcname + 1;
1295
1296 zv = zend_hash_find_known_hash(EG(class_table), Z_STR_P(rtd_key));
1297
1298 if (UNEXPECTED(!zv)) {
1299 ce = zend_hash_find_ptr(EG(class_table), Z_STR_P(lcname));
1300 ZEND_ASSERT(ce);
1301 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1302 return FAILURE;
1303 }
1304
1305 /* Register the derived class */
1306 return zend_bind_class_in_slot(zv, lcname, lc_parent_name) ? SUCCESS : FAILURE;
1307 }
1308 /* }}} */
1309
add_type_string(zend_string * type,zend_string * new_type,bool is_intersection)1310 static zend_string *add_type_string(zend_string *type, zend_string *new_type, bool is_intersection) {
1311 zend_string *result;
1312 if (type == NULL) {
1313 return zend_string_copy(new_type);
1314 }
1315
1316 if (is_intersection) {
1317 result = zend_string_concat3(ZSTR_VAL(type), ZSTR_LEN(type),
1318 "&", 1, ZSTR_VAL(new_type), ZSTR_LEN(new_type));
1319 zend_string_release(type);
1320 } else {
1321 result = zend_string_concat3(
1322 ZSTR_VAL(type), ZSTR_LEN(type), "|", 1, ZSTR_VAL(new_type), ZSTR_LEN(new_type));
1323 zend_string_release(type);
1324 }
1325 return result;
1326 }
1327
resolve_class_name(zend_string * name,zend_class_entry * scope)1328 static zend_string *resolve_class_name(zend_string *name, zend_class_entry *scope) {
1329 if (scope) {
1330 if (zend_string_equals_literal_ci(name, "self")) {
1331 name = scope->name;
1332 } else if (zend_string_equals_literal_ci(name, "parent") && scope->parent) {
1333 name = scope->parent->name;
1334 }
1335 }
1336
1337 /* The resolved name for anonymous classes contains null bytes. Cut off everything after the
1338 * null byte here, to avoid larger parts of the type being omitted by printing code later. */
1339 size_t len = strlen(ZSTR_VAL(name));
1340 if (len != ZSTR_LEN(name)) {
1341 ZEND_ASSERT(scope && "This should only happen with resolved types");
1342 return zend_string_init(ZSTR_VAL(name), len, 0);
1343 }
1344 return zend_string_copy(name);
1345 }
1346
add_intersection_type(zend_string * str,zend_type_list * intersection_type_list,zend_class_entry * scope,bool is_bracketed)1347 static zend_string *add_intersection_type(zend_string *str,
1348 zend_type_list *intersection_type_list, zend_class_entry *scope,
1349 bool is_bracketed)
1350 {
1351 zend_type *single_type;
1352 zend_string *intersection_str = NULL;
1353
1354 ZEND_TYPE_LIST_FOREACH(intersection_type_list, single_type) {
1355 ZEND_ASSERT(!ZEND_TYPE_HAS_LIST(*single_type));
1356 ZEND_ASSERT(ZEND_TYPE_HAS_NAME(*single_type));
1357 zend_string *name = ZEND_TYPE_NAME(*single_type);
1358 zend_string *resolved = resolve_class_name(name, scope);
1359 intersection_str = add_type_string(intersection_str, resolved, /* is_intersection */ true);
1360 zend_string_release(resolved);
1361 } ZEND_TYPE_LIST_FOREACH_END();
1362
1363 ZEND_ASSERT(intersection_str);
1364
1365 if (is_bracketed) {
1366 zend_string *result = zend_string_concat3("(", 1, ZSTR_VAL(intersection_str), ZSTR_LEN(intersection_str), ")", 1);
1367 zend_string_release(intersection_str);
1368 intersection_str = result;
1369 }
1370 str = add_type_string(str, intersection_str, /* is_intersection */ false);
1371 zend_string_release(intersection_str);
1372 return str;
1373 }
1374
zend_type_to_string_resolved(zend_type type,zend_class_entry * scope)1375 zend_string *zend_type_to_string_resolved(zend_type type, zend_class_entry *scope) {
1376 zend_string *str = NULL;
1377
1378 /* Pure intersection type */
1379 if (ZEND_TYPE_IS_INTERSECTION(type)) {
1380 ZEND_ASSERT(!ZEND_TYPE_IS_UNION(type));
1381 str = add_intersection_type(str, ZEND_TYPE_LIST(type), scope, /* is_bracketed */ false);
1382 } else if (ZEND_TYPE_HAS_LIST(type)) {
1383 /* A union type might not be a list */
1384 zend_type *list_type;
1385 ZEND_TYPE_LIST_FOREACH(ZEND_TYPE_LIST(type), list_type) {
1386 if (ZEND_TYPE_IS_INTERSECTION(*list_type)) {
1387 str = add_intersection_type(str, ZEND_TYPE_LIST(*list_type), scope, /* is_bracketed */ true);
1388 continue;
1389 }
1390 ZEND_ASSERT(!ZEND_TYPE_HAS_LIST(*list_type));
1391 ZEND_ASSERT(ZEND_TYPE_HAS_NAME(*list_type));
1392 zend_string *name = ZEND_TYPE_NAME(*list_type);
1393 zend_string *resolved = resolve_class_name(name, scope);
1394 str = add_type_string(str, resolved, /* is_intersection */ false);
1395 zend_string_release(resolved);
1396 } ZEND_TYPE_LIST_FOREACH_END();
1397 } else if (ZEND_TYPE_HAS_NAME(type)) {
1398 str = resolve_class_name(ZEND_TYPE_NAME(type), scope);
1399 }
1400
1401 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
1402
1403 if (type_mask == MAY_BE_ANY) {
1404 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_MIXED), /* is_intersection */ false);
1405
1406 return str;
1407 }
1408 if (type_mask & MAY_BE_STATIC) {
1409 zend_string *name = ZSTR_KNOWN(ZEND_STR_STATIC);
1410 // During compilation of eval'd code the called scope refers to the scope calling the eval
1411 if (scope && !zend_is_compiling()) {
1412 zend_class_entry *called_scope = zend_get_called_scope(EG(current_execute_data));
1413 if (called_scope) {
1414 name = called_scope->name;
1415 }
1416 }
1417 str = add_type_string(str, name, /* is_intersection */ false);
1418 }
1419 if (type_mask & MAY_BE_CALLABLE) {
1420 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_CALLABLE), /* is_intersection */ false);
1421 }
1422 if (type_mask & MAY_BE_OBJECT) {
1423 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_OBJECT), /* is_intersection */ false);
1424 }
1425 if (type_mask & MAY_BE_ARRAY) {
1426 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_ARRAY), /* is_intersection */ false);
1427 }
1428 if (type_mask & MAY_BE_STRING) {
1429 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_STRING), /* is_intersection */ false);
1430 }
1431 if (type_mask & MAY_BE_LONG) {
1432 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_INT), /* is_intersection */ false);
1433 }
1434 if (type_mask & MAY_BE_DOUBLE) {
1435 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_FLOAT), /* is_intersection */ false);
1436 }
1437 if ((type_mask & MAY_BE_BOOL) == MAY_BE_BOOL) {
1438 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_BOOL), /* is_intersection */ false);
1439 } else if (type_mask & MAY_BE_FALSE) {
1440 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_FALSE), /* is_intersection */ false);
1441 } else if (type_mask & MAY_BE_TRUE) {
1442 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_TRUE), /* is_intersection */ false);
1443 }
1444 if (type_mask & MAY_BE_VOID) {
1445 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_VOID), /* is_intersection */ false);
1446 }
1447 if (type_mask & MAY_BE_NEVER) {
1448 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_NEVER), /* is_intersection */ false);
1449 }
1450
1451 if (type_mask & MAY_BE_NULL) {
1452 bool is_union = !str || memchr(ZSTR_VAL(str), '|', ZSTR_LEN(str)) != NULL;
1453 bool has_intersection = !str || memchr(ZSTR_VAL(str), '&', ZSTR_LEN(str)) != NULL;
1454 if (!is_union && !has_intersection) {
1455 zend_string *nullable_str = zend_string_concat2("?", 1, ZSTR_VAL(str), ZSTR_LEN(str));
1456 zend_string_release(str);
1457 return nullable_str;
1458 }
1459
1460 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_NULL_LOWERCASE), /* is_intersection */ false);
1461 }
1462 return str;
1463 }
1464
zend_type_to_string(zend_type type)1465 ZEND_API zend_string *zend_type_to_string(zend_type type) {
1466 return zend_type_to_string_resolved(type, NULL);
1467 }
1468
is_generator_compatible_class_type(zend_string * name)1469 static bool is_generator_compatible_class_type(zend_string *name) {
1470 return zend_string_equals_ci(name, ZSTR_KNOWN(ZEND_STR_TRAVERSABLE))
1471 || zend_string_equals_literal_ci(name, "Iterator")
1472 || zend_string_equals_literal_ci(name, "Generator");
1473 }
1474
zend_mark_function_as_generator(void)1475 static void zend_mark_function_as_generator(void) /* {{{ */
1476 {
1477 if (!CG(active_op_array)->function_name) {
1478 zend_error_noreturn(E_COMPILE_ERROR,
1479 "The \"yield\" expression can only be used inside a function");
1480 }
1481
1482 if (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
1483 zend_type return_type = CG(active_op_array)->arg_info[-1].type;
1484 bool valid_type = (ZEND_TYPE_FULL_MASK(return_type) & MAY_BE_OBJECT) != 0;
1485 if (!valid_type) {
1486 zend_type *single_type;
1487 ZEND_TYPE_FOREACH(return_type, single_type) {
1488 if (ZEND_TYPE_HAS_NAME(*single_type)
1489 && is_generator_compatible_class_type(ZEND_TYPE_NAME(*single_type))) {
1490 valid_type = 1;
1491 break;
1492 }
1493 } ZEND_TYPE_FOREACH_END();
1494 }
1495
1496 if (!valid_type) {
1497 zend_string *str = zend_type_to_string(return_type);
1498 zend_error_noreturn(E_COMPILE_ERROR,
1499 "Generator return type must be a supertype of Generator, %s given",
1500 ZSTR_VAL(str));
1501 }
1502 }
1503
1504 CG(active_op_array)->fn_flags |= ZEND_ACC_GENERATOR;
1505 }
1506 /* }}} */
1507
zend_mangle_property_name(const char * src1,size_t src1_length,const char * src2,size_t src2_length,bool internal)1508 ZEND_API zend_string *zend_mangle_property_name(const char *src1, size_t src1_length, const char *src2, size_t src2_length, bool internal) /* {{{ */
1509 {
1510 size_t prop_name_length = 1 + src1_length + 1 + src2_length;
1511 zend_string *prop_name = zend_string_alloc(prop_name_length, internal);
1512
1513 ZSTR_VAL(prop_name)[0] = '\0';
1514 memcpy(ZSTR_VAL(prop_name) + 1, src1, src1_length+1);
1515 memcpy(ZSTR_VAL(prop_name) + 1 + src1_length + 1, src2, src2_length+1);
1516 return prop_name;
1517 }
1518 /* }}} */
1519
zend_unmangle_property_name_ex(const zend_string * name,const char ** class_name,const char ** prop_name,size_t * prop_len)1520 ZEND_API zend_result zend_unmangle_property_name_ex(const zend_string *name, const char **class_name, const char **prop_name, size_t *prop_len) /* {{{ */
1521 {
1522 size_t class_name_len;
1523 size_t anonclass_src_len;
1524
1525 *class_name = NULL;
1526
1527 if (!ZSTR_LEN(name) || ZSTR_VAL(name)[0] != '\0') {
1528 *prop_name = ZSTR_VAL(name);
1529 if (prop_len) {
1530 *prop_len = ZSTR_LEN(name);
1531 }
1532 return SUCCESS;
1533 }
1534 if (ZSTR_LEN(name) < 3 || ZSTR_VAL(name)[1] == '\0') {
1535 zend_error(E_NOTICE, "Illegal member variable name");
1536 *prop_name = ZSTR_VAL(name);
1537 if (prop_len) {
1538 *prop_len = ZSTR_LEN(name);
1539 }
1540 return FAILURE;
1541 }
1542
1543 class_name_len = zend_strnlen(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 2);
1544 if (class_name_len >= ZSTR_LEN(name) - 2 || ZSTR_VAL(name)[class_name_len + 1] != '\0') {
1545 zend_error(E_NOTICE, "Corrupt member variable name");
1546 *prop_name = ZSTR_VAL(name);
1547 if (prop_len) {
1548 *prop_len = ZSTR_LEN(name);
1549 }
1550 return FAILURE;
1551 }
1552
1553 *class_name = ZSTR_VAL(name) + 1;
1554 anonclass_src_len = zend_strnlen(*class_name + class_name_len + 1, ZSTR_LEN(name) - class_name_len - 2);
1555 if (class_name_len + anonclass_src_len + 2 != ZSTR_LEN(name)) {
1556 class_name_len += anonclass_src_len + 1;
1557 }
1558 *prop_name = ZSTR_VAL(name) + class_name_len + 2;
1559 if (prop_len) {
1560 *prop_len = ZSTR_LEN(name) - class_name_len - 2;
1561 }
1562 return SUCCESS;
1563 }
1564 /* }}} */
1565
array_is_const_ex(zend_array * array,uint32_t * max_checks)1566 static bool array_is_const_ex(zend_array *array, uint32_t *max_checks)
1567 {
1568 if (zend_hash_num_elements(array) > *max_checks) {
1569 return false;
1570 }
1571 *max_checks -= zend_hash_num_elements(array);
1572
1573 zval *element;
1574 ZEND_HASH_FOREACH_VAL(array, element) {
1575 if (Z_TYPE_P(element) < IS_ARRAY) {
1576 continue;
1577 } else if (Z_TYPE_P(element) == IS_ARRAY) {
1578 if (!array_is_const_ex(array, max_checks)) {
1579 return false;
1580 }
1581 } else {
1582 return false;
1583 }
1584 } ZEND_HASH_FOREACH_END();
1585
1586 return true;
1587 }
1588
array_is_const(zend_array * array)1589 static bool array_is_const(zend_array *array)
1590 {
1591 uint32_t max_checks = 50;
1592 return array_is_const_ex(array, &max_checks);
1593 }
1594
can_ct_eval_const(zend_constant * c)1595 static bool can_ct_eval_const(zend_constant *c) {
1596 if (ZEND_CONSTANT_FLAGS(c) & CONST_DEPRECATED) {
1597 return 0;
1598 }
1599 if ((ZEND_CONSTANT_FLAGS(c) & CONST_PERSISTENT)
1600 && !(CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION)
1601 && !((ZEND_CONSTANT_FLAGS(c) & CONST_NO_FILE_CACHE)
1602 && (CG(compiler_options) & ZEND_COMPILE_WITH_FILE_CACHE))) {
1603 return 1;
1604 }
1605 if (Z_TYPE(c->value) < IS_ARRAY
1606 && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1607 return 1;
1608 } else if (Z_TYPE(c->value) == IS_ARRAY
1609 && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)
1610 && array_is_const(Z_ARR(c->value))) {
1611 return 1;
1612 }
1613 return 0;
1614 }
1615
zend_try_ct_eval_const(zval * zv,zend_string * name,bool is_fully_qualified)1616 static bool zend_try_ct_eval_const(zval *zv, zend_string *name, bool is_fully_qualified) /* {{{ */
1617 {
1618 /* Substitute true, false and null (including unqualified usage in namespaces)
1619 * before looking up the possibly namespaced name. */
1620 const char *lookup_name = ZSTR_VAL(name);
1621 size_t lookup_len = ZSTR_LEN(name);
1622
1623 if (!is_fully_qualified) {
1624 zend_get_unqualified_name(name, &lookup_name, &lookup_len);
1625 }
1626
1627 zend_constant *c;
1628 if ((c = zend_get_special_const(lookup_name, lookup_len))) {
1629 ZVAL_COPY_VALUE(zv, &c->value);
1630 return 1;
1631 }
1632 c = zend_hash_find_ptr(EG(zend_constants), name);
1633 if (c && can_ct_eval_const(c)) {
1634 ZVAL_COPY_OR_DUP(zv, &c->value);
1635 return 1;
1636 }
1637 return 0;
1638 }
1639 /* }}} */
1640
zend_is_scope_known(void)1641 static inline bool zend_is_scope_known(void) /* {{{ */
1642 {
1643 if (!CG(active_op_array)) {
1644 /* This can only happen when evaluating a default value string. */
1645 return 0;
1646 }
1647
1648 if (CG(active_op_array)->fn_flags & ZEND_ACC_CLOSURE) {
1649 /* Closures can be rebound to a different scope */
1650 return 0;
1651 }
1652
1653 if (!CG(active_class_entry)) {
1654 /* The scope is known if we're in a free function (no scope), but not if we're in
1655 * a file/eval (which inherits including/eval'ing scope). */
1656 return CG(active_op_array)->function_name != NULL;
1657 }
1658
1659 /* For traits self etc refers to the using class, not the trait itself */
1660 return (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) == 0;
1661 }
1662 /* }}} */
1663
class_name_refers_to_active_ce(zend_string * class_name,uint32_t fetch_type)1664 static inline bool class_name_refers_to_active_ce(zend_string *class_name, uint32_t fetch_type) /* {{{ */
1665 {
1666 if (!CG(active_class_entry)) {
1667 return 0;
1668 }
1669 if (fetch_type == ZEND_FETCH_CLASS_SELF && zend_is_scope_known()) {
1670 return 1;
1671 }
1672 return fetch_type == ZEND_FETCH_CLASS_DEFAULT
1673 && zend_string_equals_ci(class_name, CG(active_class_entry)->name);
1674 }
1675 /* }}} */
1676
zend_get_class_fetch_type(const zend_string * name)1677 uint32_t zend_get_class_fetch_type(const zend_string *name) /* {{{ */
1678 {
1679 if (zend_string_equals_literal_ci(name, "self")) {
1680 return ZEND_FETCH_CLASS_SELF;
1681 } else if (zend_string_equals_literal_ci(name, "parent")) {
1682 return ZEND_FETCH_CLASS_PARENT;
1683 } else if (zend_string_equals_ci(name, ZSTR_KNOWN(ZEND_STR_STATIC))) {
1684 return ZEND_FETCH_CLASS_STATIC;
1685 } else {
1686 return ZEND_FETCH_CLASS_DEFAULT;
1687 }
1688 }
1689 /* }}} */
1690
zend_get_class_fetch_type_ast(zend_ast * name_ast)1691 static uint32_t zend_get_class_fetch_type_ast(zend_ast *name_ast) /* {{{ */
1692 {
1693 /* Fully qualified names are always default refs */
1694 if (name_ast->attr == ZEND_NAME_FQ) {
1695 return ZEND_FETCH_CLASS_DEFAULT;
1696 }
1697
1698 return zend_get_class_fetch_type(zend_ast_get_str(name_ast));
1699 }
1700 /* }}} */
1701
zend_resolve_const_class_name_reference(zend_ast * ast,const char * type)1702 static zend_string *zend_resolve_const_class_name_reference(zend_ast *ast, const char *type)
1703 {
1704 zend_string *class_name = zend_ast_get_str(ast);
1705 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type_ast(ast)) {
1706 zend_error_noreturn(E_COMPILE_ERROR,
1707 "Cannot use '%s' as %s, as it is reserved",
1708 ZSTR_VAL(class_name), type);
1709 }
1710 return zend_resolve_class_name(class_name, ast->attr);
1711 }
1712
zend_ensure_valid_class_fetch_type(uint32_t fetch_type)1713 static void zend_ensure_valid_class_fetch_type(uint32_t fetch_type) /* {{{ */
1714 {
1715 if (fetch_type != ZEND_FETCH_CLASS_DEFAULT && zend_is_scope_known()) {
1716 zend_class_entry *ce = CG(active_class_entry);
1717 if (!ce) {
1718 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"%s\" when no class scope is active",
1719 fetch_type == ZEND_FETCH_CLASS_SELF ? "self" :
1720 fetch_type == ZEND_FETCH_CLASS_PARENT ? "parent" : "static");
1721 } else if (fetch_type == ZEND_FETCH_CLASS_PARENT && !ce->parent_name) {
1722 zend_error_noreturn(E_COMPILE_ERROR,
1723 "Cannot use \"parent\" when current class scope has no parent");
1724 }
1725 }
1726 }
1727 /* }}} */
1728
zend_try_compile_const_expr_resolve_class_name(zval * zv,zend_ast * class_ast)1729 static bool zend_try_compile_const_expr_resolve_class_name(zval *zv, zend_ast *class_ast) /* {{{ */
1730 {
1731 uint32_t fetch_type;
1732 zval *class_name;
1733
1734 if (class_ast->kind != ZEND_AST_ZVAL) {
1735 return 0;
1736 }
1737
1738 class_name = zend_ast_get_zval(class_ast);
1739
1740 if (Z_TYPE_P(class_name) != IS_STRING) {
1741 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
1742 }
1743
1744 fetch_type = zend_get_class_fetch_type(Z_STR_P(class_name));
1745 zend_ensure_valid_class_fetch_type(fetch_type);
1746
1747 switch (fetch_type) {
1748 case ZEND_FETCH_CLASS_SELF:
1749 if (CG(active_class_entry) && zend_is_scope_known()) {
1750 ZVAL_STR_COPY(zv, CG(active_class_entry)->name);
1751 return 1;
1752 }
1753 return 0;
1754 case ZEND_FETCH_CLASS_PARENT:
1755 if (CG(active_class_entry) && CG(active_class_entry)->parent_name
1756 && zend_is_scope_known()) {
1757 ZVAL_STR_COPY(zv, CG(active_class_entry)->parent_name);
1758 return 1;
1759 }
1760 return 0;
1761 case ZEND_FETCH_CLASS_STATIC:
1762 return 0;
1763 case ZEND_FETCH_CLASS_DEFAULT:
1764 ZVAL_STR(zv, zend_resolve_class_name_ast(class_ast));
1765 return 1;
1766 EMPTY_SWITCH_DEFAULT_CASE()
1767 }
1768 }
1769 /* }}} */
1770
1771 /* We don't use zend_verify_const_access because we need to deal with unlinked classes. */
zend_verify_ct_const_access(zend_class_constant * c,zend_class_entry * scope)1772 static bool zend_verify_ct_const_access(zend_class_constant *c, zend_class_entry *scope)
1773 {
1774 if (ZEND_CLASS_CONST_FLAGS(c) & ZEND_ACC_DEPRECATED) {
1775 return 0;
1776 } else if (c->ce->ce_flags & ZEND_ACC_TRAIT) {
1777 /* This condition is only met on directly accessing trait constants,
1778 * because the ce is replaced to the class entry of the composing class
1779 * on binding. */
1780 return 0;
1781 } else if (ZEND_CLASS_CONST_FLAGS(c) & ZEND_ACC_PUBLIC) {
1782 return 1;
1783 } else if (ZEND_CLASS_CONST_FLAGS(c) & ZEND_ACC_PRIVATE) {
1784 return c->ce == scope;
1785 } else {
1786 zend_class_entry *ce = c->ce;
1787 while (1) {
1788 if (ce == scope) {
1789 return 1;
1790 }
1791 if (!ce->parent) {
1792 break;
1793 }
1794 if (ce->ce_flags & ZEND_ACC_RESOLVED_PARENT) {
1795 ce = ce->parent;
1796 } else {
1797 ce = zend_hash_find_ptr_lc(CG(class_table), ce->parent_name);
1798 if (!ce) {
1799 break;
1800 }
1801 }
1802 }
1803 /* Reverse case cannot be true during compilation */
1804 return 0;
1805 }
1806 }
1807
zend_try_ct_eval_class_const(zval * zv,zend_string * class_name,zend_string * name)1808 static bool zend_try_ct_eval_class_const(zval *zv, zend_string *class_name, zend_string *name) /* {{{ */
1809 {
1810 uint32_t fetch_type = zend_get_class_fetch_type(class_name);
1811 zend_class_constant *cc;
1812 zval *c;
1813
1814 if (class_name_refers_to_active_ce(class_name, fetch_type)) {
1815 cc = zend_hash_find_ptr(&CG(active_class_entry)->constants_table, name);
1816 } else if (fetch_type == ZEND_FETCH_CLASS_DEFAULT && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1817 zend_class_entry *ce = zend_hash_find_ptr_lc(CG(class_table), class_name);
1818 if (ce) {
1819 cc = zend_hash_find_ptr(&ce->constants_table, name);
1820 } else {
1821 return 0;
1822 }
1823 } else {
1824 return 0;
1825 }
1826
1827 if (CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION) {
1828 return 0;
1829 }
1830
1831 if (!cc || !zend_verify_ct_const_access(cc, CG(active_class_entry))) {
1832 return 0;
1833 }
1834
1835 c = &cc->value;
1836
1837 /* Substitute case-sensitive (or lowercase) persistent class constants */
1838 if (Z_TYPE_P(c) < IS_ARRAY) {
1839 ZVAL_COPY_OR_DUP(zv, c);
1840 return 1;
1841 } else if (Z_TYPE_P(c) == IS_ARRAY && array_is_const(Z_ARR_P(c))) {
1842 ZVAL_COPY_OR_DUP(zv, c);
1843 return 1;
1844 }
1845
1846 return 0;
1847 }
1848 /* }}} */
1849
zend_add_to_list(void * result,void * item)1850 static void zend_add_to_list(void *result, void *item) /* {{{ */
1851 {
1852 void** list = *(void**)result;
1853 size_t n = 0;
1854
1855 if (list) {
1856 while (list[n]) {
1857 n++;
1858 }
1859 }
1860
1861 list = erealloc(list, sizeof(void*) * (n+2));
1862
1863 list[n] = item;
1864 list[n+1] = NULL;
1865
1866 *(void**)result = list;
1867 }
1868 /* }}} */
1869
zend_do_extended_stmt(void)1870 static void zend_do_extended_stmt(void) /* {{{ */
1871 {
1872 zend_op *opline;
1873
1874 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_STMT)) {
1875 return;
1876 }
1877
1878 opline = get_next_op();
1879
1880 opline->opcode = ZEND_EXT_STMT;
1881 }
1882 /* }}} */
1883
zend_do_extended_fcall_begin(void)1884 static void zend_do_extended_fcall_begin(void) /* {{{ */
1885 {
1886 zend_op *opline;
1887
1888 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_FCALL)) {
1889 return;
1890 }
1891
1892 opline = get_next_op();
1893
1894 opline->opcode = ZEND_EXT_FCALL_BEGIN;
1895 }
1896 /* }}} */
1897
zend_do_extended_fcall_end(void)1898 static void zend_do_extended_fcall_end(void) /* {{{ */
1899 {
1900 zend_op *opline;
1901
1902 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_FCALL)) {
1903 return;
1904 }
1905
1906 opline = get_next_op();
1907
1908 opline->opcode = ZEND_EXT_FCALL_END;
1909 }
1910 /* }}} */
1911
zend_is_auto_global_str(const char * name,size_t len)1912 ZEND_API bool zend_is_auto_global_str(const char *name, size_t len) /* {{{ */ {
1913 zend_auto_global *auto_global;
1914
1915 if ((auto_global = zend_hash_str_find_ptr(CG(auto_globals), name, len)) != NULL) {
1916 if (auto_global->armed) {
1917 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1918 }
1919 return 1;
1920 }
1921 return 0;
1922 }
1923 /* }}} */
1924
zend_is_auto_global(zend_string * name)1925 ZEND_API bool zend_is_auto_global(zend_string *name) /* {{{ */
1926 {
1927 zend_auto_global *auto_global;
1928
1929 if ((auto_global = zend_hash_find_ptr(CG(auto_globals), name)) != NULL) {
1930 if (auto_global->armed) {
1931 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1932 }
1933 return 1;
1934 }
1935 return 0;
1936 }
1937 /* }}} */
1938
zend_register_auto_global(zend_string * name,bool jit,zend_auto_global_callback auto_global_callback)1939 ZEND_API zend_result zend_register_auto_global(zend_string *name, bool jit, zend_auto_global_callback auto_global_callback) /* {{{ */
1940 {
1941 zend_auto_global auto_global;
1942 zend_result retval;
1943
1944 auto_global.name = name;
1945 auto_global.auto_global_callback = auto_global_callback;
1946 auto_global.jit = jit;
1947
1948 retval = zend_hash_add_mem(CG(auto_globals), auto_global.name, &auto_global, sizeof(zend_auto_global)) != NULL ? SUCCESS : FAILURE;
1949
1950 return retval;
1951 }
1952 /* }}} */
1953
zend_activate_auto_globals(void)1954 ZEND_API void zend_activate_auto_globals(void) /* {{{ */
1955 {
1956 zend_auto_global *auto_global;
1957
1958 ZEND_HASH_MAP_FOREACH_PTR(CG(auto_globals), auto_global) {
1959 if (auto_global->jit) {
1960 auto_global->armed = 1;
1961 } else if (auto_global->auto_global_callback) {
1962 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1963 } else {
1964 auto_global->armed = 0;
1965 }
1966 } ZEND_HASH_FOREACH_END();
1967 }
1968 /* }}} */
1969
zendlex(zend_parser_stack_elem * elem)1970 int ZEND_FASTCALL zendlex(zend_parser_stack_elem *elem) /* {{{ */
1971 {
1972 zval zv;
1973 int ret;
1974
1975 if (CG(increment_lineno)) {
1976 CG(zend_lineno)++;
1977 CG(increment_lineno) = 0;
1978 }
1979
1980 ret = lex_scan(&zv, elem);
1981 ZEND_ASSERT(!EG(exception) || ret == T_ERROR);
1982 return ret;
1983
1984 }
1985 /* }}} */
1986
zend_initialize_class_data(zend_class_entry * ce,bool nullify_handlers)1987 ZEND_API void zend_initialize_class_data(zend_class_entry *ce, bool nullify_handlers) /* {{{ */
1988 {
1989 bool persistent_hashes = ce->type == ZEND_INTERNAL_CLASS;
1990
1991 ce->refcount = 1;
1992 ce->ce_flags = ZEND_ACC_CONSTANTS_UPDATED;
1993
1994 if (CG(compiler_options) & ZEND_COMPILE_GUARDS) {
1995 ce->ce_flags |= ZEND_ACC_USE_GUARDS;
1996 }
1997
1998 ce->default_properties_table = NULL;
1999 ce->default_static_members_table = NULL;
2000 zend_hash_init(&ce->properties_info, 8, NULL, NULL, persistent_hashes);
2001 zend_hash_init(&ce->constants_table, 8, NULL, NULL, persistent_hashes);
2002 zend_hash_init(&ce->function_table, 8, NULL, ZEND_FUNCTION_DTOR, persistent_hashes);
2003
2004 if (ce->type == ZEND_USER_CLASS) {
2005 ce->info.user.doc_comment = NULL;
2006 }
2007 ZEND_MAP_PTR_INIT(ce->static_members_table, NULL);
2008 ZEND_MAP_PTR_INIT(ce->mutable_data, NULL);
2009
2010 ce->default_object_handlers = &std_object_handlers;
2011 ce->default_properties_count = 0;
2012 ce->default_static_members_count = 0;
2013 ce->properties_info_table = NULL;
2014 ce->attributes = NULL;
2015 ce->enum_backing_type = IS_UNDEF;
2016 ce->backed_enum_table = NULL;
2017
2018 if (nullify_handlers) {
2019 ce->constructor = NULL;
2020 ce->destructor = NULL;
2021 ce->clone = NULL;
2022 ce->__get = NULL;
2023 ce->__set = NULL;
2024 ce->__unset = NULL;
2025 ce->__isset = NULL;
2026 ce->__call = NULL;
2027 ce->__callstatic = NULL;
2028 ce->__tostring = NULL;
2029 ce->__serialize = NULL;
2030 ce->__unserialize = NULL;
2031 ce->__debugInfo = NULL;
2032 ce->create_object = NULL;
2033 ce->get_iterator = NULL;
2034 ce->iterator_funcs_ptr = NULL;
2035 ce->arrayaccess_funcs_ptr = NULL;
2036 ce->get_static_method = NULL;
2037 ce->parent = NULL;
2038 ce->parent_name = NULL;
2039 ce->num_interfaces = 0;
2040 ce->interfaces = NULL;
2041 ce->num_traits = 0;
2042 ce->trait_names = NULL;
2043 ce->trait_aliases = NULL;
2044 ce->trait_precedences = NULL;
2045 ce->serialize = NULL;
2046 ce->unserialize = NULL;
2047 if (ce->type == ZEND_INTERNAL_CLASS) {
2048 ce->info.internal.module = NULL;
2049 ce->info.internal.builtin_functions = NULL;
2050 }
2051 }
2052 }
2053 /* }}} */
2054
zend_get_compiled_variable_name(const zend_op_array * op_array,uint32_t var)2055 ZEND_API zend_string *zend_get_compiled_variable_name(const zend_op_array *op_array, uint32_t var) /* {{{ */
2056 {
2057 return op_array->vars[EX_VAR_TO_NUM(var)];
2058 }
2059 /* }}} */
2060
zend_ast_append_str(zend_ast * left_ast,zend_ast * right_ast)2061 zend_ast *zend_ast_append_str(zend_ast *left_ast, zend_ast *right_ast) /* {{{ */
2062 {
2063 zval *left_zv = zend_ast_get_zval(left_ast);
2064 zend_string *left = Z_STR_P(left_zv);
2065 zend_string *right = zend_ast_get_str(right_ast);
2066
2067 zend_string *result;
2068 size_t left_len = ZSTR_LEN(left);
2069 size_t len = left_len + ZSTR_LEN(right) + 1; /* left\right */
2070
2071 result = zend_string_extend(left, len, 0);
2072 ZSTR_VAL(result)[left_len] = '\\';
2073 memcpy(&ZSTR_VAL(result)[left_len + 1], ZSTR_VAL(right), ZSTR_LEN(right));
2074 ZSTR_VAL(result)[len] = '\0';
2075 zend_string_release_ex(right, 0);
2076
2077 ZVAL_STR(left_zv, result);
2078 return left_ast;
2079 }
2080 /* }}} */
2081
zend_negate_num_string(zend_ast * ast)2082 zend_ast *zend_negate_num_string(zend_ast *ast) /* {{{ */
2083 {
2084 zval *zv = zend_ast_get_zval(ast);
2085 if (Z_TYPE_P(zv) == IS_LONG) {
2086 if (Z_LVAL_P(zv) == 0) {
2087 ZVAL_NEW_STR(zv, ZSTR_INIT_LITERAL("-0", 0));
2088 } else {
2089 ZEND_ASSERT(Z_LVAL_P(zv) > 0);
2090 Z_LVAL_P(zv) *= -1;
2091 }
2092 } else if (Z_TYPE_P(zv) == IS_STRING) {
2093 size_t orig_len = Z_STRLEN_P(zv);
2094 Z_STR_P(zv) = zend_string_extend(Z_STR_P(zv), orig_len + 1, 0);
2095 memmove(Z_STRVAL_P(zv) + 1, Z_STRVAL_P(zv), orig_len + 1);
2096 Z_STRVAL_P(zv)[0] = '-';
2097 } else {
2098 ZEND_UNREACHABLE();
2099 }
2100 return ast;
2101 }
2102 /* }}} */
2103
zend_verify_namespace(void)2104 static void zend_verify_namespace(void) /* {{{ */
2105 {
2106 if (FC(has_bracketed_namespaces) && !FC(in_namespace)) {
2107 zend_error_noreturn(E_COMPILE_ERROR, "No code may exist outside of namespace {}");
2108 }
2109 }
2110 /* }}} */
2111
2112 /* {{{ zend_dirname
2113 Returns directory name component of path */
zend_dirname(char * path,size_t len)2114 ZEND_API size_t zend_dirname(char *path, size_t len)
2115 {
2116 char *end = path + len - 1;
2117 unsigned int len_adjust = 0;
2118
2119 #ifdef ZEND_WIN32
2120 /* Note that on Win32 CWD is per drive (heritage from CP/M).
2121 * This means dirname("c:foo") maps to "c:." or "c:" - which means CWD on C: drive.
2122 */
2123 if ((2 <= len) && isalpha((int)((unsigned char *)path)[0]) && (':' == path[1])) {
2124 /* Skip over the drive spec (if any) so as not to change */
2125 path += 2;
2126 len_adjust += 2;
2127 if (2 == len) {
2128 /* Return "c:" on Win32 for dirname("c:").
2129 * It would be more consistent to return "c:."
2130 * but that would require making the string *longer*.
2131 */
2132 return len;
2133 }
2134 }
2135 #endif
2136
2137 if (len == 0) {
2138 /* Illegal use of this function */
2139 return 0;
2140 }
2141
2142 /* Strip trailing slashes */
2143 while (end >= path && IS_SLASH_P(end)) {
2144 end--;
2145 }
2146 if (end < path) {
2147 /* The path only contained slashes */
2148 path[0] = DEFAULT_SLASH;
2149 path[1] = '\0';
2150 return 1 + len_adjust;
2151 }
2152
2153 /* Strip filename */
2154 while (end >= path && !IS_SLASH_P(end)) {
2155 end--;
2156 }
2157 if (end < path) {
2158 /* No slash found, therefore return '.' */
2159 path[0] = '.';
2160 path[1] = '\0';
2161 return 1 + len_adjust;
2162 }
2163
2164 /* Strip slashes which came before the file name */
2165 while (end >= path && IS_SLASH_P(end)) {
2166 end--;
2167 }
2168 if (end < path) {
2169 path[0] = DEFAULT_SLASH;
2170 path[1] = '\0';
2171 return 1 + len_adjust;
2172 }
2173 *(end+1) = '\0';
2174
2175 return (size_t)(end + 1 - path) + len_adjust;
2176 }
2177 /* }}} */
2178
zend_adjust_for_fetch_type(zend_op * opline,znode * result,uint32_t type)2179 static void zend_adjust_for_fetch_type(zend_op *opline, znode *result, uint32_t type) /* {{{ */
2180 {
2181 uint_fast8_t factor = (opline->opcode == ZEND_FETCH_STATIC_PROP_R) ? 1 : 3;
2182
2183 switch (type) {
2184 case BP_VAR_R:
2185 opline->result_type = IS_TMP_VAR;
2186 result->op_type = IS_TMP_VAR;
2187 return;
2188 case BP_VAR_W:
2189 opline->opcode += 1 * factor;
2190 return;
2191 case BP_VAR_RW:
2192 opline->opcode += 2 * factor;
2193 return;
2194 case BP_VAR_IS:
2195 opline->result_type = IS_TMP_VAR;
2196 result->op_type = IS_TMP_VAR;
2197 opline->opcode += 3 * factor;
2198 return;
2199 case BP_VAR_FUNC_ARG:
2200 opline->opcode += 4 * factor;
2201 return;
2202 case BP_VAR_UNSET:
2203 opline->opcode += 5 * factor;
2204 return;
2205 EMPTY_SWITCH_DEFAULT_CASE()
2206 }
2207 }
2208 /* }}} */
2209
zend_make_var_result(znode * result,zend_op * opline)2210 static inline void zend_make_var_result(znode *result, zend_op *opline) /* {{{ */
2211 {
2212 opline->result_type = IS_VAR;
2213 opline->result.var = get_temporary_variable();
2214 GET_NODE(result, opline->result);
2215 }
2216 /* }}} */
2217
zend_make_tmp_result(znode * result,zend_op * opline)2218 static inline void zend_make_tmp_result(znode *result, zend_op *opline) /* {{{ */
2219 {
2220 opline->result_type = IS_TMP_VAR;
2221 opline->result.var = get_temporary_variable();
2222 GET_NODE(result, opline->result);
2223 }
2224 /* }}} */
2225
zend_emit_op(znode * result,uint8_t opcode,znode * op1,znode * op2)2226 static zend_op *zend_emit_op(znode *result, uint8_t opcode, znode *op1, znode *op2) /* {{{ */
2227 {
2228 zend_op *opline = get_next_op();
2229 opline->opcode = opcode;
2230
2231 if (op1 != NULL) {
2232 SET_NODE(opline->op1, op1);
2233 }
2234
2235 if (op2 != NULL) {
2236 SET_NODE(opline->op2, op2);
2237 }
2238
2239 if (result) {
2240 zend_make_var_result(result, opline);
2241 }
2242 return opline;
2243 }
2244 /* }}} */
2245
zend_emit_op_tmp(znode * result,uint8_t opcode,znode * op1,znode * op2)2246 static zend_op *zend_emit_op_tmp(znode *result, uint8_t opcode, znode *op1, znode *op2) /* {{{ */
2247 {
2248 zend_op *opline = get_next_op();
2249 opline->opcode = opcode;
2250
2251 if (op1 != NULL) {
2252 SET_NODE(opline->op1, op1);
2253 }
2254
2255 if (op2 != NULL) {
2256 SET_NODE(opline->op2, op2);
2257 }
2258
2259 if (result) {
2260 zend_make_tmp_result(result, opline);
2261 }
2262
2263 return opline;
2264 }
2265 /* }}} */
2266
zend_emit_tick(void)2267 static void zend_emit_tick(void) /* {{{ */
2268 {
2269 zend_op *opline;
2270
2271 /* This prevents a double TICK generated by the parser statement of "declare()" */
2272 if (CG(active_op_array)->last && CG(active_op_array)->opcodes[CG(active_op_array)->last - 1].opcode == ZEND_TICKS) {
2273 return;
2274 }
2275
2276 opline = get_next_op();
2277
2278 opline->opcode = ZEND_TICKS;
2279 opline->extended_value = FC(declarables).ticks;
2280 }
2281 /* }}} */
2282
zend_emit_op_data(znode * value)2283 static inline zend_op *zend_emit_op_data(znode *value) /* {{{ */
2284 {
2285 return zend_emit_op(NULL, ZEND_OP_DATA, value, NULL);
2286 }
2287 /* }}} */
2288
zend_emit_jump(uint32_t opnum_target)2289 static inline uint32_t zend_emit_jump(uint32_t opnum_target) /* {{{ */
2290 {
2291 uint32_t opnum = get_next_op_number();
2292 zend_op *opline = zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
2293 opline->op1.opline_num = opnum_target;
2294 return opnum;
2295 }
2296 /* }}} */
2297
zend_is_smart_branch(const zend_op * opline)2298 ZEND_API bool zend_is_smart_branch(const zend_op *opline) /* {{{ */
2299 {
2300 switch (opline->opcode) {
2301 case ZEND_IS_IDENTICAL:
2302 case ZEND_IS_NOT_IDENTICAL:
2303 case ZEND_IS_EQUAL:
2304 case ZEND_IS_NOT_EQUAL:
2305 case ZEND_IS_SMALLER:
2306 case ZEND_IS_SMALLER_OR_EQUAL:
2307 case ZEND_CASE:
2308 case ZEND_CASE_STRICT:
2309 case ZEND_ISSET_ISEMPTY_CV:
2310 case ZEND_ISSET_ISEMPTY_VAR:
2311 case ZEND_ISSET_ISEMPTY_DIM_OBJ:
2312 case ZEND_ISSET_ISEMPTY_PROP_OBJ:
2313 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
2314 case ZEND_INSTANCEOF:
2315 case ZEND_TYPE_CHECK:
2316 case ZEND_DEFINED:
2317 case ZEND_IN_ARRAY:
2318 case ZEND_ARRAY_KEY_EXISTS:
2319 return 1;
2320 default:
2321 return 0;
2322 }
2323 }
2324 /* }}} */
2325
zend_emit_cond_jump(uint8_t opcode,znode * cond,uint32_t opnum_target)2326 static inline uint32_t zend_emit_cond_jump(uint8_t opcode, znode *cond, uint32_t opnum_target) /* {{{ */
2327 {
2328 uint32_t opnum = get_next_op_number();
2329 zend_op *opline;
2330
2331 if (cond->op_type == IS_TMP_VAR && opnum > 0) {
2332 opline = CG(active_op_array)->opcodes + opnum - 1;
2333 if (opline->result_type == IS_TMP_VAR
2334 && opline->result.var == cond->u.op.var
2335 && zend_is_smart_branch(opline)) {
2336 if (opcode == ZEND_JMPZ) {
2337 opline->result_type = IS_TMP_VAR | IS_SMART_BRANCH_JMPZ;
2338 } else {
2339 ZEND_ASSERT(opcode == ZEND_JMPNZ);
2340 opline->result_type = IS_TMP_VAR | IS_SMART_BRANCH_JMPNZ;
2341 }
2342 }
2343 }
2344 opline = zend_emit_op(NULL, opcode, cond, NULL);
2345 opline->op2.opline_num = opnum_target;
2346 return opnum;
2347 }
2348 /* }}} */
2349
zend_update_jump_target(uint32_t opnum_jump,uint32_t opnum_target)2350 static inline void zend_update_jump_target(uint32_t opnum_jump, uint32_t opnum_target) /* {{{ */
2351 {
2352 zend_op *opline = &CG(active_op_array)->opcodes[opnum_jump];
2353 switch (opline->opcode) {
2354 case ZEND_JMP:
2355 opline->op1.opline_num = opnum_target;
2356 break;
2357 case ZEND_JMPZ:
2358 case ZEND_JMPNZ:
2359 case ZEND_JMPZ_EX:
2360 case ZEND_JMPNZ_EX:
2361 case ZEND_JMP_SET:
2362 case ZEND_COALESCE:
2363 case ZEND_JMP_NULL:
2364 case ZEND_BIND_INIT_STATIC_OR_JMP:
2365 case ZEND_JMP_FRAMELESS:
2366 opline->op2.opline_num = opnum_target;
2367 break;
2368 EMPTY_SWITCH_DEFAULT_CASE()
2369 }
2370 }
2371 /* }}} */
2372
zend_update_jump_target_to_next(uint32_t opnum_jump)2373 static inline void zend_update_jump_target_to_next(uint32_t opnum_jump) /* {{{ */
2374 {
2375 zend_update_jump_target(opnum_jump, get_next_op_number());
2376 }
2377 /* }}} */
2378
zend_delayed_emit_op(znode * result,uint8_t opcode,znode * op1,znode * op2)2379 static inline zend_op *zend_delayed_emit_op(znode *result, uint8_t opcode, znode *op1, znode *op2) /* {{{ */
2380 {
2381 zend_op tmp_opline;
2382
2383 init_op(&tmp_opline);
2384
2385 tmp_opline.opcode = opcode;
2386 if (op1 != NULL) {
2387 SET_NODE(tmp_opline.op1, op1);
2388 }
2389 if (op2 != NULL) {
2390 SET_NODE(tmp_opline.op2, op2);
2391 }
2392 if (result) {
2393 zend_make_var_result(result, &tmp_opline);
2394 }
2395
2396 zend_stack_push(&CG(delayed_oplines_stack), &tmp_opline);
2397 return zend_stack_top(&CG(delayed_oplines_stack));
2398 }
2399 /* }}} */
2400
zend_delayed_compile_begin(void)2401 static inline uint32_t zend_delayed_compile_begin(void) /* {{{ */
2402 {
2403 return zend_stack_count(&CG(delayed_oplines_stack));
2404 }
2405 /* }}} */
2406
zend_delayed_compile_end(uint32_t offset)2407 static zend_op *zend_delayed_compile_end(uint32_t offset) /* {{{ */
2408 {
2409 zend_op *opline = NULL, *oplines = zend_stack_base(&CG(delayed_oplines_stack));
2410 uint32_t i, count = zend_stack_count(&CG(delayed_oplines_stack));
2411
2412 ZEND_ASSERT(count >= offset);
2413 for (i = offset; i < count; ++i) {
2414 if (EXPECTED(oplines[i].opcode != ZEND_NOP)) {
2415 opline = get_next_op();
2416 memcpy(opline, &oplines[i], sizeof(zend_op));
2417 } else {
2418 opline = CG(active_op_array)->opcodes + oplines[i].extended_value;
2419 }
2420 }
2421
2422 CG(delayed_oplines_stack).top = offset;
2423 return opline;
2424 }
2425 /* }}} */
2426
zend_ast_kind_is_short_circuited(zend_ast_kind ast_kind)2427 static bool zend_ast_kind_is_short_circuited(zend_ast_kind ast_kind)
2428 {
2429 switch (ast_kind) {
2430 case ZEND_AST_DIM:
2431 case ZEND_AST_PROP:
2432 case ZEND_AST_NULLSAFE_PROP:
2433 case ZEND_AST_STATIC_PROP:
2434 case ZEND_AST_METHOD_CALL:
2435 case ZEND_AST_NULLSAFE_METHOD_CALL:
2436 case ZEND_AST_STATIC_CALL:
2437 return 1;
2438 default:
2439 return 0;
2440 }
2441 }
2442
zend_ast_is_short_circuited(const zend_ast * ast)2443 static bool zend_ast_is_short_circuited(const zend_ast *ast)
2444 {
2445 switch (ast->kind) {
2446 case ZEND_AST_DIM:
2447 case ZEND_AST_PROP:
2448 case ZEND_AST_STATIC_PROP:
2449 case ZEND_AST_METHOD_CALL:
2450 case ZEND_AST_STATIC_CALL:
2451 return zend_ast_is_short_circuited(ast->child[0]);
2452 case ZEND_AST_NULLSAFE_PROP:
2453 case ZEND_AST_NULLSAFE_METHOD_CALL:
2454 return 1;
2455 default:
2456 return 0;
2457 }
2458 }
2459
2460 /* Mark nodes that are an inner part of a short-circuiting chain.
2461 * We should not perform a "commit" on them, as it will be performed by the outer-most node.
2462 * We do this to avoid passing down an argument in various compile functions. */
2463
2464 #define ZEND_SHORT_CIRCUITING_INNER 0x8000
2465
zend_short_circuiting_mark_inner(zend_ast * ast)2466 static void zend_short_circuiting_mark_inner(zend_ast *ast) {
2467 if (zend_ast_kind_is_short_circuited(ast->kind)) {
2468 ast->attr |= ZEND_SHORT_CIRCUITING_INNER;
2469 }
2470 }
2471
zend_short_circuiting_checkpoint(void)2472 static uint32_t zend_short_circuiting_checkpoint(void)
2473 {
2474 return zend_stack_count(&CG(short_circuiting_opnums));
2475 }
2476
zend_short_circuiting_commit(uint32_t checkpoint,znode * result,zend_ast * ast)2477 static void zend_short_circuiting_commit(uint32_t checkpoint, znode *result, zend_ast *ast)
2478 {
2479 bool is_short_circuited = zend_ast_kind_is_short_circuited(ast->kind)
2480 || ast->kind == ZEND_AST_ISSET || ast->kind == ZEND_AST_EMPTY;
2481 if (!is_short_circuited) {
2482 ZEND_ASSERT(zend_stack_count(&CG(short_circuiting_opnums)) == checkpoint
2483 && "Short circuiting stack should be empty");
2484 return;
2485 }
2486
2487 if (ast->attr & ZEND_SHORT_CIRCUITING_INNER) {
2488 /* Outer-most node will commit. */
2489 return;
2490 }
2491
2492 while (zend_stack_count(&CG(short_circuiting_opnums)) != checkpoint) {
2493 uint32_t opnum = *(uint32_t *) zend_stack_top(&CG(short_circuiting_opnums));
2494 zend_op *opline = &CG(active_op_array)->opcodes[opnum];
2495 opline->op2.opline_num = get_next_op_number();
2496 SET_NODE(opline->result, result);
2497 opline->extended_value |=
2498 ast->kind == ZEND_AST_ISSET ? ZEND_SHORT_CIRCUITING_CHAIN_ISSET :
2499 ast->kind == ZEND_AST_EMPTY ? ZEND_SHORT_CIRCUITING_CHAIN_EMPTY :
2500 ZEND_SHORT_CIRCUITING_CHAIN_EXPR;
2501 zend_stack_del_top(&CG(short_circuiting_opnums));
2502 }
2503 }
2504
zend_emit_jmp_null(znode * obj_node,uint32_t bp_type)2505 static void zend_emit_jmp_null(znode *obj_node, uint32_t bp_type)
2506 {
2507 uint32_t jmp_null_opnum = get_next_op_number();
2508 zend_op *opline = zend_emit_op(NULL, ZEND_JMP_NULL, obj_node, NULL);
2509 if (opline->op1_type == IS_CONST) {
2510 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
2511 }
2512 if (bp_type == BP_VAR_IS) {
2513 opline->extended_value |= ZEND_JMP_NULL_BP_VAR_IS;
2514 }
2515 zend_stack_push(&CG(short_circuiting_opnums), &jmp_null_opnum);
2516 }
2517
zend_compile_memoized_expr(znode * result,zend_ast * expr)2518 static void zend_compile_memoized_expr(znode *result, zend_ast *expr) /* {{{ */
2519 {
2520 const zend_memoize_mode memoize_mode = CG(memoize_mode);
2521 if (memoize_mode == ZEND_MEMOIZE_COMPILE) {
2522 znode memoized_result;
2523
2524 /* Go through normal compilation */
2525 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
2526 zend_compile_expr(result, expr);
2527 CG(memoize_mode) = ZEND_MEMOIZE_COMPILE;
2528
2529 if (result->op_type == IS_VAR) {
2530 zend_emit_op(&memoized_result, ZEND_COPY_TMP, result, NULL);
2531 } else if (result->op_type == IS_TMP_VAR) {
2532 zend_emit_op_tmp(&memoized_result, ZEND_COPY_TMP, result, NULL);
2533 } else {
2534 if (result->op_type == IS_CONST) {
2535 Z_TRY_ADDREF(result->u.constant);
2536 }
2537 memoized_result = *result;
2538 }
2539
2540 zend_hash_index_update_mem(
2541 CG(memoized_exprs), (uintptr_t) expr, &memoized_result, sizeof(znode));
2542 } else if (memoize_mode == ZEND_MEMOIZE_FETCH) {
2543 znode *memoized_result = zend_hash_index_find_ptr(CG(memoized_exprs), (uintptr_t) expr);
2544 *result = *memoized_result;
2545 if (result->op_type == IS_CONST) {
2546 Z_TRY_ADDREF(result->u.constant);
2547 }
2548 } else {
2549 ZEND_UNREACHABLE();
2550 }
2551 }
2552 /* }}} */
2553
2554 /* Remember to update type_num_classes() in compact_literals.c when changing this function */
zend_type_get_num_classes(zend_type type)2555 static size_t zend_type_get_num_classes(zend_type type) {
2556 if (!ZEND_TYPE_IS_COMPLEX(type)) {
2557 return 0;
2558 }
2559 if (ZEND_TYPE_HAS_LIST(type)) {
2560 /* Intersection types cannot have nested list types */
2561 if (ZEND_TYPE_IS_INTERSECTION(type)) {
2562 return ZEND_TYPE_LIST(type)->num_types;
2563 }
2564 ZEND_ASSERT(ZEND_TYPE_IS_UNION(type));
2565 size_t count = 0;
2566 zend_type *list_type;
2567
2568 ZEND_TYPE_LIST_FOREACH(ZEND_TYPE_LIST(type), list_type) {
2569 if (ZEND_TYPE_IS_INTERSECTION(*list_type)) {
2570 count += ZEND_TYPE_LIST(*list_type)->num_types;
2571 } else {
2572 ZEND_ASSERT(!ZEND_TYPE_HAS_LIST(*list_type));
2573 count += 1;
2574 }
2575 } ZEND_TYPE_LIST_FOREACH_END();
2576 return count;
2577 }
2578 return 1;
2579 }
2580
zend_emit_return_type_check(znode * expr,zend_arg_info * return_info,bool implicit)2581 static void zend_emit_return_type_check(
2582 znode *expr, zend_arg_info *return_info, bool implicit) /* {{{ */
2583 {
2584 zend_type type = return_info->type;
2585 if (ZEND_TYPE_IS_SET(type)) {
2586 zend_op *opline;
2587
2588 /* `return ...;` is illegal in a void function (but `return;` isn't) */
2589 if (ZEND_TYPE_CONTAINS_CODE(type, IS_VOID)) {
2590 if (expr) {
2591 if (expr->op_type == IS_CONST && Z_TYPE(expr->u.constant) == IS_NULL) {
2592 zend_error_noreturn(E_COMPILE_ERROR,
2593 "A void %s must not return a value "
2594 "(did you mean \"return;\" instead of \"return null;\"?)",
2595 CG(active_class_entry) != NULL ? "method" : "function");
2596 } else {
2597 zend_error_noreturn(E_COMPILE_ERROR, "A void %s must not return a value",
2598 CG(active_class_entry) != NULL ? "method" : "function");
2599 }
2600 }
2601 /* we don't need run-time check */
2602 return;
2603 }
2604
2605 /* `return` is illegal in a never-returning function */
2606 if (ZEND_TYPE_CONTAINS_CODE(type, IS_NEVER)) {
2607 /* Implicit case handled separately using VERIFY_NEVER_TYPE opcode. */
2608 ZEND_ASSERT(!implicit);
2609 zend_error_noreturn(E_COMPILE_ERROR, "A never-returning %s must not return",
2610 CG(active_class_entry) != NULL ? "method" : "function");
2611 return;
2612 }
2613
2614 if (!expr && !implicit) {
2615 if (ZEND_TYPE_ALLOW_NULL(type)) {
2616 zend_error_noreturn(E_COMPILE_ERROR,
2617 "A %s with return type must return a value "
2618 "(did you mean \"return null;\" instead of \"return;\"?)",
2619 CG(active_class_entry) != NULL ? "method" : "function");
2620 } else {
2621 zend_error_noreturn(E_COMPILE_ERROR,
2622 "A %s with return type must return a value",
2623 CG(active_class_entry) != NULL ? "method" : "function");
2624 }
2625 }
2626
2627 if (expr && ZEND_TYPE_PURE_MASK(type) == MAY_BE_ANY) {
2628 /* we don't need run-time check for mixed return type */
2629 return;
2630 }
2631
2632 if (expr && expr->op_type == IS_CONST && ZEND_TYPE_CONTAINS_CODE(type, Z_TYPE(expr->u.constant))) {
2633 /* we don't need run-time check */
2634 return;
2635 }
2636
2637 opline = zend_emit_op(NULL, ZEND_VERIFY_RETURN_TYPE, expr, NULL);
2638 if (expr && expr->op_type == IS_CONST) {
2639 opline->result_type = expr->op_type = IS_TMP_VAR;
2640 opline->result.var = expr->u.op.var = get_temporary_variable();
2641 }
2642
2643 opline->op2.num = zend_alloc_cache_slots(zend_type_get_num_classes(return_info->type));
2644 }
2645 }
2646 /* }}} */
2647
zend_emit_final_return(bool return_one)2648 void zend_emit_final_return(bool return_one) /* {{{ */
2649 {
2650 znode zn;
2651 zend_op *ret;
2652 bool returns_reference = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
2653
2654 if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE)
2655 && !(CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR)) {
2656 zend_arg_info *return_info = CG(active_op_array)->arg_info - 1;
2657
2658 if (ZEND_TYPE_CONTAINS_CODE(return_info->type, IS_NEVER)) {
2659 zend_emit_op(NULL, ZEND_VERIFY_NEVER_TYPE, NULL, NULL);
2660 return;
2661 }
2662
2663 zend_emit_return_type_check(NULL, return_info, 1);
2664 }
2665
2666 zn.op_type = IS_CONST;
2667 if (return_one) {
2668 ZVAL_LONG(&zn.u.constant, 1);
2669 } else {
2670 ZVAL_NULL(&zn.u.constant);
2671 }
2672
2673 ret = zend_emit_op(NULL, returns_reference ? ZEND_RETURN_BY_REF : ZEND_RETURN, &zn, NULL);
2674 ret->extended_value = -1;
2675 }
2676 /* }}} */
2677
zend_is_variable(zend_ast * ast)2678 static inline bool zend_is_variable(zend_ast *ast) /* {{{ */
2679 {
2680 return ast->kind == ZEND_AST_VAR
2681 || ast->kind == ZEND_AST_DIM
2682 || ast->kind == ZEND_AST_PROP
2683 || ast->kind == ZEND_AST_NULLSAFE_PROP
2684 || ast->kind == ZEND_AST_STATIC_PROP;
2685 }
2686 /* }}} */
2687
zend_is_call(zend_ast * ast)2688 static inline bool zend_is_call(zend_ast *ast) /* {{{ */
2689 {
2690 return ast->kind == ZEND_AST_CALL
2691 || ast->kind == ZEND_AST_METHOD_CALL
2692 || ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL
2693 || ast->kind == ZEND_AST_STATIC_CALL;
2694 }
2695 /* }}} */
2696
zend_is_variable_or_call(zend_ast * ast)2697 static inline bool zend_is_variable_or_call(zend_ast *ast) /* {{{ */
2698 {
2699 return zend_is_variable(ast) || zend_is_call(ast);
2700 }
2701 /* }}} */
2702
zend_is_unticked_stmt(zend_ast * ast)2703 static inline bool zend_is_unticked_stmt(zend_ast *ast) /* {{{ */
2704 {
2705 return ast->kind == ZEND_AST_STMT_LIST || ast->kind == ZEND_AST_LABEL
2706 || ast->kind == ZEND_AST_PROP_DECL || ast->kind == ZEND_AST_CLASS_CONST_GROUP
2707 || ast->kind == ZEND_AST_USE_TRAIT || ast->kind == ZEND_AST_METHOD;
2708 }
2709 /* }}} */
2710
zend_can_write_to_variable(zend_ast * ast)2711 static inline bool zend_can_write_to_variable(zend_ast *ast) /* {{{ */
2712 {
2713 while (
2714 ast->kind == ZEND_AST_DIM
2715 || ast->kind == ZEND_AST_PROP
2716 ) {
2717 ast = ast->child[0];
2718 }
2719
2720 return zend_is_variable_or_call(ast) && !zend_ast_is_short_circuited(ast);
2721 }
2722 /* }}} */
2723
zend_is_const_default_class_ref(zend_ast * name_ast)2724 static inline bool zend_is_const_default_class_ref(zend_ast *name_ast) /* {{{ */
2725 {
2726 if (name_ast->kind != ZEND_AST_ZVAL) {
2727 return 0;
2728 }
2729
2730 return ZEND_FETCH_CLASS_DEFAULT == zend_get_class_fetch_type_ast(name_ast);
2731 }
2732 /* }}} */
2733
zend_handle_numeric_op(znode * node)2734 static inline void zend_handle_numeric_op(znode *node) /* {{{ */
2735 {
2736 if (node->op_type == IS_CONST && Z_TYPE(node->u.constant) == IS_STRING) {
2737 zend_ulong index;
2738
2739 if (ZEND_HANDLE_NUMERIC(Z_STR(node->u.constant), index)) {
2740 zval_ptr_dtor(&node->u.constant);
2741 ZVAL_LONG(&node->u.constant, index);
2742 }
2743 }
2744 }
2745 /* }}} */
2746
zend_handle_numeric_dim(zend_op * opline,znode * dim_node)2747 static inline void zend_handle_numeric_dim(zend_op *opline, znode *dim_node) /* {{{ */
2748 {
2749 if (Z_TYPE(dim_node->u.constant) == IS_STRING) {
2750 zend_ulong index;
2751
2752 if (ZEND_HANDLE_NUMERIC(Z_STR(dim_node->u.constant), index)) {
2753 /* For numeric indexes we also keep the original value to use by ArrayAccess
2754 * See bug #63217
2755 */
2756 int c = zend_add_literal(&dim_node->u.constant);
2757 ZEND_ASSERT(opline->op2.constant + 1 == c);
2758 ZVAL_LONG(CT_CONSTANT(opline->op2), index);
2759 Z_EXTRA_P(CT_CONSTANT(opline->op2)) = ZEND_EXTRA_VALUE;
2760 return;
2761 }
2762 }
2763 }
2764 /* }}} */
2765
zend_set_class_name_op1(zend_op * opline,znode * class_node)2766 static inline void zend_set_class_name_op1(zend_op *opline, znode *class_node) /* {{{ */
2767 {
2768 if (class_node->op_type == IS_CONST) {
2769 opline->op1_type = IS_CONST;
2770 opline->op1.constant = zend_add_class_name_literal(
2771 Z_STR(class_node->u.constant));
2772 } else {
2773 SET_NODE(opline->op1, class_node);
2774 }
2775 }
2776 /* }}} */
2777
zend_compile_class_ref(znode * result,zend_ast * name_ast,uint32_t fetch_flags)2778 static void zend_compile_class_ref(znode *result, zend_ast *name_ast, uint32_t fetch_flags) /* {{{ */
2779 {
2780 uint32_t fetch_type;
2781
2782 if (name_ast->kind != ZEND_AST_ZVAL) {
2783 znode name_node;
2784
2785 zend_compile_expr(&name_node, name_ast);
2786
2787 if (name_node.op_type == IS_CONST) {
2788 zend_string *name;
2789
2790 if (Z_TYPE(name_node.u.constant) != IS_STRING) {
2791 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
2792 }
2793
2794 name = Z_STR(name_node.u.constant);
2795 fetch_type = zend_get_class_fetch_type(name);
2796
2797 if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
2798 result->op_type = IS_CONST;
2799 ZVAL_STR(&result->u.constant, zend_resolve_class_name(name, ZEND_NAME_FQ));
2800 } else {
2801 zend_ensure_valid_class_fetch_type(fetch_type);
2802 result->op_type = IS_UNUSED;
2803 result->u.op.num = fetch_type | fetch_flags;
2804 }
2805
2806 zend_string_release_ex(name, 0);
2807 } else {
2808 zend_op *opline = zend_emit_op(result, ZEND_FETCH_CLASS, NULL, &name_node);
2809 opline->op1.num = ZEND_FETCH_CLASS_DEFAULT | fetch_flags;
2810 }
2811 return;
2812 }
2813
2814 /* Fully qualified names are always default refs */
2815 if (name_ast->attr == ZEND_NAME_FQ) {
2816 result->op_type = IS_CONST;
2817 ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2818 return;
2819 }
2820
2821 fetch_type = zend_get_class_fetch_type(zend_ast_get_str(name_ast));
2822 if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
2823 result->op_type = IS_CONST;
2824 ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2825 } else {
2826 zend_ensure_valid_class_fetch_type(fetch_type);
2827 result->op_type = IS_UNUSED;
2828 result->u.op.num = fetch_type | fetch_flags;
2829 }
2830 }
2831 /* }}} */
2832
zend_try_compile_cv(znode * result,zend_ast * ast)2833 static zend_result zend_try_compile_cv(znode *result, zend_ast *ast) /* {{{ */
2834 {
2835 zend_ast *name_ast = ast->child[0];
2836 if (name_ast->kind == ZEND_AST_ZVAL) {
2837 zval *zv = zend_ast_get_zval(name_ast);
2838 zend_string *name;
2839
2840 if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
2841 name = zval_make_interned_string(zv);
2842 } else {
2843 name = zend_new_interned_string(zval_get_string_func(zv));
2844 }
2845
2846 if (zend_is_auto_global(name)) {
2847 return FAILURE;
2848 }
2849
2850 result->op_type = IS_CV;
2851 result->u.op.var = lookup_cv(name);
2852
2853 if (UNEXPECTED(Z_TYPE_P(zv) != IS_STRING)) {
2854 zend_string_release_ex(name, 0);
2855 }
2856
2857 return SUCCESS;
2858 }
2859
2860 return FAILURE;
2861 }
2862 /* }}} */
2863
zend_compile_simple_var_no_cv(znode * result,zend_ast * ast,uint32_t type,bool delayed)2864 static zend_op *zend_compile_simple_var_no_cv(znode *result, zend_ast *ast, uint32_t type, bool delayed) /* {{{ */
2865 {
2866 zend_ast *name_ast = ast->child[0];
2867 znode name_node;
2868 zend_op *opline;
2869
2870 zend_compile_expr(&name_node, name_ast);
2871 if (name_node.op_type == IS_CONST) {
2872 convert_to_string(&name_node.u.constant);
2873 }
2874
2875 if (delayed) {
2876 opline = zend_delayed_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2877 } else {
2878 opline = zend_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2879 }
2880
2881 if (name_node.op_type == IS_CONST &&
2882 zend_is_auto_global(Z_STR(name_node.u.constant))) {
2883
2884 opline->extended_value = ZEND_FETCH_GLOBAL;
2885 } else {
2886 opline->extended_value = ZEND_FETCH_LOCAL;
2887 }
2888
2889 zend_adjust_for_fetch_type(opline, result, type);
2890 return opline;
2891 }
2892 /* }}} */
2893
is_this_fetch(zend_ast * ast)2894 static bool is_this_fetch(zend_ast *ast) /* {{{ */
2895 {
2896 if (ast->kind == ZEND_AST_VAR && ast->child[0]->kind == ZEND_AST_ZVAL) {
2897 zval *name = zend_ast_get_zval(ast->child[0]);
2898 return Z_TYPE_P(name) == IS_STRING && zend_string_equals(Z_STR_P(name), ZSTR_KNOWN(ZEND_STR_THIS));
2899 }
2900
2901 return 0;
2902 }
2903 /* }}} */
2904
is_globals_fetch(const zend_ast * ast)2905 static bool is_globals_fetch(const zend_ast *ast)
2906 {
2907 if (ast->kind == ZEND_AST_VAR && ast->child[0]->kind == ZEND_AST_ZVAL) {
2908 zval *name = zend_ast_get_zval(ast->child[0]);
2909 return Z_TYPE_P(name) == IS_STRING && zend_string_equals_literal(Z_STR_P(name), "GLOBALS");
2910 }
2911
2912 return 0;
2913 }
2914
is_global_var_fetch(zend_ast * ast)2915 static bool is_global_var_fetch(zend_ast *ast)
2916 {
2917 return ast->kind == ZEND_AST_DIM && is_globals_fetch(ast->child[0]);
2918 }
2919
this_guaranteed_exists(void)2920 static bool this_guaranteed_exists(void) /* {{{ */
2921 {
2922 zend_op_array *op_array = CG(active_op_array);
2923 /* Instance methods always have a $this.
2924 * This also includes closures that have a scope and use $this. */
2925 return op_array->scope != NULL
2926 && (op_array->fn_flags & ZEND_ACC_STATIC) == 0;
2927 }
2928 /* }}} */
2929
zend_compile_simple_var(znode * result,zend_ast * ast,uint32_t type,bool delayed)2930 static zend_op *zend_compile_simple_var(znode *result, zend_ast *ast, uint32_t type, bool delayed) /* {{{ */
2931 {
2932 if (is_this_fetch(ast)) {
2933 zend_op *opline = zend_emit_op(result, ZEND_FETCH_THIS, NULL, NULL);
2934 if ((type == BP_VAR_R) || (type == BP_VAR_IS)) {
2935 opline->result_type = IS_TMP_VAR;
2936 result->op_type = IS_TMP_VAR;
2937 }
2938 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
2939 return opline;
2940 } else if (is_globals_fetch(ast)) {
2941 zend_op *opline = zend_emit_op(result, ZEND_FETCH_GLOBALS, NULL, NULL);
2942 if (type == BP_VAR_R || type == BP_VAR_IS) {
2943 opline->result_type = IS_TMP_VAR;
2944 result->op_type = IS_TMP_VAR;
2945 }
2946 return opline;
2947 } else if (zend_try_compile_cv(result, ast) == FAILURE) {
2948 return zend_compile_simple_var_no_cv(result, ast, type, delayed);
2949 }
2950 return NULL;
2951 }
2952 /* }}} */
2953
zend_separate_if_call_and_write(znode * node,zend_ast * ast,uint32_t type)2954 static void zend_separate_if_call_and_write(znode *node, zend_ast *ast, uint32_t type) /* {{{ */
2955 {
2956 if (type != BP_VAR_R
2957 && type != BP_VAR_IS
2958 /* Whether a FUNC_ARG is R may only be determined at runtime. */
2959 && type != BP_VAR_FUNC_ARG
2960 && zend_is_call(ast)) {
2961 if (node->op_type == IS_VAR) {
2962 zend_op *opline = zend_emit_op(NULL, ZEND_SEPARATE, node, NULL);
2963 opline->result_type = IS_VAR;
2964 opline->result.var = opline->op1.var;
2965 } else {
2966 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
2967 }
2968 }
2969 }
2970 /* }}} */
2971
zend_emit_assign_znode(zend_ast * var_ast,znode * value_node)2972 static inline void zend_emit_assign_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
2973 {
2974 znode dummy_node;
2975 zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN, var_ast,
2976 zend_ast_create_znode(value_node));
2977 zend_compile_expr(&dummy_node, assign_ast);
2978 zend_do_free(&dummy_node);
2979 }
2980 /* }}} */
2981
zend_delayed_compile_dim(znode * result,zend_ast * ast,uint32_t type,bool by_ref)2982 static zend_op *zend_delayed_compile_dim(znode *result, zend_ast *ast, uint32_t type, bool by_ref)
2983 {
2984 if (ast->attr == ZEND_DIM_ALTERNATIVE_SYNTAX) {
2985 zend_error(E_COMPILE_ERROR, "Array and string offset access syntax with curly braces is no longer supported");
2986 }
2987 zend_ast *var_ast = ast->child[0];
2988 zend_ast *dim_ast = ast->child[1];
2989 zend_op *opline;
2990
2991 znode var_node, dim_node;
2992
2993 if (is_globals_fetch(var_ast)) {
2994 if (dim_ast == NULL) {
2995 zend_error_noreturn(E_COMPILE_ERROR, "Cannot append to $GLOBALS");
2996 }
2997
2998 zend_compile_expr(&dim_node, dim_ast);
2999 if (dim_node.op_type == IS_CONST) {
3000 convert_to_string(&dim_node.u.constant);
3001 }
3002
3003 opline = zend_delayed_emit_op(result, ZEND_FETCH_R, &dim_node, NULL);
3004 opline->extended_value = ZEND_FETCH_GLOBAL;
3005 zend_adjust_for_fetch_type(opline, result, type);
3006 return opline;
3007 } else {
3008 zend_short_circuiting_mark_inner(var_ast);
3009 opline = zend_delayed_compile_var(&var_node, var_ast, type, 0);
3010 if (opline) {
3011 if (type == BP_VAR_W && (opline->opcode == ZEND_FETCH_STATIC_PROP_W || opline->opcode == ZEND_FETCH_OBJ_W)) {
3012 opline->extended_value |= ZEND_FETCH_DIM_WRITE;
3013 } else if (opline->opcode == ZEND_FETCH_DIM_W
3014 || opline->opcode == ZEND_FETCH_DIM_RW
3015 || opline->opcode == ZEND_FETCH_DIM_FUNC_ARG
3016 || opline->opcode == ZEND_FETCH_DIM_UNSET) {
3017 opline->extended_value = ZEND_FETCH_DIM_DIM;
3018 }
3019 }
3020 }
3021
3022 zend_separate_if_call_and_write(&var_node, var_ast, type);
3023
3024 if (dim_ast == NULL) {
3025 if (type == BP_VAR_R || type == BP_VAR_IS) {
3026 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
3027 }
3028 if (type == BP_VAR_UNSET) {
3029 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for unsetting");
3030 }
3031 dim_node.op_type = IS_UNUSED;
3032 } else {
3033 zend_compile_expr(&dim_node, dim_ast);
3034 }
3035
3036 opline = zend_delayed_emit_op(result, ZEND_FETCH_DIM_R, &var_node, &dim_node);
3037 zend_adjust_for_fetch_type(opline, result, type);
3038 if (by_ref) {
3039 opline->extended_value = ZEND_FETCH_DIM_REF;
3040 }
3041
3042 if (dim_node.op_type == IS_CONST) {
3043 zend_handle_numeric_dim(opline, &dim_node);
3044 }
3045 return opline;
3046 }
3047
zend_compile_dim(znode * result,zend_ast * ast,uint32_t type,bool by_ref)3048 static zend_op *zend_compile_dim(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
3049 {
3050 uint32_t offset = zend_delayed_compile_begin();
3051 zend_delayed_compile_dim(result, ast, type, by_ref);
3052 return zend_delayed_compile_end(offset);
3053 }
3054 /* }}} */
3055
zend_delayed_compile_prop(znode * result,zend_ast * ast,uint32_t type)3056 static zend_op *zend_delayed_compile_prop(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
3057 {
3058 zend_ast *obj_ast = ast->child[0];
3059 zend_ast *prop_ast = ast->child[1];
3060
3061 znode obj_node, prop_node;
3062 zend_op *opline;
3063 bool nullsafe = ast->kind == ZEND_AST_NULLSAFE_PROP;
3064
3065 if (is_this_fetch(obj_ast)) {
3066 if (this_guaranteed_exists()) {
3067 obj_node.op_type = IS_UNUSED;
3068 } else {
3069 zend_emit_op(&obj_node, ZEND_FETCH_THIS, NULL, NULL);
3070 }
3071 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
3072
3073 /* We will throw if $this doesn't exist, so there's no need to emit a JMP_NULL
3074 * check for a nullsafe access. */
3075 } else {
3076 zend_short_circuiting_mark_inner(obj_ast);
3077 opline = zend_delayed_compile_var(&obj_node, obj_ast, type, 0);
3078 if (opline && (opline->opcode == ZEND_FETCH_DIM_W
3079 || opline->opcode == ZEND_FETCH_DIM_RW
3080 || opline->opcode == ZEND_FETCH_DIM_FUNC_ARG
3081 || opline->opcode == ZEND_FETCH_DIM_UNSET)) {
3082 opline->extended_value = ZEND_FETCH_DIM_OBJ;
3083 }
3084
3085 zend_separate_if_call_and_write(&obj_node, obj_ast, type);
3086 if (nullsafe) {
3087 if (obj_node.op_type == IS_TMP_VAR) {
3088 /* Flush delayed oplines */
3089 zend_op *opline = NULL, *oplines = zend_stack_base(&CG(delayed_oplines_stack));
3090 uint32_t var = obj_node.u.op.var;
3091 uint32_t count = zend_stack_count(&CG(delayed_oplines_stack));
3092 uint32_t i = count;
3093
3094 while (i > 0 && oplines[i-1].result_type == IS_TMP_VAR && oplines[i-1].result.var == var) {
3095 i--;
3096 if (oplines[i].op1_type == IS_TMP_VAR) {
3097 var = oplines[i].op1.var;
3098 } else {
3099 break;
3100 }
3101 }
3102 for (; i < count; ++i) {
3103 if (oplines[i].opcode != ZEND_NOP) {
3104 opline = get_next_op();
3105 memcpy(opline, &oplines[i], sizeof(zend_op));
3106 oplines[i].opcode = ZEND_NOP;
3107 oplines[i].extended_value = opline - CG(active_op_array)->opcodes;
3108 }
3109 }
3110 }
3111 zend_emit_jmp_null(&obj_node, type);
3112 }
3113 }
3114
3115 zend_compile_expr(&prop_node, prop_ast);
3116
3117 opline = zend_delayed_emit_op(result, ZEND_FETCH_OBJ_R, &obj_node, &prop_node);
3118 if (opline->op2_type == IS_CONST) {
3119 convert_to_string(CT_CONSTANT(opline->op2));
3120 zend_string_hash_val(Z_STR_P(CT_CONSTANT(opline->op2)));
3121 opline->extended_value = zend_alloc_cache_slots(3);
3122 }
3123
3124 zend_adjust_for_fetch_type(opline, result, type);
3125
3126 return opline;
3127 }
3128 /* }}} */
3129
zend_compile_prop(znode * result,zend_ast * ast,uint32_t type,bool by_ref)3130 static zend_op *zend_compile_prop(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
3131 {
3132 uint32_t offset = zend_delayed_compile_begin();
3133 zend_op *opline = zend_delayed_compile_prop(result, ast, type);
3134 if (by_ref) { /* shared with cache_slot */
3135 opline->extended_value |= ZEND_FETCH_REF;
3136 }
3137 return zend_delayed_compile_end(offset);
3138 }
3139 /* }}} */
3140
zend_compile_static_prop(znode * result,zend_ast * ast,uint32_t type,bool by_ref,bool delayed)3141 static zend_op *zend_compile_static_prop(znode *result, zend_ast *ast, uint32_t type, bool by_ref, bool delayed) /* {{{ */
3142 {
3143 zend_ast *class_ast = ast->child[0];
3144 zend_ast *prop_ast = ast->child[1];
3145
3146 znode class_node, prop_node;
3147 zend_op *opline;
3148
3149 zend_short_circuiting_mark_inner(class_ast);
3150 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
3151
3152 zend_compile_expr(&prop_node, prop_ast);
3153
3154 if (delayed) {
3155 opline = zend_delayed_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
3156 } else {
3157 opline = zend_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
3158 }
3159 if (opline->op1_type == IS_CONST) {
3160 convert_to_string(CT_CONSTANT(opline->op1));
3161 opline->extended_value = zend_alloc_cache_slots(3);
3162 }
3163 if (class_node.op_type == IS_CONST) {
3164 opline->op2_type = IS_CONST;
3165 opline->op2.constant = zend_add_class_name_literal(
3166 Z_STR(class_node.u.constant));
3167 if (opline->op1_type != IS_CONST) {
3168 opline->extended_value = zend_alloc_cache_slot();
3169 }
3170 } else {
3171 SET_NODE(opline->op2, &class_node);
3172 }
3173
3174 if (by_ref && (type == BP_VAR_W || type == BP_VAR_FUNC_ARG)) { /* shared with cache_slot */
3175 opline->extended_value |= ZEND_FETCH_REF;
3176 }
3177
3178 zend_adjust_for_fetch_type(opline, result, type);
3179 return opline;
3180 }
3181 /* }}} */
3182
zend_verify_list_assign_target(zend_ast * var_ast,zend_ast_attr array_style)3183 static void zend_verify_list_assign_target(zend_ast *var_ast, zend_ast_attr array_style) /* {{{ */ {
3184 if (var_ast->kind == ZEND_AST_ARRAY) {
3185 if (var_ast->attr == ZEND_ARRAY_SYNTAX_LONG) {
3186 zend_error_noreturn(E_COMPILE_ERROR, "Cannot assign to array(), use [] instead");
3187 }
3188 if (array_style != var_ast->attr) {
3189 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix [] and list()");
3190 }
3191 } else if (!zend_can_write_to_variable(var_ast)) {
3192 zend_error_noreturn(E_COMPILE_ERROR, "Assignments can only happen to writable values");
3193 }
3194 }
3195 /* }}} */
3196
3197 static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node);
3198
3199 /* Propagate refs used on leaf elements to the surrounding list() structures. */
zend_propagate_list_refs(zend_ast * ast)3200 static bool zend_propagate_list_refs(zend_ast *ast) { /* {{{ */
3201 zend_ast_list *list = zend_ast_get_list(ast);
3202 bool has_refs = 0;
3203 uint32_t i;
3204
3205 for (i = 0; i < list->children; ++i) {
3206 zend_ast *elem_ast = list->child[i];
3207
3208 if (elem_ast) {
3209 zend_ast *var_ast = elem_ast->child[0];
3210 if (var_ast->kind == ZEND_AST_ARRAY) {
3211 elem_ast->attr = zend_propagate_list_refs(var_ast);
3212 }
3213 has_refs |= elem_ast->attr;
3214 }
3215 }
3216
3217 return has_refs;
3218 }
3219 /* }}} */
3220
list_is_keyed(zend_ast_list * list)3221 static bool list_is_keyed(zend_ast_list *list)
3222 {
3223 for (uint32_t i = 0; i < list->children; i++) {
3224 zend_ast *child = list->child[i];
3225 if (child) {
3226 return child->kind == ZEND_AST_ARRAY_ELEM && child->child[1] != NULL;
3227 }
3228 }
3229 return false;
3230 }
3231
zend_compile_list_assign(znode * result,zend_ast * ast,znode * expr_node,zend_ast_attr array_style)3232 static void zend_compile_list_assign(
3233 znode *result, zend_ast *ast, znode *expr_node, zend_ast_attr array_style) /* {{{ */
3234 {
3235 zend_ast_list *list = zend_ast_get_list(ast);
3236 uint32_t i;
3237 bool has_elems = 0;
3238 bool is_keyed = list_is_keyed(list);
3239
3240 if (list->children && expr_node->op_type == IS_CONST && Z_TYPE(expr_node->u.constant) == IS_STRING) {
3241 zval_make_interned_string(&expr_node->u.constant);
3242 }
3243
3244 for (i = 0; i < list->children; ++i) {
3245 zend_ast *elem_ast = list->child[i];
3246 zend_ast *var_ast, *key_ast;
3247 znode fetch_result, dim_node;
3248 zend_op *opline;
3249
3250 if (elem_ast == NULL) {
3251 if (is_keyed) {
3252 zend_error(E_COMPILE_ERROR,
3253 "Cannot use empty array entries in keyed array assignment");
3254 } else {
3255 continue;
3256 }
3257 }
3258
3259 if (elem_ast->kind == ZEND_AST_UNPACK) {
3260 zend_error(E_COMPILE_ERROR,
3261 "Spread operator is not supported in assignments");
3262 }
3263
3264 var_ast = elem_ast->child[0];
3265 key_ast = elem_ast->child[1];
3266 has_elems = 1;
3267
3268 if (is_keyed) {
3269 if (key_ast == NULL) {
3270 zend_error(E_COMPILE_ERROR,
3271 "Cannot mix keyed and unkeyed array entries in assignments");
3272 }
3273
3274 zend_compile_expr(&dim_node, key_ast);
3275 } else {
3276 if (key_ast != NULL) {
3277 zend_error(E_COMPILE_ERROR,
3278 "Cannot mix keyed and unkeyed array entries in assignments");
3279 }
3280
3281 dim_node.op_type = IS_CONST;
3282 ZVAL_LONG(&dim_node.u.constant, i);
3283 }
3284
3285 if (expr_node->op_type == IS_CONST) {
3286 Z_TRY_ADDREF(expr_node->u.constant);
3287 }
3288
3289 zend_verify_list_assign_target(var_ast, array_style);
3290
3291 opline = zend_emit_op(&fetch_result,
3292 elem_ast->attr ? (expr_node->op_type == IS_CV ? ZEND_FETCH_DIM_W : ZEND_FETCH_LIST_W) : ZEND_FETCH_LIST_R, expr_node, &dim_node);
3293
3294 if (dim_node.op_type == IS_CONST) {
3295 zend_handle_numeric_dim(opline, &dim_node);
3296 }
3297
3298 if (elem_ast->attr) {
3299 zend_emit_op(&fetch_result, ZEND_MAKE_REF, &fetch_result, NULL);
3300 }
3301 if (var_ast->kind == ZEND_AST_ARRAY) {
3302 zend_compile_list_assign(NULL, var_ast, &fetch_result, var_ast->attr);
3303 } else if (elem_ast->attr) {
3304 zend_emit_assign_ref_znode(var_ast, &fetch_result);
3305 } else {
3306 zend_emit_assign_znode(var_ast, &fetch_result);
3307 }
3308 }
3309
3310 if (has_elems == 0) {
3311 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use empty list");
3312 }
3313
3314 if (result) {
3315 *result = *expr_node;
3316 } else {
3317 zend_do_free(expr_node);
3318 }
3319 }
3320 /* }}} */
3321
zend_ensure_writable_variable(const zend_ast * ast)3322 static void zend_ensure_writable_variable(const zend_ast *ast) /* {{{ */
3323 {
3324 if (ast->kind == ZEND_AST_CALL) {
3325 zend_error_noreturn(E_COMPILE_ERROR, "Can't use function return value in write context");
3326 }
3327 if (
3328 ast->kind == ZEND_AST_METHOD_CALL
3329 || ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL
3330 || ast->kind == ZEND_AST_STATIC_CALL
3331 ) {
3332 zend_error_noreturn(E_COMPILE_ERROR, "Can't use method return value in write context");
3333 }
3334 if (zend_ast_is_short_circuited(ast)) {
3335 zend_error_noreturn(E_COMPILE_ERROR, "Can't use nullsafe operator in write context");
3336 }
3337 if (is_globals_fetch(ast)) {
3338 zend_error_noreturn(E_COMPILE_ERROR,
3339 "$GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax");
3340 }
3341 }
3342 /* }}} */
3343
3344 /* Detects $a... = $a pattern */
zend_is_assign_to_self(zend_ast * var_ast,zend_ast * expr_ast)3345 static bool zend_is_assign_to_self(zend_ast *var_ast, zend_ast *expr_ast) /* {{{ */
3346 {
3347 if (expr_ast->kind != ZEND_AST_VAR || expr_ast->child[0]->kind != ZEND_AST_ZVAL) {
3348 return 0;
3349 }
3350
3351 while (zend_is_variable(var_ast) && var_ast->kind != ZEND_AST_VAR) {
3352 var_ast = var_ast->child[0];
3353 }
3354
3355 if (var_ast->kind != ZEND_AST_VAR || var_ast->child[0]->kind != ZEND_AST_ZVAL) {
3356 return 0;
3357 }
3358
3359 {
3360 zend_string *name1 = zval_get_string(zend_ast_get_zval(var_ast->child[0]));
3361 zend_string *name2 = zval_get_string(zend_ast_get_zval(expr_ast->child[0]));
3362 bool result = zend_string_equals(name1, name2);
3363 zend_string_release_ex(name1, 0);
3364 zend_string_release_ex(name2, 0);
3365 return result;
3366 }
3367 }
3368 /* }}} */
3369
zend_compile_expr_with_potential_assign_to_self(znode * expr_node,zend_ast * expr_ast,zend_ast * var_ast)3370 static void zend_compile_expr_with_potential_assign_to_self(
3371 znode *expr_node, zend_ast *expr_ast, zend_ast *var_ast) {
3372 if (zend_is_assign_to_self(var_ast, expr_ast) && !is_this_fetch(expr_ast)) {
3373 /* $a[0] = $a should evaluate the right $a first */
3374 znode cv_node;
3375
3376 if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3377 zend_compile_simple_var_no_cv(expr_node, expr_ast, BP_VAR_R, 0);
3378 } else {
3379 zend_emit_op_tmp(expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3380 }
3381 } else {
3382 zend_compile_expr(expr_node, expr_ast);
3383 }
3384 }
3385
zend_compile_assign(znode * result,zend_ast * ast)3386 static void zend_compile_assign(znode *result, zend_ast *ast) /* {{{ */
3387 {
3388 zend_ast *var_ast = ast->child[0];
3389 zend_ast *expr_ast = ast->child[1];
3390
3391 znode var_node, expr_node;
3392 zend_op *opline;
3393 uint32_t offset;
3394 if (is_this_fetch(var_ast)) {
3395 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3396 }
3397
3398 zend_ensure_writable_variable(var_ast);
3399
3400 /* Treat $GLOBALS['x'] assignment like assignment to variable. */
3401 zend_ast_kind kind = is_global_var_fetch(var_ast) ? ZEND_AST_VAR : var_ast->kind;
3402 switch (kind) {
3403 case ZEND_AST_VAR:
3404 offset = zend_delayed_compile_begin();
3405 zend_delayed_compile_var(&var_node, var_ast, BP_VAR_W, 0);
3406 zend_compile_expr(&expr_node, expr_ast);
3407 zend_delayed_compile_end(offset);
3408 CG(zend_lineno) = zend_ast_get_lineno(var_ast);
3409 zend_emit_op_tmp(result, ZEND_ASSIGN, &var_node, &expr_node);
3410 return;
3411 case ZEND_AST_STATIC_PROP:
3412 offset = zend_delayed_compile_begin();
3413 zend_delayed_compile_var(result, var_ast, BP_VAR_W, 0);
3414 zend_compile_expr(&expr_node, expr_ast);
3415
3416 opline = zend_delayed_compile_end(offset);
3417 opline->opcode = ZEND_ASSIGN_STATIC_PROP;
3418 opline->result_type = IS_TMP_VAR;
3419 result->op_type = IS_TMP_VAR;
3420
3421 zend_emit_op_data(&expr_node);
3422 return;
3423 case ZEND_AST_DIM:
3424 offset = zend_delayed_compile_begin();
3425 zend_delayed_compile_dim(result, var_ast, BP_VAR_W, /* by_ref */ false);
3426 zend_compile_expr_with_potential_assign_to_self(&expr_node, expr_ast, var_ast);
3427
3428 opline = zend_delayed_compile_end(offset);
3429 opline->opcode = ZEND_ASSIGN_DIM;
3430 opline->result_type = IS_TMP_VAR;
3431 result->op_type = IS_TMP_VAR;
3432
3433 opline = zend_emit_op_data(&expr_node);
3434 return;
3435 case ZEND_AST_PROP:
3436 case ZEND_AST_NULLSAFE_PROP:
3437 offset = zend_delayed_compile_begin();
3438 zend_delayed_compile_prop(result, var_ast, BP_VAR_W);
3439 zend_compile_expr(&expr_node, expr_ast);
3440
3441 opline = zend_delayed_compile_end(offset);
3442 opline->opcode = ZEND_ASSIGN_OBJ;
3443 opline->result_type = IS_TMP_VAR;
3444 result->op_type = IS_TMP_VAR;
3445
3446 zend_emit_op_data(&expr_node);
3447 return;
3448 case ZEND_AST_ARRAY:
3449 if (zend_propagate_list_refs(var_ast)) {
3450 if (!zend_is_variable_or_call(expr_ast)) {
3451 zend_error_noreturn(E_COMPILE_ERROR,
3452 "Cannot assign reference to non referenceable value");
3453 } else if (zend_ast_is_short_circuited(expr_ast)) {
3454 zend_error_noreturn(E_COMPILE_ERROR,
3455 "Cannot take reference of a nullsafe chain");
3456 }
3457
3458 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
3459 /* MAKE_REF is usually not necessary for CVs. However, if there are
3460 * self-assignments, this forces the RHS to evaluate first. */
3461 zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
3462 } else {
3463 if (expr_ast->kind == ZEND_AST_VAR) {
3464 /* list($a, $b) = $a should evaluate the right $a first */
3465 znode cv_node;
3466
3467 if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3468 zend_compile_simple_var_no_cv(&expr_node, expr_ast, BP_VAR_R, 0);
3469 } else {
3470 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3471 }
3472 } else {
3473 zend_compile_expr(&expr_node, expr_ast);
3474 }
3475 }
3476
3477 zend_compile_list_assign(result, var_ast, &expr_node, var_ast->attr);
3478 return;
3479 EMPTY_SWITCH_DEFAULT_CASE();
3480 }
3481 }
3482 /* }}} */
3483
zend_compile_assign_ref(znode * result,zend_ast * ast)3484 static void zend_compile_assign_ref(znode *result, zend_ast *ast) /* {{{ */
3485 {
3486 zend_ast *target_ast = ast->child[0];
3487 zend_ast *source_ast = ast->child[1];
3488
3489 znode target_node, source_node;
3490 zend_op *opline;
3491 uint32_t offset, flags;
3492
3493 if (is_this_fetch(target_ast)) {
3494 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3495 }
3496 zend_ensure_writable_variable(target_ast);
3497 if (zend_ast_is_short_circuited(source_ast)) {
3498 zend_error_noreturn(E_COMPILE_ERROR, "Cannot take reference of a nullsafe chain");
3499 }
3500 if (is_globals_fetch(source_ast)) {
3501 zend_error_noreturn(E_COMPILE_ERROR, "Cannot acquire reference to $GLOBALS");
3502 }
3503
3504 offset = zend_delayed_compile_begin();
3505 zend_delayed_compile_var(&target_node, target_ast, BP_VAR_W, 1);
3506 zend_compile_var(&source_node, source_ast, BP_VAR_W, 1);
3507
3508 if ((target_ast->kind != ZEND_AST_VAR
3509 || target_ast->child[0]->kind != ZEND_AST_ZVAL)
3510 && source_ast->kind != ZEND_AST_ZNODE
3511 && source_node.op_type != IS_CV) {
3512 /* Both LHS and RHS expressions may modify the same data structure,
3513 * and the modification during RHS evaluation may dangle the pointer
3514 * to the result of the LHS evaluation.
3515 * Use MAKE_REF instruction to replace direct pointer with REFERENCE.
3516 * See: Bug #71539
3517 */
3518 zend_emit_op(&source_node, ZEND_MAKE_REF, &source_node, NULL);
3519 }
3520
3521 opline = zend_delayed_compile_end(offset);
3522
3523 if (source_node.op_type != IS_VAR && zend_is_call(source_ast)) {
3524 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
3525 }
3526
3527 flags = zend_is_call(source_ast) ? ZEND_RETURNS_FUNCTION : 0;
3528
3529 if (opline && opline->opcode == ZEND_FETCH_OBJ_W) {
3530 opline->opcode = ZEND_ASSIGN_OBJ_REF;
3531 opline->extended_value &= ~ZEND_FETCH_REF;
3532 opline->extended_value |= flags;
3533 zend_emit_op_data(&source_node);
3534 *result = target_node;
3535 } else if (opline && opline->opcode == ZEND_FETCH_STATIC_PROP_W) {
3536 opline->opcode = ZEND_ASSIGN_STATIC_PROP_REF;
3537 opline->extended_value &= ~ZEND_FETCH_REF;
3538 opline->extended_value |= flags;
3539 zend_emit_op_data(&source_node);
3540 *result = target_node;
3541 } else {
3542 opline = zend_emit_op(result, ZEND_ASSIGN_REF, &target_node, &source_node);
3543 opline->extended_value = flags;
3544 }
3545 }
3546 /* }}} */
3547
zend_emit_assign_ref_znode(zend_ast * var_ast,znode * value_node)3548 static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
3549 {
3550 znode dummy_node;
3551 zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN_REF, var_ast,
3552 zend_ast_create_znode(value_node));
3553 zend_compile_expr(&dummy_node, assign_ast);
3554 zend_do_free(&dummy_node);
3555 }
3556 /* }}} */
3557
zend_compile_compound_assign(znode * result,zend_ast * ast)3558 static void zend_compile_compound_assign(znode *result, zend_ast *ast) /* {{{ */
3559 {
3560 zend_ast *var_ast = ast->child[0];
3561 zend_ast *expr_ast = ast->child[1];
3562 uint32_t opcode = ast->attr;
3563
3564 znode var_node, expr_node;
3565 zend_op *opline;
3566 uint32_t offset, cache_slot;
3567
3568 zend_ensure_writable_variable(var_ast);
3569
3570 /* Treat $GLOBALS['x'] assignment like assignment to variable. */
3571 zend_ast_kind kind = is_global_var_fetch(var_ast) ? ZEND_AST_VAR : var_ast->kind;
3572 switch (kind) {
3573 case ZEND_AST_VAR:
3574 offset = zend_delayed_compile_begin();
3575 zend_delayed_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
3576 zend_compile_expr(&expr_node, expr_ast);
3577 zend_delayed_compile_end(offset);
3578 opline = zend_emit_op_tmp(result, ZEND_ASSIGN_OP, &var_node, &expr_node);
3579 opline->extended_value = opcode;
3580 return;
3581 case ZEND_AST_STATIC_PROP:
3582 offset = zend_delayed_compile_begin();
3583 zend_delayed_compile_var(result, var_ast, BP_VAR_RW, 0);
3584 zend_compile_expr(&expr_node, expr_ast);
3585
3586 opline = zend_delayed_compile_end(offset);
3587 cache_slot = opline->extended_value;
3588 opline->opcode = ZEND_ASSIGN_STATIC_PROP_OP;
3589 opline->extended_value = opcode;
3590 opline->result_type = IS_TMP_VAR;
3591 result->op_type = IS_TMP_VAR;
3592
3593 opline = zend_emit_op_data(&expr_node);
3594 opline->extended_value = cache_slot;
3595 return;
3596 case ZEND_AST_DIM:
3597 offset = zend_delayed_compile_begin();
3598 zend_delayed_compile_dim(result, var_ast, BP_VAR_RW, /* by_ref */ false);
3599 zend_compile_expr_with_potential_assign_to_self(&expr_node, expr_ast, var_ast);
3600
3601 opline = zend_delayed_compile_end(offset);
3602 opline->opcode = ZEND_ASSIGN_DIM_OP;
3603 opline->extended_value = opcode;
3604 opline->result_type = IS_TMP_VAR;
3605 result->op_type = IS_TMP_VAR;
3606
3607 zend_emit_op_data(&expr_node);
3608 return;
3609 case ZEND_AST_PROP:
3610 case ZEND_AST_NULLSAFE_PROP:
3611 offset = zend_delayed_compile_begin();
3612 zend_delayed_compile_prop(result, var_ast, BP_VAR_RW);
3613 zend_compile_expr(&expr_node, expr_ast);
3614
3615 opline = zend_delayed_compile_end(offset);
3616 cache_slot = opline->extended_value;
3617 opline->opcode = ZEND_ASSIGN_OBJ_OP;
3618 opline->extended_value = opcode;
3619 opline->result_type = IS_TMP_VAR;
3620 result->op_type = IS_TMP_VAR;
3621
3622 opline = zend_emit_op_data(&expr_node);
3623 opline->extended_value = cache_slot;
3624 return;
3625 EMPTY_SWITCH_DEFAULT_CASE()
3626 }
3627 }
3628 /* }}} */
3629
zend_get_arg_num(zend_function * fn,zend_string * arg_name)3630 static uint32_t zend_get_arg_num(zend_function *fn, zend_string *arg_name) {
3631 // TODO: Caching?
3632 if (fn->type == ZEND_USER_FUNCTION) {
3633 for (uint32_t i = 0; i < fn->common.num_args; i++) {
3634 zend_arg_info *arg_info = &fn->op_array.arg_info[i];
3635 if (zend_string_equals(arg_info->name, arg_name)) {
3636 return i + 1;
3637 }
3638 }
3639 } else {
3640 for (uint32_t i = 0; i < fn->common.num_args; i++) {
3641 zend_internal_arg_info *arg_info = &fn->internal_function.arg_info[i];
3642 size_t len = strlen(arg_info->name);
3643 if (zend_string_equals_cstr(arg_name, arg_info->name, len)) {
3644 return i + 1;
3645 }
3646 }
3647 }
3648
3649 /* Either an invalid argument name, or collected into a variadic argument. */
3650 return (uint32_t) -1;
3651 }
3652
zend_compile_args(zend_ast * ast,zend_function * fbc,bool * may_have_extra_named_args)3653 static uint32_t zend_compile_args(
3654 zend_ast *ast, zend_function *fbc, bool *may_have_extra_named_args) /* {{{ */
3655 {
3656 zend_ast_list *args = zend_ast_get_list(ast);
3657 uint32_t i;
3658 bool uses_arg_unpack = 0;
3659 uint32_t arg_count = 0; /* number of arguments not including unpacks */
3660
3661 /* Whether named arguments are used syntactically, to enforce language level limitations.
3662 * May not actually use named argument passing. */
3663 bool uses_named_args = 0;
3664 /* Whether there may be any undef arguments due to the use of named arguments. */
3665 bool may_have_undef = 0;
3666 /* Whether there may be any extra named arguments collected into a variadic. */
3667 *may_have_extra_named_args = 0;
3668
3669 for (i = 0; i < args->children; ++i) {
3670 zend_ast *arg = args->child[i];
3671 zend_string *arg_name = NULL;
3672 uint32_t arg_num = i + 1;
3673
3674 znode arg_node;
3675 zend_op *opline;
3676 uint8_t opcode;
3677
3678 if (arg->kind == ZEND_AST_UNPACK) {
3679 if (uses_named_args) {
3680 zend_error_noreturn(E_COMPILE_ERROR,
3681 "Cannot use argument unpacking after named arguments");
3682 }
3683
3684 uses_arg_unpack = 1;
3685 fbc = NULL;
3686
3687 zend_compile_expr(&arg_node, arg->child[0]);
3688 opline = zend_emit_op(NULL, ZEND_SEND_UNPACK, &arg_node, NULL);
3689 opline->op2.num = arg_count;
3690 opline->result.var = EX_NUM_TO_VAR(arg_count - 1);
3691
3692 /* Unpack may contain named arguments. */
3693 may_have_undef = 1;
3694 if (!fbc || (fbc->common.fn_flags & ZEND_ACC_VARIADIC)) {
3695 *may_have_extra_named_args = 1;
3696 }
3697 continue;
3698 }
3699
3700 if (arg->kind == ZEND_AST_NAMED_ARG) {
3701 uses_named_args = 1;
3702 arg_name = zval_make_interned_string(zend_ast_get_zval(arg->child[0]));
3703 arg = arg->child[1];
3704
3705 if (fbc && !uses_arg_unpack) {
3706 arg_num = zend_get_arg_num(fbc, arg_name);
3707 if (arg_num == arg_count + 1 && !may_have_undef) {
3708 /* Using named arguments, but passing in order. */
3709 arg_name = NULL;
3710 arg_count++;
3711 } else {
3712 // TODO: We could track which arguments were passed, even if out of order.
3713 may_have_undef = 1;
3714 if (arg_num == (uint32_t) -1 && (fbc->common.fn_flags & ZEND_ACC_VARIADIC)) {
3715 *may_have_extra_named_args = 1;
3716 }
3717 }
3718 } else {
3719 arg_num = (uint32_t) -1;
3720 may_have_undef = 1;
3721 *may_have_extra_named_args = 1;
3722 }
3723 } else {
3724 if (uses_arg_unpack) {
3725 zend_error_noreturn(E_COMPILE_ERROR,
3726 "Cannot use positional argument after argument unpacking");
3727 }
3728
3729 if (uses_named_args) {
3730 zend_error_noreturn(E_COMPILE_ERROR,
3731 "Cannot use positional argument after named argument");
3732 }
3733
3734 arg_count++;
3735 }
3736
3737 /* Treat passing of $GLOBALS the same as passing a call.
3738 * This will error at runtime if the argument is by-ref. */
3739 if (zend_is_call(arg) || is_globals_fetch(arg)) {
3740 zend_compile_var(&arg_node, arg, BP_VAR_R, 0);
3741 if (arg_node.op_type & (IS_CONST|IS_TMP_VAR)) {
3742 /* Function call was converted into builtin instruction */
3743 if (!fbc || ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3744 opcode = ZEND_SEND_VAL_EX;
3745 } else {
3746 opcode = ZEND_SEND_VAL;
3747 }
3748 } else {
3749 if (fbc && arg_num != (uint32_t) -1) {
3750 if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3751 opcode = ZEND_SEND_VAR_NO_REF;
3752 } else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3753 /* For IS_VAR operands, SEND_VAL will pass through the operand without
3754 * dereferencing, so it will use a by-ref pass if the call returned by-ref
3755 * and a by-value pass if it returned by-value. */
3756 opcode = ZEND_SEND_VAL;
3757 } else {
3758 opcode = ZEND_SEND_VAR;
3759 }
3760 } else {
3761 opcode = ZEND_SEND_VAR_NO_REF_EX;
3762 }
3763 }
3764 } else if (zend_is_variable(arg) && !zend_ast_is_short_circuited(arg)) {
3765 if (fbc && arg_num != (uint32_t) -1) {
3766 if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3767 zend_compile_var(&arg_node, arg, BP_VAR_W, 1);
3768 opcode = ZEND_SEND_REF;
3769 } else {
3770 zend_compile_var(&arg_node, arg, BP_VAR_R, 0);
3771 opcode = (arg_node.op_type == IS_TMP_VAR) ? ZEND_SEND_VAL : ZEND_SEND_VAR;
3772 }
3773 } else {
3774 do {
3775 if (arg->kind == ZEND_AST_VAR) {
3776 CG(zend_lineno) = zend_ast_get_lineno(ast);
3777 if (is_this_fetch(arg)) {
3778 zend_emit_op(&arg_node, ZEND_FETCH_THIS, NULL, NULL);
3779 opcode = ZEND_SEND_VAR_EX;
3780 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
3781 break;
3782 } else if (zend_try_compile_cv(&arg_node, arg) == SUCCESS) {
3783 opcode = ZEND_SEND_VAR_EX;
3784 break;
3785 }
3786 }
3787 opline = zend_emit_op(NULL, ZEND_CHECK_FUNC_ARG, NULL, NULL);
3788 if (arg_name) {
3789 opline->op2_type = IS_CONST;
3790 zend_string_addref(arg_name);
3791 opline->op2.constant = zend_add_literal_string(&arg_name);
3792 opline->result.num = zend_alloc_cache_slots(2);
3793 } else {
3794 opline->op2.num = arg_num;
3795 }
3796 zend_compile_var(&arg_node, arg, BP_VAR_FUNC_ARG, 1);
3797 opcode = ZEND_SEND_FUNC_ARG;
3798 } while (0);
3799 }
3800 } else {
3801 zend_compile_expr(&arg_node, arg);
3802 if (arg_node.op_type == IS_VAR) {
3803 /* pass ++$a or something similar */
3804 if (fbc && arg_num != (uint32_t) -1) {
3805 if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3806 opcode = ZEND_SEND_VAR_NO_REF;
3807 } else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3808 opcode = ZEND_SEND_VAL;
3809 } else {
3810 opcode = ZEND_SEND_VAR;
3811 }
3812 } else {
3813 opcode = ZEND_SEND_VAR_NO_REF_EX;
3814 }
3815 } else if (arg_node.op_type == IS_CV) {
3816 if (fbc && arg_num != (uint32_t) -1) {
3817 if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3818 opcode = ZEND_SEND_REF;
3819 } else {
3820 opcode = ZEND_SEND_VAR;
3821 }
3822 } else {
3823 opcode = ZEND_SEND_VAR_EX;
3824 }
3825 } else {
3826 /* Delay "Only variables can be passed by reference" error to execution */
3827 if (fbc && arg_num != (uint32_t) -1 && !ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3828 opcode = ZEND_SEND_VAL;
3829 } else {
3830 opcode = ZEND_SEND_VAL_EX;
3831 }
3832 }
3833 }
3834
3835 opline = zend_emit_op(NULL, opcode, &arg_node, NULL);
3836 if (arg_name) {
3837 opline->op2_type = IS_CONST;
3838 zend_string_addref(arg_name);
3839 opline->op2.constant = zend_add_literal_string(&arg_name);
3840 opline->result.num = zend_alloc_cache_slots(2);
3841 } else {
3842 opline->op2.opline_num = arg_num;
3843 opline->result.var = EX_NUM_TO_VAR(arg_num - 1);
3844 }
3845 }
3846
3847 if (may_have_undef) {
3848 zend_emit_op(NULL, ZEND_CHECK_UNDEF_ARGS, NULL, NULL);
3849 }
3850
3851 return arg_count;
3852 }
3853 /* }}} */
3854
zend_get_call_op(const zend_op * init_op,zend_function * fbc)3855 ZEND_API uint8_t zend_get_call_op(const zend_op *init_op, zend_function *fbc) /* {{{ */
3856 {
3857 if (fbc) {
3858 ZEND_ASSERT(!(fbc->common.fn_flags & ZEND_ACC_CALL_VIA_TRAMPOLINE));
3859 if (fbc->type == ZEND_INTERNAL_FUNCTION && !(CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS)) {
3860 if (init_op->opcode == ZEND_INIT_FCALL && !zend_execute_internal) {
3861 if (!(fbc->common.fn_flags & ZEND_ACC_DEPRECATED)) {
3862 return ZEND_DO_ICALL;
3863 } else {
3864 return ZEND_DO_FCALL_BY_NAME;
3865 }
3866 }
3867 } else if (!(CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS)){
3868 if (zend_execute_ex == execute_ex) {
3869 return ZEND_DO_UCALL;
3870 }
3871 }
3872 } else if (zend_execute_ex == execute_ex &&
3873 !zend_execute_internal &&
3874 (init_op->opcode == ZEND_INIT_FCALL_BY_NAME ||
3875 init_op->opcode == ZEND_INIT_NS_FCALL_BY_NAME)) {
3876 return ZEND_DO_FCALL_BY_NAME;
3877 }
3878 return ZEND_DO_FCALL;
3879 }
3880 /* }}} */
3881
zend_compile_call_common(znode * result,zend_ast * args_ast,zend_function * fbc,uint32_t lineno)3882 static bool zend_compile_call_common(znode *result, zend_ast *args_ast, zend_function *fbc, uint32_t lineno) /* {{{ */
3883 {
3884 zend_op *opline;
3885 uint32_t opnum_init = get_next_op_number() - 1;
3886
3887 if (args_ast->kind == ZEND_AST_CALLABLE_CONVERT) {
3888 opline = &CG(active_op_array)->opcodes[opnum_init];
3889 opline->extended_value = 0;
3890
3891 if (opline->opcode == ZEND_NEW) {
3892 zend_error_noreturn(E_COMPILE_ERROR, "Cannot create Closure for new expression");
3893 }
3894
3895 if (opline->opcode == ZEND_INIT_FCALL) {
3896 opline->op1.num = zend_vm_calc_used_stack(0, fbc);
3897 }
3898
3899 zend_emit_op_tmp(result, ZEND_CALLABLE_CONVERT, NULL, NULL);
3900 return true;
3901 }
3902
3903 bool may_have_extra_named_args;
3904 uint32_t arg_count = zend_compile_args(args_ast, fbc, &may_have_extra_named_args);
3905
3906 zend_do_extended_fcall_begin();
3907
3908 opline = &CG(active_op_array)->opcodes[opnum_init];
3909 opline->extended_value = arg_count;
3910
3911 if (opline->opcode == ZEND_INIT_FCALL) {
3912 opline->op1.num = zend_vm_calc_used_stack(arg_count, fbc);
3913 }
3914
3915 opline = zend_emit_op(result, zend_get_call_op(opline, fbc), NULL, NULL);
3916 if (may_have_extra_named_args) {
3917 opline->extended_value = ZEND_FCALL_MAY_HAVE_EXTRA_NAMED_PARAMS;
3918 }
3919 opline->lineno = lineno;
3920 zend_do_extended_fcall_end();
3921 return false;
3922 }
3923 /* }}} */
3924
zend_compile_function_name(znode * name_node,zend_ast * name_ast)3925 static bool zend_compile_function_name(znode *name_node, zend_ast *name_ast) /* {{{ */
3926 {
3927 zend_string *orig_name = zend_ast_get_str(name_ast);
3928 bool is_fully_qualified;
3929
3930 name_node->op_type = IS_CONST;
3931 ZVAL_STR(&name_node->u.constant, zend_resolve_function_name(
3932 orig_name, name_ast->attr, &is_fully_qualified));
3933
3934 return !is_fully_qualified && FC(current_namespace);
3935 }
3936 /* }}} */
3937
zend_compile_dynamic_call(znode * result,znode * name_node,zend_ast * args_ast,uint32_t lineno)3938 static void zend_compile_dynamic_call(znode *result, znode *name_node, zend_ast *args_ast, uint32_t lineno) /* {{{ */
3939 {
3940 if (name_node->op_type == IS_CONST && Z_TYPE(name_node->u.constant) == IS_STRING) {
3941 const char *colon;
3942 zend_string *str = Z_STR(name_node->u.constant);
3943 if ((colon = zend_memrchr(ZSTR_VAL(str), ':', ZSTR_LEN(str))) != NULL && colon > ZSTR_VAL(str) && *(colon - 1) == ':') {
3944 zend_string *class = zend_string_init(ZSTR_VAL(str), colon - ZSTR_VAL(str) - 1, 0);
3945 zend_string *method = zend_string_init(colon + 1, ZSTR_LEN(str) - (colon - ZSTR_VAL(str)) - 1, 0);
3946 zend_op *opline = get_next_op();
3947
3948 opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
3949 opline->op1_type = IS_CONST;
3950 opline->op1.constant = zend_add_class_name_literal(class);
3951 opline->op2_type = IS_CONST;
3952 opline->op2.constant = zend_add_func_name_literal(method);
3953 /* 2 slots, for class and method */
3954 opline->result.num = zend_alloc_cache_slots(2);
3955 zval_ptr_dtor(&name_node->u.constant);
3956 } else {
3957 zend_op *opline = get_next_op();
3958
3959 opline->opcode = ZEND_INIT_FCALL_BY_NAME;
3960 opline->op2_type = IS_CONST;
3961 opline->op2.constant = zend_add_func_name_literal(str);
3962 opline->result.num = zend_alloc_cache_slot();
3963 }
3964 } else {
3965 zend_emit_op(NULL, ZEND_INIT_DYNAMIC_CALL, NULL, name_node);
3966 }
3967
3968 zend_compile_call_common(result, args_ast, NULL, lineno);
3969 }
3970 /* }}} */
3971
zend_args_contain_unpack_or_named(zend_ast_list * args)3972 static inline bool zend_args_contain_unpack_or_named(zend_ast_list *args) /* {{{ */
3973 {
3974 uint32_t i;
3975 for (i = 0; i < args->children; ++i) {
3976 zend_ast *arg = args->child[i];
3977 if (arg->kind == ZEND_AST_UNPACK || arg->kind == ZEND_AST_NAMED_ARG) {
3978 return 1;
3979 }
3980 }
3981 return 0;
3982 }
3983 /* }}} */
3984
zend_compile_func_strlen(znode * result,zend_ast_list * args)3985 static zend_result zend_compile_func_strlen(znode *result, zend_ast_list *args) /* {{{ */
3986 {
3987 znode arg_node;
3988
3989 if (args->children != 1) {
3990 return FAILURE;
3991 }
3992
3993 zend_compile_expr(&arg_node, args->child[0]);
3994 if (arg_node.op_type == IS_CONST && Z_TYPE(arg_node.u.constant) == IS_STRING) {
3995 result->op_type = IS_CONST;
3996 ZVAL_LONG(&result->u.constant, Z_STRLEN(arg_node.u.constant));
3997 zval_ptr_dtor_str(&arg_node.u.constant);
3998 } else {
3999 zend_emit_op_tmp(result, ZEND_STRLEN, &arg_node, NULL);
4000 }
4001 return SUCCESS;
4002 }
4003 /* }}} */
4004
zend_compile_func_typecheck(znode * result,zend_ast_list * args,uint32_t type)4005 static zend_result zend_compile_func_typecheck(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
4006 {
4007 znode arg_node;
4008 zend_op *opline;
4009
4010 if (args->children != 1) {
4011 return FAILURE;
4012 }
4013
4014 zend_compile_expr(&arg_node, args->child[0]);
4015 opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
4016 if (type != _IS_BOOL) {
4017 opline->extended_value = (1 << type);
4018 } else {
4019 opline->extended_value = (1 << IS_FALSE) | (1 << IS_TRUE);
4020 }
4021 return SUCCESS;
4022 }
4023 /* }}} */
4024
zend_compile_func_is_scalar(znode * result,zend_ast_list * args)4025 static zend_result zend_compile_func_is_scalar(znode *result, zend_ast_list *args) /* {{{ */
4026 {
4027 znode arg_node;
4028 zend_op *opline;
4029
4030 if (args->children != 1) {
4031 return FAILURE;
4032 }
4033
4034 zend_compile_expr(&arg_node, args->child[0]);
4035 opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
4036 opline->extended_value = (1 << IS_FALSE | 1 << IS_TRUE | 1 << IS_DOUBLE | 1 << IS_LONG | 1 << IS_STRING);
4037 return SUCCESS;
4038 }
4039
zend_compile_func_cast(znode * result,zend_ast_list * args,uint32_t type)4040 static zend_result zend_compile_func_cast(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
4041 {
4042 znode arg_node;
4043 zend_op *opline;
4044
4045 if (args->children != 1) {
4046 return FAILURE;
4047 }
4048
4049 zend_compile_expr(&arg_node, args->child[0]);
4050 if (type == _IS_BOOL) {
4051 opline = zend_emit_op_tmp(result, ZEND_BOOL, &arg_node, NULL);
4052 } else {
4053 opline = zend_emit_op_tmp(result, ZEND_CAST, &arg_node, NULL);
4054 opline->extended_value = type;
4055 }
4056 return SUCCESS;
4057 }
4058 /* }}} */
4059
zend_compile_func_defined(znode * result,zend_ast_list * args)4060 static zend_result zend_compile_func_defined(znode *result, zend_ast_list *args) /* {{{ */
4061 {
4062 zend_string *name;
4063 zend_op *opline;
4064
4065 if (args->children != 1 || args->child[0]->kind != ZEND_AST_ZVAL) {
4066 return FAILURE;
4067 }
4068
4069 name = zval_get_string(zend_ast_get_zval(args->child[0]));
4070 if (zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name)) || zend_memrchr(ZSTR_VAL(name), ':', ZSTR_LEN(name))) {
4071 zend_string_release_ex(name, 0);
4072 return FAILURE;
4073 }
4074
4075 if (zend_try_ct_eval_const(&result->u.constant, name, 0)) {
4076 zend_string_release_ex(name, 0);
4077 zval_ptr_dtor(&result->u.constant);
4078 ZVAL_TRUE(&result->u.constant);
4079 result->op_type = IS_CONST;
4080 return SUCCESS;
4081 }
4082
4083 opline = zend_emit_op_tmp(result, ZEND_DEFINED, NULL, NULL);
4084 opline->op1_type = IS_CONST;
4085 LITERAL_STR(opline->op1, name);
4086 opline->extended_value = zend_alloc_cache_slot();
4087
4088 return SUCCESS;
4089 }
4090 /* }}} */
4091
zend_compile_func_chr(znode * result,zend_ast_list * args)4092 static zend_result zend_compile_func_chr(znode *result, zend_ast_list *args) /* {{{ */
4093 {
4094
4095 if (args->children == 1 &&
4096 args->child[0]->kind == ZEND_AST_ZVAL &&
4097 Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_LONG) {
4098
4099 zend_long c = Z_LVAL_P(zend_ast_get_zval(args->child[0])) & 0xff;
4100
4101 result->op_type = IS_CONST;
4102 ZVAL_CHAR(&result->u.constant, c);
4103 return SUCCESS;
4104 } else {
4105 return FAILURE;
4106 }
4107 }
4108 /* }}} */
4109
zend_compile_func_ord(znode * result,zend_ast_list * args)4110 static zend_result zend_compile_func_ord(znode *result, zend_ast_list *args) /* {{{ */
4111 {
4112 if (args->children == 1 &&
4113 args->child[0]->kind == ZEND_AST_ZVAL &&
4114 Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_STRING) {
4115
4116 result->op_type = IS_CONST;
4117 ZVAL_LONG(&result->u.constant, (unsigned char)Z_STRVAL_P(zend_ast_get_zval(args->child[0]))[0]);
4118 return SUCCESS;
4119 } else {
4120 return FAILURE;
4121 }
4122 }
4123 /* }}} */
4124
4125 /* We can only calculate the stack size for functions that have been fully compiled, otherwise
4126 * additional CV or TMP slots may still be added. This prevents the use of INIT_FCALL for
4127 * directly or indirectly recursive function calls. */
fbc_is_finalized(zend_function * fbc)4128 static bool fbc_is_finalized(zend_function *fbc) {
4129 return !ZEND_USER_CODE(fbc->type) || (fbc->common.fn_flags & ZEND_ACC_DONE_PASS_TWO);
4130 }
4131
zend_try_compile_ct_bound_init_user_func(zend_ast * name_ast,uint32_t num_args)4132 static zend_result zend_try_compile_ct_bound_init_user_func(zend_ast *name_ast, uint32_t num_args) /* {{{ */
4133 {
4134 zend_string *name, *lcname;
4135 zend_function *fbc;
4136 zend_op *opline;
4137
4138 if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
4139 return FAILURE;
4140 }
4141
4142 name = zend_ast_get_str(name_ast);
4143 lcname = zend_string_tolower(name);
4144
4145 fbc = zend_hash_find_ptr(CG(function_table), lcname);
4146 if (!fbc || !fbc_is_finalized(fbc)
4147 || (fbc->type == ZEND_INTERNAL_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS))
4148 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS))
4149 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES) && fbc->op_array.filename != CG(active_op_array)->filename)
4150 ) {
4151 zend_string_release_ex(lcname, 0);
4152 return FAILURE;
4153 }
4154
4155 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, NULL);
4156 opline->extended_value = num_args;
4157 opline->op1.num = zend_vm_calc_used_stack(num_args, fbc);
4158 opline->op2_type = IS_CONST;
4159 LITERAL_STR(opline->op2, lcname);
4160 opline->result.num = zend_alloc_cache_slot();
4161
4162 return SUCCESS;
4163 }
4164 /* }}} */
4165
zend_compile_init_user_func(zend_ast * name_ast,uint32_t num_args,zend_string * orig_func_name)4166 static void zend_compile_init_user_func(zend_ast *name_ast, uint32_t num_args, zend_string *orig_func_name) /* {{{ */
4167 {
4168 zend_op *opline;
4169 znode name_node;
4170
4171 if (zend_try_compile_ct_bound_init_user_func(name_ast, num_args) == SUCCESS) {
4172 return;
4173 }
4174
4175 zend_compile_expr(&name_node, name_ast);
4176
4177 opline = zend_emit_op(NULL, ZEND_INIT_USER_CALL, NULL, &name_node);
4178 opline->op1_type = IS_CONST;
4179 LITERAL_STR(opline->op1, zend_string_copy(orig_func_name));
4180 opline->extended_value = num_args;
4181 }
4182 /* }}} */
4183
4184 /* cufa = call_user_func_array */
zend_compile_func_cufa(znode * result,zend_ast_list * args,zend_string * lcname)4185 static zend_result zend_compile_func_cufa(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4186 {
4187 znode arg_node;
4188 zend_op *opline;
4189
4190 if (args->children != 2) {
4191 return FAILURE;
4192 }
4193
4194 zend_compile_init_user_func(args->child[0], 0, lcname);
4195 if (args->child[1]->kind == ZEND_AST_CALL
4196 && args->child[1]->child[0]->kind == ZEND_AST_ZVAL
4197 && Z_TYPE_P(zend_ast_get_zval(args->child[1]->child[0])) == IS_STRING
4198 && args->child[1]->child[1]->kind == ZEND_AST_ARG_LIST) {
4199 zend_string *orig_name = zend_ast_get_str(args->child[1]->child[0]);
4200 zend_ast_list *list = zend_ast_get_list(args->child[1]->child[1]);
4201 bool is_fully_qualified;
4202 zend_string *name = zend_resolve_function_name(orig_name, args->child[1]->child[0]->attr, &is_fully_qualified);
4203
4204 if (zend_string_equals_literal_ci(name, "array_slice")
4205 && !zend_args_contain_unpack_or_named(list)
4206 && list->children == 3
4207 && list->child[1]->kind == ZEND_AST_ZVAL) {
4208 zval *zv = zend_ast_get_zval(list->child[1]);
4209
4210 if (Z_TYPE_P(zv) == IS_LONG
4211 && Z_LVAL_P(zv) >= 0
4212 && Z_LVAL_P(zv) <= 0x7fffffff) {
4213 zend_op *opline;
4214 znode len_node;
4215
4216 zend_compile_expr(&arg_node, list->child[0]);
4217 zend_compile_expr(&len_node, list->child[2]);
4218 opline = zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, &len_node);
4219 opline->extended_value = Z_LVAL_P(zv);
4220 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
4221 zend_string_release_ex(name, 0);
4222 return SUCCESS;
4223 }
4224 }
4225 zend_string_release_ex(name, 0);
4226 }
4227 zend_compile_expr(&arg_node, args->child[1]);
4228 zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, NULL);
4229 zend_emit_op(NULL, ZEND_CHECK_UNDEF_ARGS, NULL, NULL);
4230 opline = zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
4231 opline->extended_value = ZEND_FCALL_MAY_HAVE_EXTRA_NAMED_PARAMS;
4232
4233 return SUCCESS;
4234 }
4235 /* }}} */
4236
4237 /* cuf = call_user_func */
zend_compile_func_cuf(znode * result,zend_ast_list * args,zend_string * lcname)4238 static zend_result zend_compile_func_cuf(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4239 {
4240 uint32_t i;
4241
4242 if (args->children < 1) {
4243 return FAILURE;
4244 }
4245
4246 zend_compile_init_user_func(args->child[0], args->children - 1, lcname);
4247 for (i = 1; i < args->children; ++i) {
4248 zend_ast *arg_ast = args->child[i];
4249 znode arg_node;
4250 zend_op *opline;
4251
4252 zend_compile_expr(&arg_node, arg_ast);
4253
4254 opline = zend_emit_op(NULL, ZEND_SEND_USER, &arg_node, NULL);
4255 opline->op2.num = i;
4256 opline->result.var = EX_NUM_TO_VAR(i - 1);
4257 }
4258 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
4259
4260 return SUCCESS;
4261 }
4262 /* }}} */
4263
zend_compile_assert(znode * result,zend_ast_list * args,zend_string * name,zend_function * fbc,uint32_t lineno)4264 static void zend_compile_assert(znode *result, zend_ast_list *args, zend_string *name, zend_function *fbc, uint32_t lineno) /* {{{ */
4265 {
4266 if (EG(assertions) >= 0) {
4267 znode name_node;
4268 zend_op *opline;
4269 uint32_t check_op_number = get_next_op_number();
4270
4271 zend_emit_op(NULL, ZEND_ASSERT_CHECK, NULL, NULL);
4272
4273 if (fbc && fbc_is_finalized(fbc)) {
4274 name_node.op_type = IS_CONST;
4275 ZVAL_STR_COPY(&name_node.u.constant, name);
4276
4277 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
4278 } else {
4279 opline = zend_emit_op(NULL, ZEND_INIT_NS_FCALL_BY_NAME, NULL, NULL);
4280 opline->op2_type = IS_CONST;
4281 opline->op2.constant = zend_add_ns_func_name_literal(name);
4282 }
4283 opline->result.num = zend_alloc_cache_slot();
4284
4285 if (args->children == 1) {
4286 /* add "assert(condition) as assertion message */
4287 zend_ast *arg = zend_ast_create_zval_from_str(
4288 zend_ast_export("assert(", args->child[0], ")"));
4289 if (args->child[0]->kind == ZEND_AST_NAMED_ARG) {
4290 /* If the original argument was named, add the new argument as named as well,
4291 * as mixing named and positional is not allowed. */
4292 zend_ast *name = zend_ast_create_zval_from_str(
4293 ZSTR_INIT_LITERAL("description", 0));
4294 arg = zend_ast_create(ZEND_AST_NAMED_ARG, name, arg);
4295 }
4296 zend_ast_list_add((zend_ast *) args, arg);
4297 }
4298
4299 zend_compile_call_common(result, (zend_ast*)args, fbc, lineno);
4300
4301 opline = &CG(active_op_array)->opcodes[check_op_number];
4302 opline->op2.opline_num = get_next_op_number();
4303 SET_NODE(opline->result, result);
4304 } else {
4305 if (!fbc) {
4306 zend_string_release_ex(name, 0);
4307 }
4308 result->op_type = IS_CONST;
4309 ZVAL_TRUE(&result->u.constant);
4310 }
4311 }
4312 /* }}} */
4313
zend_compile_func_in_array(znode * result,zend_ast_list * args)4314 static zend_result zend_compile_func_in_array(znode *result, zend_ast_list *args) /* {{{ */
4315 {
4316 bool strict = 0;
4317 znode array, needly;
4318 zend_op *opline;
4319
4320 if (args->children == 3) {
4321 if (args->child[2]->kind == ZEND_AST_ZVAL) {
4322 strict = zend_is_true(zend_ast_get_zval(args->child[2]));
4323 } else if (args->child[2]->kind == ZEND_AST_CONST) {
4324 zval value;
4325 zend_ast *name_ast = args->child[2]->child[0];
4326 bool is_fully_qualified;
4327 zend_string *resolved_name = zend_resolve_const_name(
4328 zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
4329
4330 if (!zend_try_ct_eval_const(&value, resolved_name, is_fully_qualified)) {
4331 zend_string_release_ex(resolved_name, 0);
4332 return FAILURE;
4333 }
4334
4335 zend_string_release_ex(resolved_name, 0);
4336 strict = zend_is_true(&value);
4337 zval_ptr_dtor(&value);
4338 } else {
4339 return FAILURE;
4340 }
4341 } else if (args->children != 2) {
4342 return FAILURE;
4343 }
4344
4345 if (args->child[1]->kind != ZEND_AST_ARRAY
4346 || !zend_try_ct_eval_array(&array.u.constant, args->child[1])) {
4347 return FAILURE;
4348 }
4349
4350 if (zend_hash_num_elements(Z_ARRVAL(array.u.constant)) > 0) {
4351 bool ok = 1;
4352 zval *val, tmp;
4353 HashTable *src = Z_ARRVAL(array.u.constant);
4354 HashTable *dst = zend_new_array(zend_hash_num_elements(src));
4355
4356 ZVAL_TRUE(&tmp);
4357
4358 if (strict) {
4359 ZEND_HASH_FOREACH_VAL(src, val) {
4360 if (Z_TYPE_P(val) == IS_STRING) {
4361 zend_hash_add(dst, Z_STR_P(val), &tmp);
4362 } else if (Z_TYPE_P(val) == IS_LONG) {
4363 zend_hash_index_add(dst, Z_LVAL_P(val), &tmp);
4364 } else {
4365 zend_array_destroy(dst);
4366 ok = 0;
4367 break;
4368 }
4369 } ZEND_HASH_FOREACH_END();
4370 } else {
4371 ZEND_HASH_FOREACH_VAL(src, val) {
4372 if (Z_TYPE_P(val) != IS_STRING
4373 || is_numeric_string(Z_STRVAL_P(val), Z_STRLEN_P(val), NULL, NULL, 0)) {
4374 zend_array_destroy(dst);
4375 ok = 0;
4376 break;
4377 }
4378 zend_hash_add(dst, Z_STR_P(val), &tmp);
4379 } ZEND_HASH_FOREACH_END();
4380 }
4381
4382 zend_array_destroy(src);
4383 if (!ok) {
4384 return FAILURE;
4385 }
4386 Z_ARRVAL(array.u.constant) = dst;
4387 }
4388 array.op_type = IS_CONST;
4389
4390 zend_compile_expr(&needly, args->child[0]);
4391
4392 opline = zend_emit_op_tmp(result, ZEND_IN_ARRAY, &needly, &array);
4393 opline->extended_value = strict;
4394
4395 return SUCCESS;
4396 }
4397 /* }}} */
4398
zend_compile_func_count(znode * result,zend_ast_list * args,zend_string * lcname)4399 static zend_result zend_compile_func_count(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4400 {
4401 znode arg_node;
4402 zend_op *opline;
4403
4404 if (args->children != 1) {
4405 return FAILURE;
4406 }
4407
4408 zend_compile_expr(&arg_node, args->child[0]);
4409 opline = zend_emit_op_tmp(result, ZEND_COUNT, &arg_node, NULL);
4410 opline->extended_value = zend_string_equals_literal(lcname, "sizeof");
4411
4412 return SUCCESS;
4413 }
4414 /* }}} */
4415
zend_compile_func_get_class(znode * result,zend_ast_list * args)4416 static zend_result zend_compile_func_get_class(znode *result, zend_ast_list *args) /* {{{ */
4417 {
4418 if (args->children == 0) {
4419 zend_emit_op_tmp(result, ZEND_GET_CLASS, NULL, NULL);
4420 } else {
4421 znode arg_node;
4422
4423 if (args->children != 1) {
4424 return FAILURE;
4425 }
4426
4427 zend_compile_expr(&arg_node, args->child[0]);
4428 zend_emit_op_tmp(result, ZEND_GET_CLASS, &arg_node, NULL);
4429 }
4430 return SUCCESS;
4431 }
4432 /* }}} */
4433
zend_compile_func_get_called_class(znode * result,zend_ast_list * args)4434 static zend_result zend_compile_func_get_called_class(znode *result, zend_ast_list *args) /* {{{ */
4435 {
4436 if (args->children != 0) {
4437 return FAILURE;
4438 }
4439
4440 zend_emit_op_tmp(result, ZEND_GET_CALLED_CLASS, NULL, NULL);
4441 return SUCCESS;
4442 }
4443 /* }}} */
4444
zend_compile_func_gettype(znode * result,zend_ast_list * args)4445 static zend_result zend_compile_func_gettype(znode *result, zend_ast_list *args) /* {{{ */
4446 {
4447 znode arg_node;
4448
4449 if (args->children != 1) {
4450 return FAILURE;
4451 }
4452
4453 zend_compile_expr(&arg_node, args->child[0]);
4454 zend_emit_op_tmp(result, ZEND_GET_TYPE, &arg_node, NULL);
4455 return SUCCESS;
4456 }
4457 /* }}} */
4458
zend_compile_func_num_args(znode * result,zend_ast_list * args)4459 static zend_result zend_compile_func_num_args(znode *result, zend_ast_list *args) /* {{{ */
4460 {
4461 if (CG(active_op_array)->function_name && args->children == 0) {
4462 zend_emit_op_tmp(result, ZEND_FUNC_NUM_ARGS, NULL, NULL);
4463 return SUCCESS;
4464 } else {
4465 return FAILURE;
4466 }
4467 }
4468 /* }}} */
4469
zend_compile_func_get_args(znode * result,zend_ast_list * args)4470 static zend_result zend_compile_func_get_args(znode *result, zend_ast_list *args) /* {{{ */
4471 {
4472 if (CG(active_op_array)->function_name && args->children == 0) {
4473 zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, NULL, NULL);
4474 return SUCCESS;
4475 } else {
4476 return FAILURE;
4477 }
4478 }
4479 /* }}} */
4480
zend_compile_func_array_key_exists(znode * result,zend_ast_list * args)4481 static zend_result zend_compile_func_array_key_exists(znode *result, zend_ast_list *args) /* {{{ */
4482 {
4483 znode subject, needle;
4484
4485 if (args->children != 2) {
4486 return FAILURE;
4487 }
4488
4489 zend_compile_expr(&needle, args->child[0]);
4490 zend_compile_expr(&subject, args->child[1]);
4491
4492 zend_emit_op_tmp(result, ZEND_ARRAY_KEY_EXISTS, &needle, &subject);
4493 return SUCCESS;
4494 }
4495 /* }}} */
4496
zend_compile_func_array_slice(znode * result,zend_ast_list * args)4497 static zend_result zend_compile_func_array_slice(znode *result, zend_ast_list *args) /* {{{ */
4498 {
4499 if (CG(active_op_array)->function_name
4500 && args->children == 2
4501 && args->child[0]->kind == ZEND_AST_CALL
4502 && args->child[0]->child[0]->kind == ZEND_AST_ZVAL
4503 && Z_TYPE_P(zend_ast_get_zval(args->child[0]->child[0])) == IS_STRING
4504 && args->child[0]->child[1]->kind == ZEND_AST_ARG_LIST
4505 && args->child[1]->kind == ZEND_AST_ZVAL) {
4506
4507 zend_string *orig_name = zend_ast_get_str(args->child[0]->child[0]);
4508 bool is_fully_qualified;
4509 zend_string *name = zend_resolve_function_name(orig_name, args->child[0]->child[0]->attr, &is_fully_qualified);
4510 zend_ast_list *list = zend_ast_get_list(args->child[0]->child[1]);
4511 zval *zv = zend_ast_get_zval(args->child[1]);
4512 znode first;
4513
4514 if (zend_string_equals_literal_ci(name, "func_get_args")
4515 && list->children == 0
4516 && Z_TYPE_P(zv) == IS_LONG
4517 && Z_LVAL_P(zv) >= 0) {
4518 first.op_type = IS_CONST;
4519 ZVAL_LONG(&first.u.constant, Z_LVAL_P(zv));
4520 zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, &first, NULL);
4521 zend_string_release_ex(name, 0);
4522 return SUCCESS;
4523 }
4524 zend_string_release_ex(name, 0);
4525 }
4526 return FAILURE;
4527 }
4528 /* }}} */
4529
find_frameless_function_offset(uint32_t arity,void * handler)4530 static uint32_t find_frameless_function_offset(uint32_t arity, void *handler)
4531 {
4532 void **handlers = zend_flf_handlers;
4533 void **current = handlers;
4534 while (current) {
4535 if (*current == handler) {
4536 return current - handlers;
4537 }
4538 current++;
4539 }
4540
4541 return (uint32_t)-1;
4542 }
4543
find_frameless_function_info(zend_ast_list * args,zend_function * fbc,uint32_t type)4544 static const zend_frameless_function_info *find_frameless_function_info(zend_ast_list *args, zend_function *fbc, uint32_t type)
4545 {
4546 if (ZEND_OBSERVER_ENABLED || zend_execute_internal) {
4547 return NULL;
4548 }
4549
4550 if (type != BP_VAR_R) {
4551 return NULL;
4552 }
4553
4554 if (ZEND_USER_CODE(fbc->type)) {
4555 return NULL;
4556 }
4557
4558 const zend_frameless_function_info *frameless_function_info = fbc->internal_function.frameless_function_infos;
4559 if (!frameless_function_info) {
4560 return NULL;
4561 }
4562
4563 if (args->children > 3) {
4564 return NULL;
4565 }
4566
4567 while (frameless_function_info->handler) {
4568 if (frameless_function_info->num_args >= args->children
4569 && fbc->common.required_num_args <= args->children
4570 && (!(fbc->common.fn_flags & ZEND_ACC_VARIADIC)
4571 || frameless_function_info->num_args == args->children)) {
4572 uint32_t num_args = frameless_function_info->num_args;
4573 uint32_t offset = find_frameless_function_offset(num_args, frameless_function_info->handler);
4574 if (offset == (uint32_t)-1) {
4575 continue;
4576 }
4577 return frameless_function_info;
4578 }
4579 frameless_function_info++;
4580 }
4581
4582 return NULL;
4583 }
4584
zend_compile_frameless_icall_ex(znode * result,zend_ast_list * args,zend_function * fbc,const zend_frameless_function_info * frameless_function_info,uint32_t type)4585 static uint32_t zend_compile_frameless_icall_ex(znode *result, zend_ast_list *args, zend_function *fbc, const zend_frameless_function_info *frameless_function_info, uint32_t type)
4586 {
4587 uint32_t num_args = frameless_function_info->num_args;
4588 uint32_t offset = find_frameless_function_offset(num_args, frameless_function_info->handler);
4589 znode arg_zvs[3];
4590 for (uint32_t i = 0; i < num_args; i++) {
4591 if (i < args->children) {
4592 zend_compile_expr(&arg_zvs[i], args->child[i]);
4593 } else {
4594 zend_internal_arg_info *arg_info = (zend_internal_arg_info *)&fbc->common.arg_info[i];
4595 arg_zvs[i].op_type = IS_CONST;
4596 if (zend_get_default_from_internal_arg_info(&arg_zvs[i].u.constant, arg_info) == FAILURE) {
4597 ZEND_UNREACHABLE();
4598 }
4599 }
4600 }
4601 uint8_t opcode = ZEND_FRAMELESS_ICALL_0 + num_args;
4602 uint32_t opnum = get_next_op_number();
4603 zend_op *opline = zend_emit_op_tmp(result, opcode, NULL, NULL);
4604 opline->extended_value = offset;
4605 if (num_args >= 1) {
4606 SET_NODE(opline->op1, &arg_zvs[0]);
4607 }
4608 if (num_args >= 2) {
4609 SET_NODE(opline->op2, &arg_zvs[1]);
4610 }
4611 if (num_args >= 3) {
4612 zend_emit_op_data(&arg_zvs[2]);
4613 }
4614 return opnum;
4615 }
4616
zend_compile_frameless_icall(znode * result,zend_ast_list * args,zend_function * fbc,uint32_t type)4617 static uint32_t zend_compile_frameless_icall(znode *result, zend_ast_list *args, zend_function *fbc, uint32_t type)
4618 {
4619 const zend_frameless_function_info *frameless_function_info = find_frameless_function_info(args, fbc, type);
4620 if (!frameless_function_info) {
4621 return (uint32_t)-1;
4622 }
4623
4624 return zend_compile_frameless_icall_ex(result, args, fbc, frameless_function_info, type);
4625 }
4626
zend_compile_ns_call(znode * result,znode * name_node,zend_ast * args_ast,uint32_t lineno,uint32_t type)4627 static void zend_compile_ns_call(znode *result, znode *name_node, zend_ast *args_ast, uint32_t lineno, uint32_t type) /* {{{ */
4628 {
4629 int name_constants = zend_add_ns_func_name_literal(Z_STR(name_node->u.constant));
4630
4631 /* Find frameless function with same name. */
4632 zend_function *frameless_function = NULL;
4633 if (args_ast->kind != ZEND_AST_CALLABLE_CONVERT
4634 && !zend_args_contain_unpack_or_named(zend_ast_get_list(args_ast))
4635 /* Avoid blowing up op count with nested frameless branches. */
4636 && !CG(context).in_jmp_frameless_branch) {
4637 zend_string *lc_func_name = Z_STR_P(CT_CONSTANT_EX(CG(active_op_array), name_constants + 2));
4638 frameless_function = zend_hash_find_ptr(CG(function_table), lc_func_name);
4639 }
4640
4641 /* Check whether any frameless handler may actually be used. */
4642 uint32_t jmp_fl_opnum = 0;
4643 const zend_frameless_function_info *frameless_function_info = NULL;
4644 if (frameless_function) {
4645 frameless_function_info = find_frameless_function_info(zend_ast_get_list(args_ast), frameless_function, type);
4646 if (frameless_function_info) {
4647 CG(context).in_jmp_frameless_branch = true;
4648 znode op1;
4649 op1.op_type = IS_CONST;
4650 ZVAL_COPY(&op1.u.constant, CT_CONSTANT_EX(CG(active_op_array), name_constants + 1));
4651 jmp_fl_opnum = get_next_op_number();
4652 zend_emit_op(NULL, ZEND_JMP_FRAMELESS, &op1, NULL);
4653 }
4654 }
4655
4656 /* Compile ns call. */
4657 zend_op *opline = get_next_op();
4658 opline->opcode = ZEND_INIT_NS_FCALL_BY_NAME;
4659 opline->op2_type = IS_CONST;
4660 opline->op2.constant = name_constants;
4661 opline->result.num = zend_alloc_cache_slot();
4662 zend_compile_call_common(result, args_ast, NULL, lineno);
4663
4664 /* Compile frameless call. */
4665 if (frameless_function_info) {
4666 uint32_t jmp_end_opnum = zend_emit_jump(0);
4667 uint32_t jmp_fl_target = get_next_op_number();
4668
4669 uint32_t flf_icall_opnum = zend_compile_frameless_icall_ex(NULL, zend_ast_get_list(args_ast), frameless_function, frameless_function_info, type);
4670
4671 zend_op *jmp_fl = &CG(active_op_array)->opcodes[jmp_fl_opnum];
4672 jmp_fl->op2.opline_num = jmp_fl_target;
4673 jmp_fl->extended_value = zend_alloc_cache_slot();
4674 zend_op *flf_icall = &CG(active_op_array)->opcodes[flf_icall_opnum];
4675 SET_NODE(flf_icall->result, result);
4676 zend_update_jump_target_to_next(jmp_end_opnum);
4677
4678 CG(context).in_jmp_frameless_branch = false;
4679 }
4680 }
4681 /* }}} */
4682
zend_try_compile_special_func_ex(znode * result,zend_string * lcname,zend_ast_list * args,zend_function * fbc,uint32_t type)4683 static zend_result zend_try_compile_special_func_ex(znode *result, zend_string *lcname, zend_ast_list *args, zend_function *fbc, uint32_t type) /* {{{ */
4684 {
4685 if (zend_string_equals_literal(lcname, "strlen")) {
4686 return zend_compile_func_strlen(result, args);
4687 } else if (zend_string_equals_literal(lcname, "is_null")) {
4688 return zend_compile_func_typecheck(result, args, IS_NULL);
4689 } else if (zend_string_equals_literal(lcname, "is_bool")) {
4690 return zend_compile_func_typecheck(result, args, _IS_BOOL);
4691 } else if (zend_string_equals_literal(lcname, "is_long")
4692 || zend_string_equals_literal(lcname, "is_int")
4693 || zend_string_equals_literal(lcname, "is_integer")
4694 ) {
4695 return zend_compile_func_typecheck(result, args, IS_LONG);
4696 } else if (zend_string_equals_literal(lcname, "is_float")
4697 || zend_string_equals_literal(lcname, "is_double")
4698 ) {
4699 return zend_compile_func_typecheck(result, args, IS_DOUBLE);
4700 } else if (zend_string_equals_literal(lcname, "is_string")) {
4701 return zend_compile_func_typecheck(result, args, IS_STRING);
4702 } else if (zend_string_equals_literal(lcname, "is_array")) {
4703 return zend_compile_func_typecheck(result, args, IS_ARRAY);
4704 } else if (zend_string_equals_literal(lcname, "is_object")) {
4705 return zend_compile_func_typecheck(result, args, IS_OBJECT);
4706 } else if (zend_string_equals_literal(lcname, "is_resource")) {
4707 return zend_compile_func_typecheck(result, args, IS_RESOURCE);
4708 } else if (zend_string_equals_literal(lcname, "is_scalar")) {
4709 return zend_compile_func_is_scalar(result, args);
4710 } else if (zend_string_equals_literal(lcname, "boolval")) {
4711 return zend_compile_func_cast(result, args, _IS_BOOL);
4712 } else if (zend_string_equals_literal(lcname, "intval")) {
4713 return zend_compile_func_cast(result, args, IS_LONG);
4714 } else if (zend_string_equals_literal(lcname, "floatval")
4715 || zend_string_equals_literal(lcname, "doubleval")
4716 ) {
4717 return zend_compile_func_cast(result, args, IS_DOUBLE);
4718 } else if (zend_string_equals_literal(lcname, "strval")) {
4719 return zend_compile_func_cast(result, args, IS_STRING);
4720 } else if (zend_string_equals_literal(lcname, "defined")) {
4721 return zend_compile_func_defined(result, args);
4722 } else if (zend_string_equals_literal(lcname, "chr") && type == BP_VAR_R) {
4723 return zend_compile_func_chr(result, args);
4724 } else if (zend_string_equals_literal(lcname, "ord") && type == BP_VAR_R) {
4725 return zend_compile_func_ord(result, args);
4726 } else if (zend_string_equals_literal(lcname, "call_user_func_array")) {
4727 return zend_compile_func_cufa(result, args, lcname);
4728 } else if (zend_string_equals_literal(lcname, "call_user_func")) {
4729 return zend_compile_func_cuf(result, args, lcname);
4730 } else if (zend_string_equals_literal(lcname, "in_array")) {
4731 return zend_compile_func_in_array(result, args);
4732 } else if (zend_string_equals(lcname, ZSTR_KNOWN(ZEND_STR_COUNT))
4733 || zend_string_equals_literal(lcname, "sizeof")) {
4734 return zend_compile_func_count(result, args, lcname);
4735 } else if (zend_string_equals_literal(lcname, "get_class")) {
4736 return zend_compile_func_get_class(result, args);
4737 } else if (zend_string_equals_literal(lcname, "get_called_class")) {
4738 return zend_compile_func_get_called_class(result, args);
4739 } else if (zend_string_equals_literal(lcname, "gettype")) {
4740 return zend_compile_func_gettype(result, args);
4741 } else if (zend_string_equals_literal(lcname, "func_num_args")) {
4742 return zend_compile_func_num_args(result, args);
4743 } else if (zend_string_equals_literal(lcname, "func_get_args")) {
4744 return zend_compile_func_get_args(result, args);
4745 } else if (zend_string_equals_literal(lcname, "array_slice")) {
4746 return zend_compile_func_array_slice(result, args);
4747 } else if (zend_string_equals_literal(lcname, "array_key_exists")) {
4748 return zend_compile_func_array_key_exists(result, args);
4749 } else {
4750 return FAILURE;
4751 }
4752 }
4753
zend_try_compile_special_func(znode * result,zend_string * lcname,zend_ast_list * args,zend_function * fbc,uint32_t type)4754 static zend_result zend_try_compile_special_func(znode *result, zend_string *lcname, zend_ast_list *args, zend_function *fbc, uint32_t type) /* {{{ */
4755 {
4756 if (CG(compiler_options) & ZEND_COMPILE_NO_BUILTINS) {
4757 return FAILURE;
4758 }
4759
4760 if (fbc->type != ZEND_INTERNAL_FUNCTION) {
4761 /* If the function is part of disabled_functions, it may be redeclared as a userland
4762 * function with a different implementation. Don't use the VM builtin in that case. */
4763 return FAILURE;
4764 }
4765
4766 if (zend_args_contain_unpack_or_named(args)) {
4767 return FAILURE;
4768 }
4769
4770 if (zend_try_compile_special_func_ex(result, lcname, args, fbc, type) == SUCCESS) {
4771 return SUCCESS;
4772 }
4773
4774 return zend_compile_frameless_icall(result, args, fbc, type) != (uint32_t)-1 ? SUCCESS : FAILURE;
4775 }
4776
zend_compile_call(znode * result,zend_ast * ast,uint32_t type)4777 static void zend_compile_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4778 {
4779 zend_ast *name_ast = ast->child[0];
4780 zend_ast *args_ast = ast->child[1];
4781 bool is_callable_convert = args_ast->kind == ZEND_AST_CALLABLE_CONVERT;
4782
4783 znode name_node;
4784
4785 if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
4786 zend_compile_expr(&name_node, name_ast);
4787 zend_compile_dynamic_call(result, &name_node, args_ast, ast->lineno);
4788 return;
4789 }
4790
4791 {
4792 bool runtime_resolution = zend_compile_function_name(&name_node, name_ast);
4793 if (runtime_resolution) {
4794 if (zend_string_equals_literal_ci(zend_ast_get_str(name_ast), "assert")
4795 && !is_callable_convert) {
4796 zend_compile_assert(result, zend_ast_get_list(args_ast), Z_STR(name_node.u.constant), NULL, ast->lineno);
4797 } else {
4798 zend_compile_ns_call(result, &name_node, args_ast, ast->lineno, type);
4799 }
4800 return;
4801 }
4802 }
4803
4804 {
4805 zval *name = &name_node.u.constant;
4806 zend_string *lcname;
4807 zend_function *fbc;
4808 zend_op *opline;
4809
4810 lcname = zend_string_tolower(Z_STR_P(name));
4811 fbc = zend_hash_find_ptr(CG(function_table), lcname);
4812
4813 /* Special assert() handling should apply independently of compiler flags. */
4814 if (fbc && zend_string_equals_literal(lcname, "assert") && !is_callable_convert) {
4815 zend_compile_assert(result, zend_ast_get_list(args_ast), lcname, fbc, ast->lineno);
4816 zend_string_release(lcname);
4817 zval_ptr_dtor(&name_node.u.constant);
4818 return;
4819 }
4820
4821 if (!fbc || !fbc_is_finalized(fbc)
4822 || (fbc->type == ZEND_INTERNAL_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS))
4823 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS))
4824 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES) && fbc->op_array.filename != CG(active_op_array)->filename)
4825 ) {
4826 zend_string_release_ex(lcname, 0);
4827 zend_compile_dynamic_call(result, &name_node, args_ast, ast->lineno);
4828 return;
4829 }
4830
4831 if (!is_callable_convert &&
4832 zend_try_compile_special_func(result, lcname,
4833 zend_ast_get_list(args_ast), fbc, type) == SUCCESS
4834 ) {
4835 zend_string_release_ex(lcname, 0);
4836 zval_ptr_dtor(&name_node.u.constant);
4837 return;
4838 }
4839
4840 zval_ptr_dtor(&name_node.u.constant);
4841 ZVAL_NEW_STR(&name_node.u.constant, lcname);
4842
4843 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
4844 opline->result.num = zend_alloc_cache_slot();
4845
4846 zend_compile_call_common(result, args_ast, fbc, ast->lineno);
4847 }
4848 }
4849 /* }}} */
4850
zend_compile_method_call(znode * result,zend_ast * ast,uint32_t type)4851 static void zend_compile_method_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4852 {
4853 zend_ast *obj_ast = ast->child[0];
4854 zend_ast *method_ast = ast->child[1];
4855 zend_ast *args_ast = ast->child[2];
4856
4857 znode obj_node, method_node;
4858 zend_op *opline;
4859 zend_function *fbc = NULL;
4860 bool nullsafe = ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL;
4861 uint32_t short_circuiting_checkpoint = zend_short_circuiting_checkpoint();
4862
4863 if (is_this_fetch(obj_ast)) {
4864 if (this_guaranteed_exists()) {
4865 obj_node.op_type = IS_UNUSED;
4866 } else {
4867 zend_emit_op(&obj_node, ZEND_FETCH_THIS, NULL, NULL);
4868 }
4869 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
4870
4871 /* We will throw if $this doesn't exist, so there's no need to emit a JMP_NULL
4872 * check for a nullsafe access. */
4873 } else {
4874 zend_short_circuiting_mark_inner(obj_ast);
4875 zend_compile_expr(&obj_node, obj_ast);
4876 if (nullsafe) {
4877 zend_emit_jmp_null(&obj_node, type);
4878 }
4879 }
4880
4881 zend_compile_expr(&method_node, method_ast);
4882 opline = zend_emit_op(NULL, ZEND_INIT_METHOD_CALL, &obj_node, NULL);
4883
4884 if (method_node.op_type == IS_CONST) {
4885 if (Z_TYPE(method_node.u.constant) != IS_STRING) {
4886 zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4887 }
4888
4889 opline->op2_type = IS_CONST;
4890 opline->op2.constant = zend_add_func_name_literal(
4891 Z_STR(method_node.u.constant));
4892 opline->result.num = zend_alloc_cache_slots(2);
4893 } else {
4894 SET_NODE(opline->op2, &method_node);
4895 }
4896
4897 /* Check if this calls a known method on $this */
4898 if (opline->op1_type == IS_UNUSED && opline->op2_type == IS_CONST &&
4899 CG(active_class_entry) && zend_is_scope_known()) {
4900 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4901 fbc = zend_hash_find_ptr(&CG(active_class_entry)->function_table, lcname);
4902
4903 /* We only know the exact method that is being called if it is either private or final.
4904 * Otherwise an overriding method in a child class may be called. */
4905 if (fbc && !(fbc->common.fn_flags & (ZEND_ACC_PRIVATE|ZEND_ACC_FINAL))) {
4906 fbc = NULL;
4907 }
4908 }
4909
4910 if (zend_compile_call_common(result, args_ast, fbc, zend_ast_get_lineno(method_ast))) {
4911 if (short_circuiting_checkpoint != zend_short_circuiting_checkpoint()) {
4912 zend_error_noreturn(E_COMPILE_ERROR,
4913 "Cannot combine nullsafe operator with Closure creation");
4914 }
4915 }
4916 }
4917 /* }}} */
4918
zend_is_constructor(zend_string * name)4919 static bool zend_is_constructor(zend_string *name) /* {{{ */
4920 {
4921 return zend_string_equals_literal_ci(name, ZEND_CONSTRUCTOR_FUNC_NAME);
4922 }
4923 /* }}} */
4924
zend_get_compatible_func_or_null(zend_class_entry * ce,zend_string * lcname)4925 static zend_function *zend_get_compatible_func_or_null(zend_class_entry *ce, zend_string *lcname) /* {{{ */
4926 {
4927 zend_function *fbc = zend_hash_find_ptr(&ce->function_table, lcname);
4928 if (!fbc || (fbc->common.fn_flags & ZEND_ACC_PUBLIC) || ce == CG(active_class_entry)) {
4929 return fbc;
4930 }
4931
4932 if (!(fbc->common.fn_flags & ZEND_ACC_PRIVATE)
4933 && (fbc->common.scope->ce_flags & ZEND_ACC_LINKED)
4934 && (!CG(active_class_entry) || (CG(active_class_entry)->ce_flags & ZEND_ACC_LINKED))
4935 && zend_check_protected(zend_get_function_root_class(fbc), CG(active_class_entry))) {
4936 return fbc;
4937 }
4938
4939 return NULL;
4940 }
4941 /* }}} */
4942
zend_compile_static_call(znode * result,zend_ast * ast,uint32_t type)4943 static void zend_compile_static_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4944 {
4945 zend_ast *class_ast = ast->child[0];
4946 zend_ast *method_ast = ast->child[1];
4947 zend_ast *args_ast = ast->child[2];
4948
4949 znode class_node, method_node;
4950 zend_op *opline;
4951 zend_function *fbc = NULL;
4952
4953 zend_short_circuiting_mark_inner(class_ast);
4954 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4955
4956 zend_compile_expr(&method_node, method_ast);
4957
4958 if (method_node.op_type == IS_CONST) {
4959 zval *name = &method_node.u.constant;
4960 if (Z_TYPE_P(name) != IS_STRING) {
4961 zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4962 }
4963 if (zend_is_constructor(Z_STR_P(name))) {
4964 zval_ptr_dtor(name);
4965 method_node.op_type = IS_UNUSED;
4966 }
4967 }
4968
4969 opline = get_next_op();
4970 opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
4971
4972 zend_set_class_name_op1(opline, &class_node);
4973
4974 if (method_node.op_type == IS_CONST) {
4975 opline->op2_type = IS_CONST;
4976 opline->op2.constant = zend_add_func_name_literal(
4977 Z_STR(method_node.u.constant));
4978 opline->result.num = zend_alloc_cache_slots(2);
4979 } else {
4980 if (opline->op1_type == IS_CONST) {
4981 opline->result.num = zend_alloc_cache_slot();
4982 }
4983 SET_NODE(opline->op2, &method_node);
4984 }
4985
4986 /* Check if we already know which method we're calling */
4987 if (opline->op2_type == IS_CONST) {
4988 zend_class_entry *ce = NULL;
4989 if (opline->op1_type == IS_CONST) {
4990 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op1) + 1);
4991 ce = zend_hash_find_ptr(CG(class_table), lcname);
4992 if (!ce && CG(active_class_entry)
4993 && zend_string_equals_ci(CG(active_class_entry)->name, lcname)) {
4994 ce = CG(active_class_entry);
4995 }
4996 } else if (opline->op1_type == IS_UNUSED
4997 && (opline->op1.num & ZEND_FETCH_CLASS_MASK) == ZEND_FETCH_CLASS_SELF
4998 && zend_is_scope_known()) {
4999 ce = CG(active_class_entry);
5000 }
5001 if (ce) {
5002 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
5003 fbc = zend_get_compatible_func_or_null(ce, lcname);
5004 }
5005 }
5006
5007 zend_compile_call_common(result, args_ast, fbc, zend_ast_get_lineno(method_ast));
5008 }
5009 /* }}} */
5010
5011 static void zend_compile_class_decl(znode *result, zend_ast *ast, bool toplevel);
5012
zend_compile_new(znode * result,zend_ast * ast)5013 static void zend_compile_new(znode *result, zend_ast *ast) /* {{{ */
5014 {
5015 zend_ast *class_ast = ast->child[0];
5016 zend_ast *args_ast = ast->child[1];
5017
5018 znode class_node, ctor_result;
5019 zend_op *opline;
5020
5021 if (class_ast->kind == ZEND_AST_CLASS) {
5022 /* anon class declaration */
5023 zend_compile_class_decl(&class_node, class_ast, 0);
5024 } else {
5025 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
5026 }
5027
5028 opline = zend_emit_op(result, ZEND_NEW, NULL, NULL);
5029
5030 if (class_node.op_type == IS_CONST) {
5031 opline->op1_type = IS_CONST;
5032 opline->op1.constant = zend_add_class_name_literal(
5033 Z_STR(class_node.u.constant));
5034 opline->op2.num = zend_alloc_cache_slot();
5035 } else {
5036 SET_NODE(opline->op1, &class_node);
5037 }
5038
5039 zend_compile_call_common(&ctor_result, args_ast, NULL, ast->lineno);
5040 zend_do_free(&ctor_result);
5041 }
5042 /* }}} */
5043
zend_compile_clone(znode * result,zend_ast * ast)5044 static void zend_compile_clone(znode *result, zend_ast *ast) /* {{{ */
5045 {
5046 zend_ast *obj_ast = ast->child[0];
5047
5048 znode obj_node;
5049 zend_compile_expr(&obj_node, obj_ast);
5050
5051 zend_emit_op_tmp(result, ZEND_CLONE, &obj_node, NULL);
5052 }
5053 /* }}} */
5054
zend_compile_global_var(zend_ast * ast)5055 static void zend_compile_global_var(zend_ast *ast) /* {{{ */
5056 {
5057 zend_ast *var_ast = ast->child[0];
5058 zend_ast *name_ast = var_ast->child[0];
5059
5060 znode name_node, result;
5061
5062 zend_compile_expr(&name_node, name_ast);
5063 if (name_node.op_type == IS_CONST) {
5064 convert_to_string(&name_node.u.constant);
5065 }
5066
5067 // TODO(GLOBALS) Forbid "global $GLOBALS"?
5068 if (is_this_fetch(var_ast)) {
5069 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as global variable");
5070 } else if (zend_try_compile_cv(&result, var_ast) == SUCCESS) {
5071 zend_op *opline = zend_emit_op(NULL, ZEND_BIND_GLOBAL, &result, &name_node);
5072 opline->extended_value = zend_alloc_cache_slot();
5073 } else {
5074 /* name_ast should be evaluated only. FETCH_GLOBAL_LOCK instructs FETCH_W
5075 * to not free the name_node operand, so it can be reused in the following
5076 * ASSIGN_REF, which then frees it. */
5077 zend_op *opline = zend_emit_op(&result, ZEND_FETCH_W, &name_node, NULL);
5078 opline->extended_value = ZEND_FETCH_GLOBAL_LOCK;
5079
5080 if (name_node.op_type == IS_CONST) {
5081 zend_string_addref(Z_STR(name_node.u.constant));
5082 }
5083
5084 zend_emit_assign_ref_znode(
5085 zend_ast_create(ZEND_AST_VAR, zend_ast_create_znode(&name_node)),
5086 &result
5087 );
5088 }
5089 }
5090 /* }}} */
5091
zend_compile_static_var_common(zend_string * var_name,zval * value,uint32_t mode)5092 static void zend_compile_static_var_common(zend_string *var_name, zval *value, uint32_t mode) /* {{{ */
5093 {
5094 zend_op *opline;
5095 if (!CG(active_op_array)->static_variables) {
5096 if (CG(active_op_array)->scope) {
5097 CG(active_op_array)->scope->ce_flags |= ZEND_HAS_STATIC_IN_METHODS;
5098 }
5099 CG(active_op_array)->static_variables = zend_new_array(8);
5100 }
5101
5102 value = zend_hash_update(CG(active_op_array)->static_variables, var_name, value);
5103
5104 if (zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
5105 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as static variable");
5106 }
5107
5108 opline = zend_emit_op(NULL, ZEND_BIND_STATIC, NULL, NULL);
5109 opline->op1_type = IS_CV;
5110 opline->op1.var = lookup_cv(var_name);
5111 opline->extended_value = (uint32_t)((char*)value - (char*)CG(active_op_array)->static_variables->arData) | mode;
5112 }
5113 /* }}} */
5114
zend_compile_static_var(zend_ast * ast)5115 static void zend_compile_static_var(zend_ast *ast) /* {{{ */
5116 {
5117 zend_ast *var_ast = ast->child[0];
5118 zend_string *var_name = zend_ast_get_str(var_ast);
5119
5120 if (zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
5121 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as static variable");
5122 }
5123
5124 if (!CG(active_op_array)->static_variables) {
5125 if (CG(active_op_array)->scope) {
5126 CG(active_op_array)->scope->ce_flags |= ZEND_HAS_STATIC_IN_METHODS;
5127 }
5128 CG(active_op_array)->static_variables = zend_new_array(8);
5129 }
5130
5131 if (zend_hash_exists(CG(active_op_array)->static_variables, var_name)) {
5132 zend_error_noreturn_unchecked(E_COMPILE_ERROR, "Duplicate declaration of static variable $%S", var_name);
5133 }
5134
5135 zend_eval_const_expr(&ast->child[1]);
5136 zend_ast *value_ast = ast->child[1];
5137
5138 if (!value_ast || value_ast->kind == ZEND_AST_ZVAL) {
5139 zval *value_zv = value_ast
5140 ? zend_ast_get_zval(value_ast)
5141 : &EG(uninitialized_zval);
5142 Z_TRY_ADDREF_P(value_zv);
5143 zend_compile_static_var_common(var_name, value_zv, ZEND_BIND_REF);
5144 } else {
5145 zend_op *opline;
5146
5147 zval *placeholder_ptr = zend_hash_update(CG(active_op_array)->static_variables, var_name, &EG(uninitialized_zval));
5148 Z_TYPE_EXTRA_P(placeholder_ptr) |= IS_STATIC_VAR_UNINITIALIZED;
5149 uint32_t placeholder_offset = (uint32_t)((char*)placeholder_ptr - (char*)CG(active_op_array)->static_variables->arData);
5150
5151 uint32_t static_def_jmp_opnum = get_next_op_number();
5152 opline = zend_emit_op(NULL, ZEND_BIND_INIT_STATIC_OR_JMP, NULL, NULL);
5153 opline->op1_type = IS_CV;
5154 opline->op1.var = lookup_cv(var_name);
5155 opline->extended_value = placeholder_offset;
5156
5157 znode expr;
5158 zend_compile_expr(&expr, value_ast);
5159
5160 opline = zend_emit_op(NULL, ZEND_BIND_STATIC, NULL, &expr);
5161 opline->op1_type = IS_CV;
5162 opline->op1.var = lookup_cv(var_name);
5163 opline->extended_value = placeholder_offset | ZEND_BIND_REF;
5164
5165 zend_update_jump_target_to_next(static_def_jmp_opnum);
5166 }
5167 }
5168 /* }}} */
5169
zend_compile_unset(zend_ast * ast)5170 static void zend_compile_unset(zend_ast *ast) /* {{{ */
5171 {
5172 zend_ast *var_ast = ast->child[0];
5173 znode var_node;
5174 zend_op *opline;
5175
5176 zend_ensure_writable_variable(var_ast);
5177
5178 if (is_global_var_fetch(var_ast)) {
5179 if (!var_ast->child[1]) {
5180 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for unsetting");
5181 }
5182
5183 zend_compile_expr(&var_node, var_ast->child[1]);
5184 if (var_node.op_type == IS_CONST) {
5185 convert_to_string(&var_node.u.constant);
5186 }
5187
5188 opline = zend_emit_op(NULL, ZEND_UNSET_VAR, &var_node, NULL);
5189 opline->extended_value = ZEND_FETCH_GLOBAL;
5190 return;
5191 }
5192
5193 switch (var_ast->kind) {
5194 case ZEND_AST_VAR:
5195 if (is_this_fetch(var_ast)) {
5196 zend_error_noreturn(E_COMPILE_ERROR, "Cannot unset $this");
5197 } else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
5198 opline = zend_emit_op(NULL, ZEND_UNSET_CV, &var_node, NULL);
5199 } else {
5200 opline = zend_compile_simple_var_no_cv(NULL, var_ast, BP_VAR_UNSET, 0);
5201 opline->opcode = ZEND_UNSET_VAR;
5202 }
5203 return;
5204 case ZEND_AST_DIM:
5205 opline = zend_compile_dim(NULL, var_ast, BP_VAR_UNSET, /* by_ref */ false);
5206 opline->opcode = ZEND_UNSET_DIM;
5207 return;
5208 case ZEND_AST_PROP:
5209 case ZEND_AST_NULLSAFE_PROP:
5210 opline = zend_compile_prop(NULL, var_ast, BP_VAR_UNSET, 0);
5211 opline->opcode = ZEND_UNSET_OBJ;
5212 return;
5213 case ZEND_AST_STATIC_PROP:
5214 opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_UNSET, 0, 0);
5215 opline->opcode = ZEND_UNSET_STATIC_PROP;
5216 return;
5217 EMPTY_SWITCH_DEFAULT_CASE()
5218 }
5219 }
5220 /* }}} */
5221
zend_handle_loops_and_finally_ex(zend_long depth,znode * return_value)5222 static bool zend_handle_loops_and_finally_ex(zend_long depth, znode *return_value) /* {{{ */
5223 {
5224 zend_loop_var *base;
5225 zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
5226
5227 if (!loop_var) {
5228 return 1;
5229 }
5230 base = zend_stack_base(&CG(loop_var_stack));
5231 for (; loop_var >= base; loop_var--) {
5232 if (loop_var->opcode == ZEND_FAST_CALL) {
5233 zend_op *opline = get_next_op();
5234
5235 opline->opcode = ZEND_FAST_CALL;
5236 opline->result_type = IS_TMP_VAR;
5237 opline->result.var = loop_var->var_num;
5238 if (return_value) {
5239 SET_NODE(opline->op2, return_value);
5240 }
5241 opline->op1.num = loop_var->try_catch_offset;
5242 } else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
5243 zend_op *opline = get_next_op();
5244 opline->opcode = ZEND_DISCARD_EXCEPTION;
5245 opline->op1_type = IS_TMP_VAR;
5246 opline->op1.var = loop_var->var_num;
5247 } else if (loop_var->opcode == ZEND_RETURN) {
5248 /* Stack separator */
5249 break;
5250 } else if (depth <= 1) {
5251 return 1;
5252 } else if (loop_var->opcode == ZEND_NOP) {
5253 /* Loop doesn't have freeable variable */
5254 depth--;
5255 } else {
5256 zend_op *opline;
5257
5258 ZEND_ASSERT(loop_var->var_type & (IS_VAR|IS_TMP_VAR));
5259 opline = get_next_op();
5260 opline->opcode = loop_var->opcode;
5261 opline->op1_type = loop_var->var_type;
5262 opline->op1.var = loop_var->var_num;
5263 opline->extended_value = ZEND_FREE_ON_RETURN;
5264 depth--;
5265 }
5266 }
5267 return (depth == 0);
5268 }
5269 /* }}} */
5270
zend_handle_loops_and_finally(znode * return_value)5271 static bool zend_handle_loops_and_finally(znode *return_value) /* {{{ */
5272 {
5273 return zend_handle_loops_and_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1, return_value);
5274 }
5275 /* }}} */
5276
zend_has_finally_ex(zend_long depth)5277 static bool zend_has_finally_ex(zend_long depth) /* {{{ */
5278 {
5279 zend_loop_var *base;
5280 zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
5281
5282 if (!loop_var) {
5283 return 0;
5284 }
5285 base = zend_stack_base(&CG(loop_var_stack));
5286 for (; loop_var >= base; loop_var--) {
5287 if (loop_var->opcode == ZEND_FAST_CALL) {
5288 return 1;
5289 } else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
5290 } else if (loop_var->opcode == ZEND_RETURN) {
5291 /* Stack separator */
5292 return 0;
5293 } else if (depth <= 1) {
5294 return 0;
5295 } else {
5296 depth--;
5297 }
5298 }
5299 return 0;
5300 }
5301 /* }}} */
5302
zend_has_finally(void)5303 static bool zend_has_finally(void) /* {{{ */
5304 {
5305 return zend_has_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1);
5306 }
5307 /* }}} */
5308
zend_compile_return(zend_ast * ast)5309 static void zend_compile_return(zend_ast *ast) /* {{{ */
5310 {
5311 zend_ast *expr_ast = ast->child[0];
5312 bool is_generator = (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0;
5313 bool by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
5314
5315 znode expr_node;
5316 zend_op *opline;
5317
5318 if (is_generator) {
5319 /* For generators the by-ref flag refers to yields, not returns */
5320 by_ref = 0;
5321 }
5322
5323 if (!expr_ast) {
5324 expr_node.op_type = IS_CONST;
5325 ZVAL_NULL(&expr_node.u.constant);
5326 } else if (by_ref && zend_is_variable(expr_ast)) {
5327 if (zend_ast_is_short_circuited(expr_ast)) {
5328 zend_error_noreturn(E_COMPILE_ERROR, "Cannot take reference of a nullsafe chain");
5329 }
5330
5331 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
5332 } else {
5333 zend_compile_expr(&expr_node, expr_ast);
5334 }
5335
5336 if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)
5337 && (expr_node.op_type == IS_CV || (by_ref && expr_node.op_type == IS_VAR))
5338 && zend_has_finally()) {
5339 /* Copy return value into temporary VAR to avoid modification in finally code */
5340 if (by_ref) {
5341 zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
5342 } else {
5343 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &expr_node, NULL);
5344 }
5345 }
5346
5347 /* Generator return types are handled separately */
5348 if (!is_generator && (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE)) {
5349 zend_emit_return_type_check(
5350 expr_ast ? &expr_node : NULL, CG(active_op_array)->arg_info - 1, 0);
5351 }
5352
5353 zend_handle_loops_and_finally((expr_node.op_type & (IS_TMP_VAR | IS_VAR)) ? &expr_node : NULL);
5354
5355 opline = zend_emit_op(NULL, by_ref ? ZEND_RETURN_BY_REF : ZEND_RETURN,
5356 &expr_node, NULL);
5357
5358 if (by_ref && expr_ast) {
5359 if (zend_is_call(expr_ast)) {
5360 opline->extended_value = ZEND_RETURNS_FUNCTION;
5361 } else if (!zend_is_variable(expr_ast) || zend_ast_is_short_circuited(expr_ast)) {
5362 opline->extended_value = ZEND_RETURNS_VALUE;
5363 }
5364 }
5365 }
5366 /* }}} */
5367
zend_compile_echo(zend_ast * ast)5368 static void zend_compile_echo(zend_ast *ast) /* {{{ */
5369 {
5370 zend_op *opline;
5371 zend_ast *expr_ast = ast->child[0];
5372
5373 znode expr_node;
5374 zend_compile_expr(&expr_node, expr_ast);
5375
5376 opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
5377 opline->extended_value = 0;
5378 }
5379 /* }}} */
5380
zend_compile_throw(znode * result,zend_ast * ast)5381 static void zend_compile_throw(znode *result, zend_ast *ast) /* {{{ */
5382 {
5383 zend_ast *expr_ast = ast->child[0];
5384
5385 znode expr_node;
5386 zend_compile_expr(&expr_node, expr_ast);
5387
5388 zend_op *opline = zend_emit_op(NULL, ZEND_THROW, &expr_node, NULL);
5389 if (result) {
5390 /* Mark this as an "expression throw" for opcache. */
5391 opline->extended_value = ZEND_THROW_IS_EXPR;
5392 result->op_type = IS_CONST;
5393 ZVAL_TRUE(&result->u.constant);
5394 }
5395 }
5396 /* }}} */
5397
zend_compile_break_continue(zend_ast * ast)5398 static void zend_compile_break_continue(zend_ast *ast) /* {{{ */
5399 {
5400 zend_ast *depth_ast = ast->child[0];
5401
5402 zend_op *opline;
5403 zend_long depth;
5404
5405 ZEND_ASSERT(ast->kind == ZEND_AST_BREAK || ast->kind == ZEND_AST_CONTINUE);
5406
5407 if (depth_ast) {
5408 zval *depth_zv;
5409 if (depth_ast->kind != ZEND_AST_ZVAL) {
5410 zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator with non-integer operand "
5411 "is no longer supported", ast->kind == ZEND_AST_BREAK ? "break" : "continue");
5412 }
5413
5414 depth_zv = zend_ast_get_zval(depth_ast);
5415 if (Z_TYPE_P(depth_zv) != IS_LONG || Z_LVAL_P(depth_zv) < 1) {
5416 zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator accepts only positive integers",
5417 ast->kind == ZEND_AST_BREAK ? "break" : "continue");
5418 }
5419
5420 depth = Z_LVAL_P(depth_zv);
5421 } else {
5422 depth = 1;
5423 }
5424
5425 if (CG(context).current_brk_cont == -1) {
5426 zend_error_noreturn(E_COMPILE_ERROR, "'%s' not in the 'loop' or 'switch' context",
5427 ast->kind == ZEND_AST_BREAK ? "break" : "continue");
5428 } else {
5429 if (!zend_handle_loops_and_finally_ex(depth, NULL)) {
5430 zend_error_noreturn(E_COMPILE_ERROR, "Cannot '%s' " ZEND_LONG_FMT " level%s",
5431 ast->kind == ZEND_AST_BREAK ? "break" : "continue",
5432 depth, depth == 1 ? "" : "s");
5433 }
5434 }
5435
5436 if (ast->kind == ZEND_AST_CONTINUE) {
5437 int d, cur = CG(context).current_brk_cont;
5438 for (d = depth - 1; d > 0; d--) {
5439 cur = CG(context).brk_cont_array[cur].parent;
5440 ZEND_ASSERT(cur != -1);
5441 }
5442
5443 if (CG(context).brk_cont_array[cur].is_switch) {
5444 if (depth == 1) {
5445 if (CG(context).brk_cont_array[cur].parent == -1) {
5446 zend_error(E_WARNING,
5447 "\"continue\" targeting switch is equivalent to \"break\"");
5448 } else {
5449 zend_error(E_WARNING,
5450 "\"continue\" targeting switch is equivalent to \"break\". " \
5451 "Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
5452 depth + 1);
5453 }
5454 } else {
5455 if (CG(context).brk_cont_array[cur].parent == -1) {
5456 zend_error(E_WARNING,
5457 "\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\"",
5458 depth, depth);
5459 } else {
5460 zend_error(E_WARNING,
5461 "\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\". " \
5462 "Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
5463 depth, depth, depth + 1);
5464 }
5465 }
5466 }
5467 }
5468
5469 opline = zend_emit_op(NULL, ast->kind == ZEND_AST_BREAK ? ZEND_BRK : ZEND_CONT, NULL, NULL);
5470 opline->op1.num = CG(context).current_brk_cont;
5471 opline->op2.num = depth;
5472 }
5473 /* }}} */
5474
zend_resolve_goto_label(zend_op_array * op_array,zend_op * opline)5475 void zend_resolve_goto_label(zend_op_array *op_array, zend_op *opline) /* {{{ */
5476 {
5477 zend_label *dest;
5478 int current, remove_oplines = opline->op1.num;
5479 zval *label;
5480 uint32_t opnum = opline - op_array->opcodes;
5481
5482 label = CT_CONSTANT_EX(op_array, opline->op2.constant);
5483 if (CG(context).labels == NULL ||
5484 (dest = zend_hash_find_ptr(CG(context).labels, Z_STR_P(label))) == NULL
5485 ) {
5486 CG(in_compilation) = 1;
5487 CG(active_op_array) = op_array;
5488 CG(zend_lineno) = opline->lineno;
5489 zend_error_noreturn(E_COMPILE_ERROR, "'goto' to undefined label '%s'", Z_STRVAL_P(label));
5490 }
5491
5492 zval_ptr_dtor_str(label);
5493 ZVAL_NULL(label);
5494
5495 current = opline->extended_value;
5496 for (; current != dest->brk_cont; current = CG(context).brk_cont_array[current].parent) {
5497 if (current == -1) {
5498 CG(in_compilation) = 1;
5499 CG(active_op_array) = op_array;
5500 CG(zend_lineno) = opline->lineno;
5501 zend_error_noreturn(E_COMPILE_ERROR, "'goto' into loop or switch statement is disallowed");
5502 }
5503 if (CG(context).brk_cont_array[current].start >= 0) {
5504 remove_oplines--;
5505 }
5506 }
5507
5508 for (current = 0; current < op_array->last_try_catch; ++current) {
5509 zend_try_catch_element *elem = &op_array->try_catch_array[current];
5510 if (elem->try_op > opnum) {
5511 break;
5512 }
5513 if (elem->finally_op && opnum < elem->finally_op - 1
5514 && (dest->opline_num > elem->finally_end || dest->opline_num < elem->try_op)
5515 ) {
5516 remove_oplines--;
5517 }
5518 }
5519
5520 opline->opcode = ZEND_JMP;
5521 SET_UNUSED(opline->op1);
5522 SET_UNUSED(opline->op2);
5523 SET_UNUSED(opline->result);
5524 opline->op1.opline_num = dest->opline_num;
5525 opline->extended_value = 0;
5526
5527 ZEND_ASSERT(remove_oplines >= 0);
5528 while (remove_oplines--) {
5529 opline--;
5530 MAKE_NOP(opline);
5531 ZEND_VM_SET_OPCODE_HANDLER(opline);
5532 }
5533 }
5534 /* }}} */
5535
zend_compile_goto(zend_ast * ast)5536 static void zend_compile_goto(zend_ast *ast) /* {{{ */
5537 {
5538 zend_ast *label_ast = ast->child[0];
5539 znode label_node;
5540 zend_op *opline;
5541
5542 zend_compile_expr(&label_node, label_ast);
5543
5544 /* Label resolution and unwinding adjustments happen in pass two. */
5545 uint32_t opnum_start = get_next_op_number();
5546 zend_handle_loops_and_finally(NULL);
5547 opline = zend_emit_op(NULL, ZEND_GOTO, NULL, &label_node);
5548 opline->op1.num = get_next_op_number() - opnum_start - 1;
5549 opline->extended_value = CG(context).current_brk_cont;
5550 }
5551 /* }}} */
5552
zend_compile_label(zend_ast * ast)5553 static void zend_compile_label(zend_ast *ast) /* {{{ */
5554 {
5555 zend_string *label = zend_ast_get_str(ast->child[0]);
5556 zend_label dest;
5557
5558 if (!CG(context).labels) {
5559 ALLOC_HASHTABLE(CG(context).labels);
5560 zend_hash_init(CG(context).labels, 8, NULL, label_ptr_dtor, 0);
5561 }
5562
5563 dest.brk_cont = CG(context).current_brk_cont;
5564 dest.opline_num = get_next_op_number();
5565
5566 if (!zend_hash_add_mem(CG(context).labels, label, &dest, sizeof(zend_label))) {
5567 zend_error_noreturn(E_COMPILE_ERROR, "Label '%s' already defined", ZSTR_VAL(label));
5568 }
5569 }
5570 /* }}} */
5571
zend_compile_while(zend_ast * ast)5572 static void zend_compile_while(zend_ast *ast) /* {{{ */
5573 {
5574 zend_ast *cond_ast = ast->child[0];
5575 zend_ast *stmt_ast = ast->child[1];
5576 znode cond_node;
5577 uint32_t opnum_start, opnum_jmp, opnum_cond;
5578
5579 opnum_jmp = zend_emit_jump(0);
5580
5581 zend_begin_loop(ZEND_NOP, NULL, 0);
5582
5583 opnum_start = get_next_op_number();
5584 zend_compile_stmt(stmt_ast);
5585
5586 opnum_cond = get_next_op_number();
5587 zend_update_jump_target(opnum_jmp, opnum_cond);
5588 zend_compile_expr(&cond_node, cond_ast);
5589
5590 zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
5591
5592 zend_end_loop(opnum_cond, NULL);
5593 }
5594 /* }}} */
5595
zend_compile_do_while(zend_ast * ast)5596 static void zend_compile_do_while(zend_ast *ast) /* {{{ */
5597 {
5598 zend_ast *stmt_ast = ast->child[0];
5599 zend_ast *cond_ast = ast->child[1];
5600
5601 znode cond_node;
5602 uint32_t opnum_start, opnum_cond;
5603
5604 zend_begin_loop(ZEND_NOP, NULL, 0);
5605
5606 opnum_start = get_next_op_number();
5607 zend_compile_stmt(stmt_ast);
5608
5609 opnum_cond = get_next_op_number();
5610 zend_compile_expr(&cond_node, cond_ast);
5611
5612 zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
5613
5614 zend_end_loop(opnum_cond, NULL);
5615 }
5616 /* }}} */
5617
zend_compile_expr_list(znode * result,zend_ast * ast)5618 static void zend_compile_expr_list(znode *result, zend_ast *ast) /* {{{ */
5619 {
5620 zend_ast_list *list;
5621 uint32_t i;
5622
5623 result->op_type = IS_CONST;
5624 ZVAL_TRUE(&result->u.constant);
5625
5626 if (!ast) {
5627 return;
5628 }
5629
5630 list = zend_ast_get_list(ast);
5631 for (i = 0; i < list->children; ++i) {
5632 zend_ast *expr_ast = list->child[i];
5633
5634 zend_do_free(result);
5635 zend_compile_expr(result, expr_ast);
5636 }
5637 }
5638 /* }}} */
5639
zend_compile_for(zend_ast * ast)5640 static void zend_compile_for(zend_ast *ast) /* {{{ */
5641 {
5642 zend_ast *init_ast = ast->child[0];
5643 zend_ast *cond_ast = ast->child[1];
5644 zend_ast *loop_ast = ast->child[2];
5645 zend_ast *stmt_ast = ast->child[3];
5646
5647 znode result;
5648 uint32_t opnum_start, opnum_jmp, opnum_loop;
5649
5650 zend_compile_expr_list(&result, init_ast);
5651 zend_do_free(&result);
5652
5653 opnum_jmp = zend_emit_jump(0);
5654
5655 zend_begin_loop(ZEND_NOP, NULL, 0);
5656
5657 opnum_start = get_next_op_number();
5658 zend_compile_stmt(stmt_ast);
5659
5660 opnum_loop = get_next_op_number();
5661 zend_compile_expr_list(&result, loop_ast);
5662 zend_do_free(&result);
5663
5664 zend_update_jump_target_to_next(opnum_jmp);
5665 zend_compile_expr_list(&result, cond_ast);
5666 zend_do_extended_stmt();
5667
5668 zend_emit_cond_jump(ZEND_JMPNZ, &result, opnum_start);
5669
5670 zend_end_loop(opnum_loop, NULL);
5671 }
5672 /* }}} */
5673
zend_compile_foreach(zend_ast * ast)5674 static void zend_compile_foreach(zend_ast *ast) /* {{{ */
5675 {
5676 zend_ast *expr_ast = ast->child[0];
5677 zend_ast *value_ast = ast->child[1];
5678 zend_ast *key_ast = ast->child[2];
5679 zend_ast *stmt_ast = ast->child[3];
5680 bool by_ref = value_ast->kind == ZEND_AST_REF;
5681 bool is_variable = zend_is_variable(expr_ast) && zend_can_write_to_variable(expr_ast);
5682
5683 znode expr_node, reset_node, value_node, key_node;
5684 zend_op *opline;
5685 uint32_t opnum_reset, opnum_fetch;
5686
5687 if (key_ast) {
5688 if (key_ast->kind == ZEND_AST_REF) {
5689 zend_error_noreturn(E_COMPILE_ERROR, "Key element cannot be a reference");
5690 }
5691 if (key_ast->kind == ZEND_AST_ARRAY) {
5692 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use list as key element");
5693 }
5694 }
5695
5696 if (by_ref) {
5697 value_ast = value_ast->child[0];
5698 }
5699
5700 if (value_ast->kind == ZEND_AST_ARRAY && zend_propagate_list_refs(value_ast)) {
5701 by_ref = 1;
5702 }
5703
5704 if (by_ref && is_variable) {
5705 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
5706 } else {
5707 zend_compile_expr(&expr_node, expr_ast);
5708 }
5709
5710 if (by_ref) {
5711 zend_separate_if_call_and_write(&expr_node, expr_ast, BP_VAR_W);
5712 }
5713
5714 opnum_reset = get_next_op_number();
5715 opline = zend_emit_op(&reset_node, by_ref ? ZEND_FE_RESET_RW : ZEND_FE_RESET_R, &expr_node, NULL);
5716
5717 zend_begin_loop(ZEND_FE_FREE, &reset_node, 0);
5718
5719 opnum_fetch = get_next_op_number();
5720 opline = zend_emit_op(NULL, by_ref ? ZEND_FE_FETCH_RW : ZEND_FE_FETCH_R, &reset_node, NULL);
5721
5722 if (is_this_fetch(value_ast)) {
5723 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
5724 } else if (value_ast->kind == ZEND_AST_VAR &&
5725 zend_try_compile_cv(&value_node, value_ast) == SUCCESS) {
5726 SET_NODE(opline->op2, &value_node);
5727 } else {
5728 opline->op2_type = IS_VAR;
5729 opline->op2.var = get_temporary_variable();
5730 GET_NODE(&value_node, opline->op2);
5731 if (value_ast->kind == ZEND_AST_ARRAY) {
5732 zend_compile_list_assign(NULL, value_ast, &value_node, value_ast->attr);
5733 } else if (by_ref) {
5734 zend_emit_assign_ref_znode(value_ast, &value_node);
5735 } else {
5736 zend_emit_assign_znode(value_ast, &value_node);
5737 }
5738 }
5739
5740 if (key_ast) {
5741 opline = &CG(active_op_array)->opcodes[opnum_fetch];
5742 zend_make_tmp_result(&key_node, opline);
5743 zend_emit_assign_znode(key_ast, &key_node);
5744 }
5745
5746 zend_compile_stmt(stmt_ast);
5747
5748 /* Place JMP and FE_FREE on the line where foreach starts. It would be
5749 * better to use the end line, but this information is not available
5750 * currently. */
5751 CG(zend_lineno) = ast->lineno;
5752 zend_emit_jump(opnum_fetch);
5753
5754 opline = &CG(active_op_array)->opcodes[opnum_reset];
5755 opline->op2.opline_num = get_next_op_number();
5756
5757 opline = &CG(active_op_array)->opcodes[opnum_fetch];
5758 opline->extended_value = get_next_op_number();
5759
5760 zend_end_loop(opnum_fetch, &reset_node);
5761
5762 opline = zend_emit_op(NULL, ZEND_FE_FREE, &reset_node, NULL);
5763 }
5764 /* }}} */
5765
zend_compile_if(zend_ast * ast)5766 static void zend_compile_if(zend_ast *ast) /* {{{ */
5767 {
5768 zend_ast_list *list = zend_ast_get_list(ast);
5769 uint32_t i;
5770 uint32_t *jmp_opnums = NULL;
5771
5772 if (list->children > 1) {
5773 jmp_opnums = safe_emalloc(sizeof(uint32_t), list->children - 1, 0);
5774 }
5775
5776 for (i = 0; i < list->children; ++i) {
5777 zend_ast *elem_ast = list->child[i];
5778 zend_ast *cond_ast = elem_ast->child[0];
5779 zend_ast *stmt_ast = elem_ast->child[1];
5780
5781 if (cond_ast) {
5782 znode cond_node;
5783 uint32_t opnum_jmpz;
5784
5785 if (i > 0) {
5786 CG(zend_lineno) = cond_ast->lineno;
5787 zend_do_extended_stmt();
5788 }
5789
5790 zend_compile_expr(&cond_node, cond_ast);
5791 opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5792
5793 zend_compile_stmt(stmt_ast);
5794
5795 if (i != list->children - 1) {
5796 /* Set the lineno of JMP to the position of the if keyword, as we don't want to
5797 * report the last line in the if branch as covered if it hasn't actually executed. */
5798 CG(zend_lineno) = elem_ast->lineno;
5799 jmp_opnums[i] = zend_emit_jump(0);
5800 }
5801 zend_update_jump_target_to_next(opnum_jmpz);
5802 } else {
5803 /* "else" can only occur as last element. */
5804 ZEND_ASSERT(i == list->children - 1);
5805 zend_compile_stmt(stmt_ast);
5806 }
5807 }
5808
5809 if (list->children > 1) {
5810 for (i = 0; i < list->children - 1; ++i) {
5811 zend_update_jump_target_to_next(jmp_opnums[i]);
5812 }
5813 efree(jmp_opnums);
5814 }
5815 }
5816 /* }}} */
5817
determine_switch_jumptable_type(zend_ast_list * cases)5818 static uint8_t determine_switch_jumptable_type(zend_ast_list *cases) {
5819 uint32_t i;
5820 uint8_t common_type = IS_UNDEF;
5821 for (i = 0; i < cases->children; i++) {
5822 zend_ast *case_ast = cases->child[i];
5823 zend_ast **cond_ast = &case_ast->child[0];
5824 zval *cond_zv;
5825 if (!case_ast->child[0]) {
5826 /* Skip default clause */
5827 continue;
5828 }
5829
5830 zend_eval_const_expr(cond_ast);
5831 if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
5832 /* Non-constant case */
5833 return IS_UNDEF;
5834 }
5835
5836 cond_zv = zend_ast_get_zval(case_ast->child[0]);
5837 if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
5838 /* We only optimize switched on integers and strings */
5839 return IS_UNDEF;
5840 }
5841
5842 if (common_type == IS_UNDEF) {
5843 common_type = Z_TYPE_P(cond_zv);
5844 } else if (common_type != Z_TYPE_P(cond_zv)) {
5845 /* Non-uniform case types */
5846 return IS_UNDEF;
5847 }
5848
5849 if (Z_TYPE_P(cond_zv) == IS_STRING
5850 && is_numeric_string(Z_STRVAL_P(cond_zv), Z_STRLEN_P(cond_zv), NULL, NULL, 0)) {
5851 /* Numeric strings cannot be compared with a simple hash lookup */
5852 return IS_UNDEF;
5853 }
5854 }
5855
5856 return common_type;
5857 }
5858
should_use_jumptable(zend_ast_list * cases,uint8_t jumptable_type)5859 static bool should_use_jumptable(zend_ast_list *cases, uint8_t jumptable_type) {
5860 if (CG(compiler_options) & ZEND_COMPILE_NO_JUMPTABLES) {
5861 return 0;
5862 }
5863
5864 /* Thresholds are chosen based on when the average switch time for equidistributed
5865 * input becomes smaller when using the jumptable optimization. */
5866 if (jumptable_type == IS_LONG) {
5867 return cases->children >= 5;
5868 } else {
5869 ZEND_ASSERT(jumptable_type == IS_STRING);
5870 return cases->children >= 2;
5871 }
5872 }
5873
zend_compile_switch(zend_ast * ast)5874 static void zend_compile_switch(zend_ast *ast) /* {{{ */
5875 {
5876 zend_ast *expr_ast = ast->child[0];
5877 zend_ast_list *cases = zend_ast_get_list(ast->child[1]);
5878
5879 uint32_t i;
5880 bool has_default_case = 0;
5881
5882 znode expr_node, case_node;
5883 zend_op *opline;
5884 uint32_t *jmpnz_opnums, opnum_default_jmp, opnum_switch = (uint32_t)-1;
5885 uint8_t jumptable_type;
5886 HashTable *jumptable = NULL;
5887
5888 zend_compile_expr(&expr_node, expr_ast);
5889
5890 zend_begin_loop(ZEND_FREE, &expr_node, 1);
5891
5892 case_node.op_type = IS_TMP_VAR;
5893 case_node.u.op.var = get_temporary_variable();
5894
5895 jumptable_type = determine_switch_jumptable_type(cases);
5896 if (jumptable_type != IS_UNDEF && should_use_jumptable(cases, jumptable_type)) {
5897 znode jumptable_op;
5898
5899 ALLOC_HASHTABLE(jumptable);
5900 zend_hash_init(jumptable, cases->children, NULL, NULL, 0);
5901 jumptable_op.op_type = IS_CONST;
5902 ZVAL_ARR(&jumptable_op.u.constant, jumptable);
5903
5904 opline = zend_emit_op(NULL,
5905 jumptable_type == IS_LONG ? ZEND_SWITCH_LONG : ZEND_SWITCH_STRING,
5906 &expr_node, &jumptable_op);
5907 if (opline->op1_type == IS_CONST) {
5908 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5909 }
5910 opnum_switch = opline - CG(active_op_array)->opcodes;
5911 }
5912
5913 jmpnz_opnums = safe_emalloc(sizeof(uint32_t), cases->children, 0);
5914 for (i = 0; i < cases->children; ++i) {
5915 zend_ast *case_ast = cases->child[i];
5916 zend_ast *cond_ast = case_ast->child[0];
5917 znode cond_node;
5918
5919 if (!cond_ast) {
5920 if (has_default_case) {
5921 CG(zend_lineno) = case_ast->lineno;
5922 zend_error_noreturn(E_COMPILE_ERROR,
5923 "Switch statements may only contain one default clause");
5924 }
5925 has_default_case = 1;
5926 continue;
5927 }
5928
5929 zend_compile_expr(&cond_node, cond_ast);
5930
5931 if (expr_node.op_type == IS_CONST
5932 && Z_TYPE(expr_node.u.constant) == IS_FALSE) {
5933 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5934 } else if (expr_node.op_type == IS_CONST
5935 && Z_TYPE(expr_node.u.constant) == IS_TRUE) {
5936 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, 0);
5937 } else {
5938 opline = zend_emit_op(NULL,
5939 (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE : ZEND_IS_EQUAL,
5940 &expr_node, &cond_node);
5941 SET_NODE(opline->result, &case_node);
5942 if (opline->op1_type == IS_CONST) {
5943 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5944 }
5945
5946 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
5947 }
5948 }
5949
5950 opnum_default_jmp = zend_emit_jump(0);
5951
5952 for (i = 0; i < cases->children; ++i) {
5953 zend_ast *case_ast = cases->child[i];
5954 zend_ast *cond_ast = case_ast->child[0];
5955 zend_ast *stmt_ast = case_ast->child[1];
5956
5957 if (cond_ast) {
5958 zend_update_jump_target_to_next(jmpnz_opnums[i]);
5959
5960 if (jumptable) {
5961 zval *cond_zv = zend_ast_get_zval(cond_ast);
5962 zval jmp_target;
5963 ZVAL_LONG(&jmp_target, get_next_op_number());
5964
5965 ZEND_ASSERT(Z_TYPE_P(cond_zv) == jumptable_type);
5966 if (Z_TYPE_P(cond_zv) == IS_LONG) {
5967 zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
5968 } else {
5969 ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
5970 zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
5971 }
5972 }
5973 } else {
5974 zend_update_jump_target_to_next(opnum_default_jmp);
5975
5976 if (jumptable) {
5977 ZEND_ASSERT(opnum_switch != (uint32_t)-1);
5978 opline = &CG(active_op_array)->opcodes[opnum_switch];
5979 opline->extended_value = get_next_op_number();
5980 }
5981 }
5982
5983 zend_compile_stmt(stmt_ast);
5984 }
5985
5986 if (!has_default_case) {
5987 zend_update_jump_target_to_next(opnum_default_jmp);
5988
5989 if (jumptable) {
5990 opline = &CG(active_op_array)->opcodes[opnum_switch];
5991 opline->extended_value = get_next_op_number();
5992 }
5993 }
5994
5995 zend_end_loop(get_next_op_number(), &expr_node);
5996
5997 if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
5998 opline = zend_emit_op(NULL, ZEND_FREE, &expr_node, NULL);
5999 opline->extended_value = ZEND_FREE_SWITCH;
6000 } else if (expr_node.op_type == IS_CONST) {
6001 zval_ptr_dtor_nogc(&expr_node.u.constant);
6002 }
6003
6004 efree(jmpnz_opnums);
6005 }
6006 /* }}} */
6007
count_match_conds(zend_ast_list * arms)6008 static uint32_t count_match_conds(zend_ast_list *arms)
6009 {
6010 uint32_t num_conds = 0;
6011
6012 for (uint32_t i = 0; i < arms->children; i++) {
6013 zend_ast *arm_ast = arms->child[i];
6014 if (arm_ast->child[0] == NULL) {
6015 continue;
6016 }
6017
6018 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
6019 num_conds += conds->children;
6020 }
6021
6022 return num_conds;
6023 }
6024
can_match_use_jumptable(zend_ast_list * arms)6025 static bool can_match_use_jumptable(zend_ast_list *arms) {
6026 for (uint32_t i = 0; i < arms->children; i++) {
6027 zend_ast *arm_ast = arms->child[i];
6028 if (!arm_ast->child[0]) {
6029 /* Skip default arm */
6030 continue;
6031 }
6032
6033 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
6034 for (uint32_t j = 0; j < conds->children; j++) {
6035 zend_ast **cond_ast = &conds->child[j];
6036
6037 zend_eval_const_expr(cond_ast);
6038 if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
6039 return 0;
6040 }
6041
6042 zval *cond_zv = zend_ast_get_zval(*cond_ast);
6043 if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
6044 return 0;
6045 }
6046 }
6047 }
6048
6049 return 1;
6050 }
6051
zend_compile_match(znode * result,zend_ast * ast)6052 static void zend_compile_match(znode *result, zend_ast *ast)
6053 {
6054 zend_ast *expr_ast = ast->child[0];
6055 zend_ast_list *arms = zend_ast_get_list(ast->child[1]);
6056 bool has_default_arm = 0;
6057 uint32_t opnum_match = (uint32_t)-1;
6058
6059 znode expr_node;
6060 zend_compile_expr(&expr_node, expr_ast);
6061
6062 znode case_node;
6063 case_node.op_type = IS_TMP_VAR;
6064 case_node.u.op.var = get_temporary_variable();
6065
6066 uint32_t num_conds = count_match_conds(arms);
6067 uint8_t can_use_jumptable = can_match_use_jumptable(arms);
6068 bool uses_jumptable = can_use_jumptable && num_conds >= 2;
6069 HashTable *jumptable = NULL;
6070 uint32_t *jmpnz_opnums = NULL;
6071
6072 for (uint32_t i = 0; i < arms->children; ++i) {
6073 zend_ast *arm_ast = arms->child[i];
6074
6075 if (!arm_ast->child[0]) {
6076 if (has_default_arm) {
6077 CG(zend_lineno) = arm_ast->lineno;
6078 zend_error_noreturn(E_COMPILE_ERROR,
6079 "Match expressions may only contain one default arm");
6080 }
6081 has_default_arm = 1;
6082 }
6083 }
6084
6085 if (uses_jumptable) {
6086 znode jumptable_op;
6087
6088 ALLOC_HASHTABLE(jumptable);
6089 zend_hash_init(jumptable, num_conds, NULL, NULL, 0);
6090 jumptable_op.op_type = IS_CONST;
6091 ZVAL_ARR(&jumptable_op.u.constant, jumptable);
6092
6093 zend_op *opline = zend_emit_op(NULL, ZEND_MATCH, &expr_node, &jumptable_op);
6094 if (opline->op1_type == IS_CONST) {
6095 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
6096 }
6097 opnum_match = opline - CG(active_op_array)->opcodes;
6098 } else {
6099 jmpnz_opnums = safe_emalloc(sizeof(uint32_t), num_conds, 0);
6100 uint32_t cond_count = 0;
6101 for (uint32_t i = 0; i < arms->children; ++i) {
6102 zend_ast *arm_ast = arms->child[i];
6103
6104 if (!arm_ast->child[0]) {
6105 continue;
6106 }
6107
6108 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
6109 for (uint32_t j = 0; j < conds->children; j++) {
6110 zend_ast *cond_ast = conds->child[j];
6111
6112 znode cond_node;
6113 zend_compile_expr(&cond_node, cond_ast);
6114
6115 uint32_t opcode = (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE_STRICT : ZEND_IS_IDENTICAL;
6116 zend_op *opline = zend_emit_op(NULL, opcode, &expr_node, &cond_node);
6117 SET_NODE(opline->result, &case_node);
6118 if (opline->op1_type == IS_CONST) {
6119 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
6120 }
6121
6122 jmpnz_opnums[cond_count] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
6123
6124 cond_count++;
6125 }
6126 }
6127 }
6128
6129 uint32_t opnum_default_jmp = 0;
6130 if (!uses_jumptable) {
6131 opnum_default_jmp = zend_emit_jump(0);
6132 }
6133
6134 bool is_first_case = 1;
6135 uint32_t cond_count = 0;
6136 uint32_t *jmp_end_opnums = safe_emalloc(sizeof(uint32_t), arms->children, 0);
6137
6138 // The generated default arm is emitted first to avoid live range issues where the tmpvar
6139 // for the arm result is freed even though it has not been initialized yet.
6140 if (!has_default_arm) {
6141 if (!uses_jumptable) {
6142 zend_update_jump_target_to_next(opnum_default_jmp);
6143 }
6144
6145 if (jumptable) {
6146 zend_op *opline = &CG(active_op_array)->opcodes[opnum_match];
6147 opline->extended_value = get_next_op_number();
6148 }
6149
6150 zend_op *opline = zend_emit_op(NULL, ZEND_MATCH_ERROR, &expr_node, NULL);
6151 if (opline->op1_type == IS_CONST) {
6152 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
6153 }
6154 if (arms->children == 0) {
6155 /* Mark this as an "expression throw" for opcache. */
6156 opline->extended_value = ZEND_THROW_IS_EXPR;
6157 }
6158 }
6159
6160 for (uint32_t i = 0; i < arms->children; ++i) {
6161 zend_ast *arm_ast = arms->child[i];
6162 zend_ast *body_ast = arm_ast->child[1];
6163
6164 if (arm_ast->child[0] != NULL) {
6165 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
6166
6167 for (uint32_t j = 0; j < conds->children; j++) {
6168 zend_ast *cond_ast = conds->child[j];
6169
6170 if (jmpnz_opnums != NULL) {
6171 zend_update_jump_target_to_next(jmpnz_opnums[cond_count]);
6172 }
6173
6174 if (jumptable) {
6175 zval *cond_zv = zend_ast_get_zval(cond_ast);
6176 zval jmp_target;
6177 ZVAL_LONG(&jmp_target, get_next_op_number());
6178
6179 if (Z_TYPE_P(cond_zv) == IS_LONG) {
6180 zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
6181 } else {
6182 ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
6183 zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
6184 }
6185 }
6186
6187 cond_count++;
6188 }
6189 } else {
6190 if (!uses_jumptable) {
6191 zend_update_jump_target_to_next(opnum_default_jmp);
6192 }
6193
6194 if (jumptable) {
6195 ZEND_ASSERT(opnum_match != (uint32_t)-1);
6196 zend_op *opline = &CG(active_op_array)->opcodes[opnum_match];
6197 opline->extended_value = get_next_op_number();
6198 }
6199 }
6200
6201 znode body_node;
6202 zend_compile_expr(&body_node, body_ast);
6203
6204 if (is_first_case) {
6205 zend_emit_op_tmp(result, ZEND_QM_ASSIGN, &body_node, NULL);
6206 is_first_case = 0;
6207 } else {
6208 zend_op *opline_qm_assign = zend_emit_op(NULL, ZEND_QM_ASSIGN, &body_node, NULL);
6209 SET_NODE(opline_qm_assign->result, result);
6210 }
6211
6212 jmp_end_opnums[i] = zend_emit_jump(0);
6213 }
6214
6215 // Initialize result in case there is no arm
6216 if (arms->children == 0) {
6217 result->op_type = IS_CONST;
6218 ZVAL_NULL(&result->u.constant);
6219 }
6220
6221 for (uint32_t i = 0; i < arms->children; ++i) {
6222 zend_update_jump_target_to_next(jmp_end_opnums[i]);
6223 }
6224
6225 if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
6226 zend_op *opline = zend_emit_op(NULL, ZEND_FREE, &expr_node, NULL);
6227 opline->extended_value = ZEND_FREE_SWITCH;
6228 } else if (expr_node.op_type == IS_CONST) {
6229 zval_ptr_dtor_nogc(&expr_node.u.constant);
6230 }
6231
6232 if (jmpnz_opnums != NULL) {
6233 efree(jmpnz_opnums);
6234 }
6235 efree(jmp_end_opnums);
6236 }
6237
zend_compile_try(zend_ast * ast)6238 static void zend_compile_try(zend_ast *ast) /* {{{ */
6239 {
6240 zend_ast *try_ast = ast->child[0];
6241 zend_ast_list *catches = zend_ast_get_list(ast->child[1]);
6242 zend_ast *finally_ast = ast->child[2];
6243
6244 uint32_t i, j;
6245 zend_op *opline;
6246 uint32_t try_catch_offset;
6247 uint32_t *jmp_opnums = safe_emalloc(sizeof(uint32_t), catches->children, 0);
6248 uint32_t orig_fast_call_var = CG(context).fast_call_var;
6249 uint32_t orig_try_catch_offset = CG(context).try_catch_offset;
6250
6251 if (catches->children == 0 && !finally_ast) {
6252 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use try without catch or finally");
6253 }
6254
6255 /* label: try { } must not be equal to try { label: } */
6256 if (CG(context).labels) {
6257 zend_label *label;
6258 ZEND_HASH_MAP_REVERSE_FOREACH_PTR(CG(context).labels, label) {
6259 if (label->opline_num == get_next_op_number()) {
6260 zend_emit_op(NULL, ZEND_NOP, NULL, NULL);
6261 }
6262 break;
6263 } ZEND_HASH_FOREACH_END();
6264 }
6265
6266 try_catch_offset = zend_add_try_element(get_next_op_number());
6267
6268 if (finally_ast) {
6269 zend_loop_var fast_call;
6270 if (!(CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)) {
6271 CG(active_op_array)->fn_flags |= ZEND_ACC_HAS_FINALLY_BLOCK;
6272 }
6273 CG(context).fast_call_var = get_temporary_variable();
6274
6275 /* Push FAST_CALL on unwind stack */
6276 fast_call.opcode = ZEND_FAST_CALL;
6277 fast_call.var_type = IS_TMP_VAR;
6278 fast_call.var_num = CG(context).fast_call_var;
6279 fast_call.try_catch_offset = try_catch_offset;
6280 zend_stack_push(&CG(loop_var_stack), &fast_call);
6281 }
6282
6283 CG(context).try_catch_offset = try_catch_offset;
6284
6285 zend_compile_stmt(try_ast);
6286
6287 if (catches->children != 0) {
6288 jmp_opnums[0] = zend_emit_jump(0);
6289 }
6290
6291 for (i = 0; i < catches->children; ++i) {
6292 zend_ast *catch_ast = catches->child[i];
6293 zend_ast_list *classes = zend_ast_get_list(catch_ast->child[0]);
6294 zend_ast *var_ast = catch_ast->child[1];
6295 zend_ast *stmt_ast = catch_ast->child[2];
6296 zend_string *var_name = var_ast ? zval_make_interned_string(zend_ast_get_zval(var_ast)) : NULL;
6297 bool is_last_catch = (i + 1 == catches->children);
6298
6299 uint32_t *jmp_multicatch = safe_emalloc(sizeof(uint32_t), classes->children - 1, 0);
6300 uint32_t opnum_catch = (uint32_t)-1;
6301
6302 CG(zend_lineno) = catch_ast->lineno;
6303
6304 for (j = 0; j < classes->children; j++) {
6305 zend_ast *class_ast = classes->child[j];
6306 bool is_last_class = (j + 1 == classes->children);
6307
6308 if (!zend_is_const_default_class_ref(class_ast)) {
6309 zend_error_noreturn(E_COMPILE_ERROR, "Bad class name in the catch statement");
6310 }
6311
6312 opnum_catch = get_next_op_number();
6313 if (i == 0 && j == 0) {
6314 CG(active_op_array)->try_catch_array[try_catch_offset].catch_op = opnum_catch;
6315 }
6316
6317 opline = get_next_op();
6318 opline->opcode = ZEND_CATCH;
6319 opline->op1_type = IS_CONST;
6320 opline->op1.constant = zend_add_class_name_literal(
6321 zend_resolve_class_name_ast(class_ast));
6322 opline->extended_value = zend_alloc_cache_slot();
6323
6324 if (var_name && zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
6325 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
6326 }
6327
6328 opline->result_type = var_name ? IS_CV : IS_UNUSED;
6329 opline->result.var = var_name ? lookup_cv(var_name) : -1;
6330
6331 if (is_last_catch && is_last_class) {
6332 opline->extended_value |= ZEND_LAST_CATCH;
6333 }
6334
6335 if (!is_last_class) {
6336 jmp_multicatch[j] = zend_emit_jump(0);
6337 opline = &CG(active_op_array)->opcodes[opnum_catch];
6338 opline->op2.opline_num = get_next_op_number();
6339 }
6340 }
6341
6342 for (j = 0; j < classes->children - 1; j++) {
6343 zend_update_jump_target_to_next(jmp_multicatch[j]);
6344 }
6345
6346 efree(jmp_multicatch);
6347
6348 zend_compile_stmt(stmt_ast);
6349
6350 if (!is_last_catch) {
6351 jmp_opnums[i + 1] = zend_emit_jump(0);
6352 }
6353
6354 ZEND_ASSERT(opnum_catch != (uint32_t)-1 && "Should have at least one class");
6355 opline = &CG(active_op_array)->opcodes[opnum_catch];
6356 if (!is_last_catch) {
6357 opline->op2.opline_num = get_next_op_number();
6358 }
6359 }
6360
6361 for (i = 0; i < catches->children; ++i) {
6362 zend_update_jump_target_to_next(jmp_opnums[i]);
6363 }
6364
6365 if (finally_ast) {
6366 zend_loop_var discard_exception;
6367 uint32_t opnum_jmp = get_next_op_number() + 1;
6368
6369 /* Pop FAST_CALL from unwind stack */
6370 zend_stack_del_top(&CG(loop_var_stack));
6371
6372 /* Push DISCARD_EXCEPTION on unwind stack */
6373 discard_exception.opcode = ZEND_DISCARD_EXCEPTION;
6374 discard_exception.var_type = IS_TMP_VAR;
6375 discard_exception.var_num = CG(context).fast_call_var;
6376 zend_stack_push(&CG(loop_var_stack), &discard_exception);
6377
6378 CG(zend_lineno) = finally_ast->lineno;
6379
6380 opline = zend_emit_op(NULL, ZEND_FAST_CALL, NULL, NULL);
6381 opline->op1.num = try_catch_offset;
6382 opline->result_type = IS_TMP_VAR;
6383 opline->result.var = CG(context).fast_call_var;
6384
6385 zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
6386
6387 zend_compile_stmt(finally_ast);
6388
6389 CG(active_op_array)->try_catch_array[try_catch_offset].finally_op = opnum_jmp + 1;
6390 CG(active_op_array)->try_catch_array[try_catch_offset].finally_end
6391 = get_next_op_number();
6392
6393 opline = zend_emit_op(NULL, ZEND_FAST_RET, NULL, NULL);
6394 opline->op1_type = IS_TMP_VAR;
6395 opline->op1.var = CG(context).fast_call_var;
6396 opline->op2.num = orig_try_catch_offset;
6397
6398 zend_update_jump_target_to_next(opnum_jmp);
6399
6400 CG(context).fast_call_var = orig_fast_call_var;
6401
6402 /* Pop DISCARD_EXCEPTION from unwind stack */
6403 zend_stack_del_top(&CG(loop_var_stack));
6404 }
6405
6406 CG(context).try_catch_offset = orig_try_catch_offset;
6407
6408 efree(jmp_opnums);
6409 }
6410 /* }}} */
6411
6412 /* Encoding declarations must already be handled during parsing */
zend_handle_encoding_declaration(zend_ast * ast)6413 bool zend_handle_encoding_declaration(zend_ast *ast) /* {{{ */
6414 {
6415 zend_ast_list *declares = zend_ast_get_list(ast);
6416 uint32_t i;
6417 for (i = 0; i < declares->children; ++i) {
6418 zend_ast *declare_ast = declares->child[i];
6419 zend_ast *name_ast = declare_ast->child[0];
6420 zend_ast *value_ast = declare_ast->child[1];
6421 zend_string *name = zend_ast_get_str(name_ast);
6422
6423 if (zend_string_equals_literal_ci(name, "encoding")) {
6424 if (value_ast->kind != ZEND_AST_ZVAL) {
6425 zend_throw_exception(zend_ce_compile_error, "Encoding must be a literal", 0);
6426 return 0;
6427 }
6428
6429 if (CG(multibyte)) {
6430 zend_string *encoding_name = zval_get_string(zend_ast_get_zval(value_ast));
6431
6432 const zend_encoding *new_encoding, *old_encoding;
6433 zend_encoding_filter old_input_filter;
6434
6435 CG(encoding_declared) = 1;
6436
6437 new_encoding = zend_multibyte_fetch_encoding(ZSTR_VAL(encoding_name));
6438 if (!new_encoding) {
6439 zend_error(E_COMPILE_WARNING, "Unsupported encoding [%s]", ZSTR_VAL(encoding_name));
6440 } else {
6441 old_input_filter = LANG_SCNG(input_filter);
6442 old_encoding = LANG_SCNG(script_encoding);
6443 zend_multibyte_set_filter(new_encoding);
6444
6445 /* need to re-scan if input filter changed */
6446 if (old_input_filter != LANG_SCNG(input_filter) ||
6447 (old_input_filter && new_encoding != old_encoding)) {
6448 zend_multibyte_yyinput_again(old_input_filter, old_encoding);
6449 }
6450 }
6451
6452 zend_string_release_ex(encoding_name, 0);
6453 } else {
6454 zend_error(E_COMPILE_WARNING, "declare(encoding=...) ignored because "
6455 "Zend multibyte feature is turned off by settings");
6456 }
6457 }
6458 }
6459
6460 return 1;
6461 }
6462 /* }}} */
6463
6464 /* Check whether this is the first statement, not counting declares. */
zend_is_first_statement(zend_ast * ast,bool allow_nop)6465 static zend_result zend_is_first_statement(zend_ast *ast, bool allow_nop) /* {{{ */
6466 {
6467 uint32_t i = 0;
6468 zend_ast_list *file_ast = zend_ast_get_list(CG(ast));
6469
6470 while (i < file_ast->children) {
6471 if (file_ast->child[i] == ast) {
6472 return SUCCESS;
6473 } else if (file_ast->child[i] == NULL) {
6474 if (!allow_nop) {
6475 return FAILURE;
6476 }
6477 } else if (file_ast->child[i]->kind != ZEND_AST_DECLARE) {
6478 return FAILURE;
6479 }
6480 i++;
6481 }
6482 return FAILURE;
6483 }
6484 /* }}} */
6485
zend_compile_declare(zend_ast * ast)6486 static void zend_compile_declare(zend_ast *ast) /* {{{ */
6487 {
6488 zend_ast_list *declares = zend_ast_get_list(ast->child[0]);
6489 zend_ast *stmt_ast = ast->child[1];
6490 zend_declarables orig_declarables = FC(declarables);
6491 uint32_t i;
6492
6493 for (i = 0; i < declares->children; ++i) {
6494 zend_ast *declare_ast = declares->child[i];
6495 zend_ast *name_ast = declare_ast->child[0];
6496 zend_ast **value_ast_ptr = &declare_ast->child[1];
6497 zend_string *name = zend_ast_get_str(name_ast);
6498
6499 if ((*value_ast_ptr)->kind != ZEND_AST_ZVAL) {
6500 zend_error_noreturn(E_COMPILE_ERROR, "declare(%s) value must be a literal", ZSTR_VAL(name));
6501 }
6502
6503 if (zend_string_equals_literal_ci(name, "ticks")) {
6504 zval value_zv;
6505 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
6506 FC(declarables).ticks = zval_get_long(&value_zv);
6507 zval_ptr_dtor_nogc(&value_zv);
6508 } else if (zend_string_equals_literal_ci(name, "encoding")) {
6509
6510 if (FAILURE == zend_is_first_statement(ast, /* allow_nop */ 0)) {
6511 zend_error_noreturn(E_COMPILE_ERROR, "Encoding declaration pragma must be "
6512 "the very first statement in the script");
6513 }
6514 } else if (zend_string_equals_literal_ci(name, "strict_types")) {
6515 zval value_zv;
6516
6517 if (FAILURE == zend_is_first_statement(ast, /* allow_nop */ 0)) {
6518 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must be "
6519 "the very first statement in the script");
6520 }
6521
6522 if (ast->child[1] != NULL) {
6523 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must not "
6524 "use block mode");
6525 }
6526
6527 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
6528
6529 if (Z_TYPE(value_zv) != IS_LONG || (Z_LVAL(value_zv) != 0 && Z_LVAL(value_zv) != 1)) {
6530 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must have 0 or 1 as its value");
6531 }
6532
6533 if (Z_LVAL(value_zv) == 1) {
6534 CG(active_op_array)->fn_flags |= ZEND_ACC_STRICT_TYPES;
6535 }
6536
6537 } else {
6538 zend_error(E_COMPILE_WARNING, "Unsupported declare '%s'", ZSTR_VAL(name));
6539 }
6540 }
6541
6542 if (stmt_ast) {
6543 zend_compile_stmt(stmt_ast);
6544
6545 FC(declarables) = orig_declarables;
6546 }
6547 }
6548 /* }}} */
6549
zend_compile_stmt_list(zend_ast * ast)6550 static void zend_compile_stmt_list(zend_ast *ast) /* {{{ */
6551 {
6552 zend_ast_list *list = zend_ast_get_list(ast);
6553 uint32_t i;
6554 for (i = 0; i < list->children; ++i) {
6555 zend_compile_stmt(list->child[i]);
6556 }
6557 }
6558 /* }}} */
6559
zend_set_function_arg_flags(zend_function * func)6560 ZEND_API void zend_set_function_arg_flags(zend_function *func) /* {{{ */
6561 {
6562 uint32_t i, n;
6563
6564 func->common.arg_flags[0] = 0;
6565 func->common.arg_flags[1] = 0;
6566 func->common.arg_flags[2] = 0;
6567 if (func->common.arg_info) {
6568 n = MIN(func->common.num_args, MAX_ARG_FLAG_NUM);
6569 i = 0;
6570 while (i < n) {
6571 ZEND_SET_ARG_FLAG(func, i + 1, ZEND_ARG_SEND_MODE(&func->common.arg_info[i]));
6572 i++;
6573 }
6574 if (UNEXPECTED((func->common.fn_flags & ZEND_ACC_VARIADIC) && ZEND_ARG_SEND_MODE(&func->common.arg_info[i]))) {
6575 uint32_t pass_by_reference = ZEND_ARG_SEND_MODE(&func->common.arg_info[i]);
6576 while (i < MAX_ARG_FLAG_NUM) {
6577 ZEND_SET_ARG_FLAG(func, i + 1, pass_by_reference);
6578 i++;
6579 }
6580 }
6581 }
6582 }
6583 /* }}} */
6584
zend_compile_single_typename(zend_ast * ast)6585 static zend_type zend_compile_single_typename(zend_ast *ast)
6586 {
6587 ZEND_ASSERT(!(ast->attr & ZEND_TYPE_NULLABLE));
6588 if (ast->kind == ZEND_AST_TYPE) {
6589 if (ast->attr == IS_STATIC && !CG(active_class_entry) && zend_is_scope_known()) {
6590 zend_error_noreturn(E_COMPILE_ERROR,
6591 "Cannot use \"static\" when no class scope is active");
6592 }
6593
6594 return (zend_type) ZEND_TYPE_INIT_CODE(ast->attr, 0, 0);
6595 } else {
6596 zend_string *class_name = zend_ast_get_str(ast);
6597 uint8_t type_code = zend_lookup_builtin_type_by_name(class_name);
6598
6599 if (type_code != 0) {
6600 if ((ast->attr & ZEND_NAME_NOT_FQ) != ZEND_NAME_NOT_FQ) {
6601 zend_error_noreturn(E_COMPILE_ERROR,
6602 "Type declaration '%s' must be unqualified",
6603 ZSTR_VAL(zend_string_tolower(class_name)));
6604 }
6605
6606 /* Transform iterable into a type union alias */
6607 if (type_code == IS_ITERABLE) {
6608 /* Set iterable bit for BC compat during Reflection and string representation of type */
6609 zend_type iterable = (zend_type) ZEND_TYPE_INIT_CLASS_MASK(ZSTR_KNOWN(ZEND_STR_TRAVERSABLE),
6610 (MAY_BE_ARRAY|_ZEND_TYPE_ITERABLE_BIT));
6611 return iterable;
6612 }
6613
6614 return (zend_type) ZEND_TYPE_INIT_CODE(type_code, 0, 0);
6615 } else {
6616 const char *correct_name;
6617 zend_string *orig_name = zend_ast_get_str(ast);
6618 uint32_t fetch_type = zend_get_class_fetch_type_ast(ast);
6619 if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
6620 class_name = zend_resolve_class_name_ast(ast);
6621 zend_assert_valid_class_name(class_name);
6622 } else {
6623 zend_ensure_valid_class_fetch_type(fetch_type);
6624 zend_string_addref(class_name);
6625 }
6626
6627 if (ast->attr == ZEND_NAME_NOT_FQ
6628 && zend_is_confusable_type(orig_name, &correct_name)
6629 && zend_is_not_imported(orig_name)) {
6630 const char *extra =
6631 FC(current_namespace) ? " or import the class with \"use\"" : "";
6632 if (correct_name) {
6633 zend_error(E_COMPILE_WARNING,
6634 "\"%s\" will be interpreted as a class name. Did you mean \"%s\"? "
6635 "Write \"\\%s\"%s to suppress this warning",
6636 ZSTR_VAL(orig_name), correct_name, ZSTR_VAL(class_name), extra);
6637 } else {
6638 zend_error(E_COMPILE_WARNING,
6639 "\"%s\" is not a supported builtin type "
6640 "and will be interpreted as a class name. "
6641 "Write \"\\%s\"%s to suppress this warning",
6642 ZSTR_VAL(orig_name), ZSTR_VAL(class_name), extra);
6643 }
6644 }
6645
6646 class_name = zend_new_interned_string(class_name);
6647 zend_alloc_ce_cache(class_name);
6648 return (zend_type) ZEND_TYPE_INIT_CLASS(class_name, 0, 0);
6649 }
6650 }
6651 }
6652
zend_are_intersection_types_redundant(zend_type left_type,zend_type right_type)6653 static void zend_are_intersection_types_redundant(zend_type left_type, zend_type right_type)
6654 {
6655 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(left_type));
6656 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(right_type));
6657 zend_type_list *l_type_list = ZEND_TYPE_LIST(left_type);
6658 zend_type_list *r_type_list = ZEND_TYPE_LIST(right_type);
6659 zend_type_list *smaller_type_list, *larger_type_list;
6660 bool flipped = false;
6661
6662 if (r_type_list->num_types < l_type_list->num_types) {
6663 smaller_type_list = r_type_list;
6664 larger_type_list = l_type_list;
6665 flipped = true;
6666 } else {
6667 smaller_type_list = l_type_list;
6668 larger_type_list = r_type_list;
6669 }
6670
6671 unsigned int sum = 0;
6672 zend_type *outer_type;
6673 ZEND_TYPE_LIST_FOREACH(smaller_type_list, outer_type)
6674 zend_type *inner_type;
6675 ZEND_TYPE_LIST_FOREACH(larger_type_list, inner_type)
6676 if (zend_string_equals_ci(ZEND_TYPE_NAME(*inner_type), ZEND_TYPE_NAME(*outer_type))) {
6677 sum++;
6678 break;
6679 }
6680 ZEND_TYPE_LIST_FOREACH_END();
6681 ZEND_TYPE_LIST_FOREACH_END();
6682
6683 if (sum == smaller_type_list->num_types) {
6684 zend_string *smaller_type_str;
6685 zend_string *larger_type_str;
6686 if (flipped) {
6687 smaller_type_str = zend_type_to_string(right_type);
6688 larger_type_str = zend_type_to_string(left_type);
6689 } else {
6690 smaller_type_str = zend_type_to_string(left_type);
6691 larger_type_str = zend_type_to_string(right_type);
6692 }
6693 if (smaller_type_list->num_types == larger_type_list->num_types) {
6694 zend_error_noreturn(E_COMPILE_ERROR, "Type %s is redundant with type %s",
6695 ZSTR_VAL(smaller_type_str), ZSTR_VAL(larger_type_str));
6696 } else {
6697 zend_error_noreturn(E_COMPILE_ERROR, "Type %s is redundant as it is more restrictive than type %s",
6698 ZSTR_VAL(larger_type_str), ZSTR_VAL(smaller_type_str));
6699 }
6700 }
6701 }
6702
zend_is_intersection_type_redundant_by_single_type(zend_type intersection_type,zend_type single_type)6703 static void zend_is_intersection_type_redundant_by_single_type(zend_type intersection_type, zend_type single_type)
6704 {
6705 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(intersection_type));
6706 ZEND_ASSERT(!ZEND_TYPE_IS_INTERSECTION(single_type));
6707
6708 zend_type *single_intersection_type = NULL;
6709 ZEND_TYPE_FOREACH(intersection_type, single_intersection_type)
6710 if (zend_string_equals_ci(ZEND_TYPE_NAME(*single_intersection_type), ZEND_TYPE_NAME(single_type))) {
6711 zend_string *single_type_str = zend_type_to_string(single_type);
6712 zend_string *complete_type = zend_type_to_string(intersection_type);
6713 zend_error_noreturn(E_COMPILE_ERROR, "Type %s is redundant as it is more restrictive than type %s",
6714 ZSTR_VAL(complete_type), ZSTR_VAL(single_type_str));
6715 }
6716 ZEND_TYPE_FOREACH_END();
6717 }
6718
6719 /* Used by both intersection and union types prior to transforming the type list to a full zend_type */
zend_is_type_list_redundant_by_single_type(zend_type_list * type_list,zend_type type)6720 static void zend_is_type_list_redundant_by_single_type(zend_type_list *type_list, zend_type type)
6721 {
6722 ZEND_ASSERT(!ZEND_TYPE_IS_INTERSECTION(type));
6723 for (size_t i = 0; i < type_list->num_types - 1; i++) {
6724 if (ZEND_TYPE_IS_INTERSECTION(type_list->types[i])) {
6725 zend_is_intersection_type_redundant_by_single_type(type_list->types[i], type);
6726 continue;
6727 }
6728 if (zend_string_equals_ci(ZEND_TYPE_NAME(type_list->types[i]), ZEND_TYPE_NAME(type))) {
6729 zend_string *single_type_str = zend_type_to_string(type);
6730 zend_error_noreturn(E_COMPILE_ERROR, "Duplicate type %s is redundant", ZSTR_VAL(single_type_str));
6731 }
6732 }
6733 }
6734
6735 static zend_type zend_compile_typename(zend_ast *ast);
6736
zend_compile_typename_ex(zend_ast * ast,bool force_allow_null,bool * forced_allow_null)6737 static zend_type zend_compile_typename_ex(
6738 zend_ast *ast, bool force_allow_null, bool *forced_allow_null) /* {{{ */
6739 {
6740 bool is_marked_nullable = ast->attr & ZEND_TYPE_NULLABLE;
6741 zend_ast_attr orig_ast_attr = ast->attr;
6742 zend_type type = ZEND_TYPE_INIT_NONE(0);
6743
6744 if (is_marked_nullable) {
6745 ast->attr &= ~ZEND_TYPE_NULLABLE;
6746 }
6747
6748 if (ast->kind == ZEND_AST_TYPE_UNION) {
6749 zend_ast_list *list = zend_ast_get_list(ast);
6750 zend_type_list *type_list;
6751 bool is_composite = false;
6752 bool has_only_iterable_class = true;
6753 ALLOCA_FLAG(use_heap)
6754
6755 type_list = do_alloca(ZEND_TYPE_LIST_SIZE(list->children), use_heap);
6756 type_list->num_types = 0;
6757
6758 for (uint32_t i = 0; i < list->children; i++) {
6759 zend_ast *type_ast = list->child[i];
6760 zend_type single_type;
6761 uint32_t type_mask = ZEND_TYPE_FULL_MASK(type);
6762
6763 if (type_ast->kind == ZEND_AST_TYPE_INTERSECTION) {
6764 has_only_iterable_class = false;
6765 is_composite = true;
6766 /* The first class type can be stored directly as the type ptr payload. */
6767 if (ZEND_TYPE_IS_COMPLEX(type) && !ZEND_TYPE_HAS_LIST(type)) {
6768 /* Switch from single name to name list. */
6769 type_list->num_types = 1;
6770 type_list->types[0] = type;
6771 ZEND_TYPE_FULL_MASK(type_list->types[0]) &= ~_ZEND_TYPE_MAY_BE_MASK;
6772 }
6773 /* Mark type as list type */
6774 ZEND_TYPE_SET_LIST(type, type_list);
6775
6776 single_type = zend_compile_typename(type_ast);
6777 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(single_type));
6778
6779 type_list->types[type_list->num_types++] = single_type;
6780
6781 /* Check for trivially redundant class types */
6782 for (size_t i = 0; i < type_list->num_types - 1; i++) {
6783 if (ZEND_TYPE_IS_INTERSECTION(type_list->types[i])) {
6784 zend_are_intersection_types_redundant(single_type, type_list->types[i]);
6785 continue;
6786 }
6787 /* Type from type list is a simple type */
6788 zend_is_intersection_type_redundant_by_single_type(single_type, type_list->types[i]);
6789 }
6790 continue;
6791 }
6792
6793 single_type = zend_compile_single_typename(type_ast);
6794 uint32_t single_type_mask = ZEND_TYPE_PURE_MASK(single_type);
6795
6796 if (single_type_mask == MAY_BE_ANY) {
6797 zend_error_noreturn(E_COMPILE_ERROR, "Type mixed can only be used as a standalone type");
6798 }
6799 if (ZEND_TYPE_IS_COMPLEX(single_type) && !ZEND_TYPE_IS_ITERABLE_FALLBACK(single_type)) {
6800 has_only_iterable_class = false;
6801 }
6802
6803 uint32_t type_mask_overlap = ZEND_TYPE_PURE_MASK(type) & single_type_mask;
6804 if (type_mask_overlap) {
6805 zend_type overlap_type = ZEND_TYPE_INIT_MASK(type_mask_overlap);
6806 zend_string *overlap_type_str = zend_type_to_string(overlap_type);
6807 zend_error_noreturn(E_COMPILE_ERROR,
6808 "Duplicate type %s is redundant", ZSTR_VAL(overlap_type_str));
6809 }
6810
6811 if ( ((type_mask & MAY_BE_TRUE) && (single_type_mask == MAY_BE_FALSE))
6812 || ((type_mask & MAY_BE_FALSE) && (single_type_mask == MAY_BE_TRUE)) ) {
6813 zend_error_noreturn(E_COMPILE_ERROR,
6814 "Type contains both true and false, bool should be used instead");
6815 }
6816 ZEND_TYPE_FULL_MASK(type) |= ZEND_TYPE_PURE_MASK(single_type);
6817 ZEND_TYPE_FULL_MASK(single_type) &= ~_ZEND_TYPE_MAY_BE_MASK;
6818
6819 if (ZEND_TYPE_IS_COMPLEX(single_type)) {
6820 if (!ZEND_TYPE_IS_COMPLEX(type) && !is_composite) {
6821 /* The first class type can be stored directly as the type ptr payload. */
6822 ZEND_TYPE_SET_PTR(type, ZEND_TYPE_NAME(single_type));
6823 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_NAME_BIT;
6824 } else {
6825 if (type_list->num_types == 0) {
6826 /* Switch from single name to name list. */
6827 type_list->num_types = 1;
6828 type_list->types[0] = type;
6829 ZEND_TYPE_FULL_MASK(type_list->types[0]) &= ~_ZEND_TYPE_MAY_BE_MASK;
6830 ZEND_TYPE_SET_LIST(type, type_list);
6831 }
6832
6833 type_list->types[type_list->num_types++] = single_type;
6834
6835 /* Check for trivially redundant class types */
6836 zend_is_type_list_redundant_by_single_type(type_list, single_type);
6837 }
6838 }
6839 }
6840
6841 if (type_list->num_types) {
6842 zend_type_list *list = zend_arena_alloc(
6843 &CG(arena), ZEND_TYPE_LIST_SIZE(type_list->num_types));
6844 memcpy(list, type_list, ZEND_TYPE_LIST_SIZE(type_list->num_types));
6845 ZEND_TYPE_SET_LIST(type, list);
6846 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6847 /* Inform that the type list is a union type */
6848 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_UNION_BIT;
6849 }
6850
6851 free_alloca(type_list, use_heap);
6852
6853 uint32_t type_mask = ZEND_TYPE_FULL_MASK(type);
6854 if ((type_mask & MAY_BE_OBJECT) &&
6855 ((!has_only_iterable_class && ZEND_TYPE_IS_COMPLEX(type)) || (type_mask & MAY_BE_STATIC))) {
6856 zend_string *type_str = zend_type_to_string(type);
6857 zend_error_noreturn(E_COMPILE_ERROR,
6858 "Type %s contains both object and a class type, which is redundant",
6859 ZSTR_VAL(type_str));
6860 }
6861 } else if (ast->kind == ZEND_AST_TYPE_INTERSECTION) {
6862 zend_ast_list *list = zend_ast_get_list(ast);
6863 zend_type_list *type_list;
6864
6865 /* Allocate the type list directly on the arena as it must be a type
6866 * list of the same number of elements as the AST list has children */
6867 type_list = zend_arena_alloc(&CG(arena), ZEND_TYPE_LIST_SIZE(list->children));
6868 type_list->num_types = 0;
6869
6870 ZEND_ASSERT(list->children > 1);
6871
6872 for (uint32_t i = 0; i < list->children; i++) {
6873 zend_ast *type_ast = list->child[i];
6874 zend_type single_type = zend_compile_single_typename(type_ast);
6875
6876 /* An intersection of union types cannot exist so invalidate it
6877 * Currently only can happen with iterable getting canonicalized to Traversable|array */
6878 if (ZEND_TYPE_IS_ITERABLE_FALLBACK(single_type)) {
6879 zend_string *standard_type_str = zend_type_to_string(single_type);
6880 zend_error_noreturn(E_COMPILE_ERROR,
6881 "Type %s cannot be part of an intersection type", ZSTR_VAL(standard_type_str));
6882 zend_string_release_ex(standard_type_str, false);
6883 }
6884 /* An intersection of standard types cannot exist so invalidate it */
6885 if (ZEND_TYPE_IS_ONLY_MASK(single_type)) {
6886 zend_string *standard_type_str = zend_type_to_string(single_type);
6887 zend_error_noreturn(E_COMPILE_ERROR,
6888 "Type %s cannot be part of an intersection type", ZSTR_VAL(standard_type_str));
6889 zend_string_release_ex(standard_type_str, false);
6890 }
6891 /* Check for "self" and "parent" too */
6892 if (zend_string_equals_literal_ci(ZEND_TYPE_NAME(single_type), "self")
6893 || zend_string_equals_literal_ci(ZEND_TYPE_NAME(single_type), "parent")) {
6894 zend_error_noreturn(E_COMPILE_ERROR,
6895 "Type %s cannot be part of an intersection type", ZSTR_VAL(ZEND_TYPE_NAME(single_type)));
6896 }
6897
6898 /* Add type to the type list */
6899 type_list->types[type_list->num_types++] = single_type;
6900
6901 /* Check for trivially redundant class types */
6902 zend_is_type_list_redundant_by_single_type(type_list, single_type);
6903 }
6904
6905 ZEND_ASSERT(list->children == type_list->num_types);
6906
6907 /* An implicitly nullable intersection type needs to be converted to a DNF type */
6908 if (force_allow_null) {
6909 zend_type intersection_type = ZEND_TYPE_INIT_NONE(0);
6910 ZEND_TYPE_SET_LIST(intersection_type, type_list);
6911 ZEND_TYPE_FULL_MASK(intersection_type) |= _ZEND_TYPE_INTERSECTION_BIT;
6912 ZEND_TYPE_FULL_MASK(intersection_type) |= _ZEND_TYPE_ARENA_BIT;
6913
6914 zend_type_list *dnf_type_list = zend_arena_alloc(&CG(arena), ZEND_TYPE_LIST_SIZE(1));
6915 dnf_type_list->num_types = 1;
6916 dnf_type_list->types[0] = intersection_type;
6917 ZEND_TYPE_SET_LIST(type, dnf_type_list);
6918 /* Inform that the type list is a DNF type */
6919 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_UNION_BIT;
6920 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6921 } else {
6922 ZEND_TYPE_SET_LIST(type, type_list);
6923 /* Inform that the type list is an intersection type */
6924 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_INTERSECTION_BIT;
6925 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6926 }
6927 } else {
6928 type = zend_compile_single_typename(ast);
6929 }
6930
6931 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
6932
6933 if (type_mask == MAY_BE_ANY && is_marked_nullable) {
6934 zend_error_noreturn(E_COMPILE_ERROR, "Type mixed cannot be marked as nullable since mixed already includes null");
6935 }
6936
6937 if ((type_mask & MAY_BE_NULL) && is_marked_nullable) {
6938 zend_error_noreturn(E_COMPILE_ERROR, "null cannot be marked as nullable");
6939 }
6940
6941 if (force_allow_null && !is_marked_nullable && !(type_mask & MAY_BE_NULL)) {
6942 *forced_allow_null = true;
6943 }
6944
6945 if (is_marked_nullable || force_allow_null) {
6946 ZEND_TYPE_FULL_MASK(type) |= MAY_BE_NULL;
6947 type_mask = ZEND_TYPE_PURE_MASK(type);
6948 }
6949
6950 if ((type_mask & MAY_BE_VOID) && (ZEND_TYPE_IS_COMPLEX(type) || type_mask != MAY_BE_VOID)) {
6951 zend_error_noreturn(E_COMPILE_ERROR, "Void can only be used as a standalone type");
6952 }
6953
6954 if ((type_mask & MAY_BE_NEVER) && (ZEND_TYPE_IS_COMPLEX(type) || type_mask != MAY_BE_NEVER)) {
6955 zend_error_noreturn(E_COMPILE_ERROR, "never can only be used as a standalone type");
6956 }
6957
6958 ast->attr = orig_ast_attr;
6959 return type;
6960 }
6961 /* }}} */
6962
zend_compile_typename(zend_ast * ast)6963 static zend_type zend_compile_typename(zend_ast *ast)
6964 {
6965 bool forced_allow_null;
6966 return zend_compile_typename_ex(ast, false, &forced_allow_null);
6967 }
6968
6969 /* May convert value from int to float. */
zend_is_valid_default_value(zend_type type,zval * value)6970 static bool zend_is_valid_default_value(zend_type type, zval *value)
6971 {
6972 ZEND_ASSERT(ZEND_TYPE_IS_SET(type));
6973 if (ZEND_TYPE_CONTAINS_CODE(type, Z_TYPE_P(value))) {
6974 return 1;
6975 }
6976 if ((ZEND_TYPE_FULL_MASK(type) & MAY_BE_DOUBLE) && Z_TYPE_P(value) == IS_LONG) {
6977 /* Integers are allowed as initializers for floating-point values. */
6978 convert_to_double(value);
6979 return 1;
6980 }
6981 return 0;
6982 }
6983
zend_compile_attributes(HashTable ** attributes,zend_ast * ast,uint32_t offset,uint32_t target,uint32_t promoted)6984 static void zend_compile_attributes(
6985 HashTable **attributes, zend_ast *ast, uint32_t offset, uint32_t target, uint32_t promoted
6986 ) /* {{{ */ {
6987 zend_attribute *attr;
6988 zend_internal_attribute *config;
6989
6990 zend_ast_list *list = zend_ast_get_list(ast);
6991 uint32_t g, i, j;
6992
6993 ZEND_ASSERT(ast->kind == ZEND_AST_ATTRIBUTE_LIST);
6994
6995 for (g = 0; g < list->children; g++) {
6996 zend_ast_list *group = zend_ast_get_list(list->child[g]);
6997
6998 ZEND_ASSERT(group->kind == ZEND_AST_ATTRIBUTE_GROUP);
6999
7000 for (i = 0; i < group->children; i++) {
7001 ZEND_ASSERT(group->child[i]->kind == ZEND_AST_ATTRIBUTE);
7002
7003 zend_ast *el = group->child[i];
7004
7005 if (el->child[1] &&
7006 el->child[1]->kind == ZEND_AST_CALLABLE_CONVERT) {
7007 zend_error_noreturn(E_COMPILE_ERROR,
7008 "Cannot create Closure as attribute argument");
7009 }
7010
7011 zend_string *name = zend_resolve_class_name_ast(el->child[0]);
7012 zend_string *lcname = zend_string_tolower_ex(name, false);
7013 zend_ast_list *args = el->child[1] ? zend_ast_get_list(el->child[1]) : NULL;
7014
7015 config = zend_internal_attribute_get(lcname);
7016 zend_string_release(lcname);
7017
7018 /* Exclude internal attributes that do not match on promoted properties. */
7019 if (config && !(target & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL))) {
7020 if (promoted & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL)) {
7021 zend_string_release(name);
7022 continue;
7023 }
7024 }
7025
7026 uint32_t flags = (CG(active_op_array)->fn_flags & ZEND_ACC_STRICT_TYPES)
7027 ? ZEND_ATTRIBUTE_STRICT_TYPES : 0;
7028 attr = zend_add_attribute(
7029 attributes, name, args ? args->children : 0, flags, offset, el->lineno);
7030 zend_string_release(name);
7031
7032 /* Populate arguments */
7033 if (args) {
7034 ZEND_ASSERT(args->kind == ZEND_AST_ARG_LIST);
7035
7036 bool uses_named_args = 0;
7037 for (j = 0; j < args->children; j++) {
7038 zend_ast **arg_ast_ptr = &args->child[j];
7039 zend_ast *arg_ast = *arg_ast_ptr;
7040
7041 if (arg_ast->kind == ZEND_AST_UNPACK) {
7042 zend_error_noreturn(E_COMPILE_ERROR,
7043 "Cannot use unpacking in attribute argument list");
7044 }
7045
7046 if (arg_ast->kind == ZEND_AST_NAMED_ARG) {
7047 attr->args[j].name = zend_string_copy(zend_ast_get_str(arg_ast->child[0]));
7048 arg_ast_ptr = &arg_ast->child[1];
7049 uses_named_args = 1;
7050
7051 for (uint32_t k = 0; k < j; k++) {
7052 if (attr->args[k].name &&
7053 zend_string_equals(attr->args[k].name, attr->args[j].name)) {
7054 zend_error_noreturn(E_COMPILE_ERROR, "Duplicate named parameter $%s",
7055 ZSTR_VAL(attr->args[j].name));
7056 }
7057 }
7058 } else if (uses_named_args) {
7059 zend_error_noreturn(E_COMPILE_ERROR,
7060 "Cannot use positional argument after named argument");
7061 }
7062
7063 zend_const_expr_to_zval(
7064 &attr->args[j].value, arg_ast_ptr, /* allow_dynamic */ true);
7065 }
7066 }
7067 }
7068 }
7069
7070 if (*attributes != NULL) {
7071 /* Validate attributes in a secondary loop (needed to detect repeated attributes). */
7072 ZEND_HASH_PACKED_FOREACH_PTR(*attributes, attr) {
7073 if (attr->offset != offset || NULL == (config = zend_internal_attribute_get(attr->lcname))) {
7074 continue;
7075 }
7076
7077 if (!(target & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL))) {
7078 zend_string *location = zend_get_attribute_target_names(target);
7079 zend_string *allowed = zend_get_attribute_target_names(config->flags);
7080
7081 zend_error_noreturn(E_ERROR, "Attribute \"%s\" cannot target %s (allowed targets: %s)",
7082 ZSTR_VAL(attr->name), ZSTR_VAL(location), ZSTR_VAL(allowed)
7083 );
7084 }
7085
7086 if (!(config->flags & ZEND_ATTRIBUTE_IS_REPEATABLE)) {
7087 if (zend_is_attribute_repeated(*attributes, attr)) {
7088 zend_error_noreturn(E_ERROR, "Attribute \"%s\" must not be repeated", ZSTR_VAL(attr->name));
7089 }
7090 }
7091
7092 if (config->validator != NULL) {
7093 config->validator(attr, target, CG(active_class_entry));
7094 }
7095 } ZEND_HASH_FOREACH_END();
7096 }
7097 }
7098 /* }}} */
7099
zend_compile_params(zend_ast * ast,zend_ast * return_type_ast,uint32_t fallback_return_type)7100 static void zend_compile_params(zend_ast *ast, zend_ast *return_type_ast, uint32_t fallback_return_type) /* {{{ */
7101 {
7102 zend_ast_list *list = zend_ast_get_list(ast);
7103 uint32_t i;
7104 zend_op_array *op_array = CG(active_op_array);
7105 zend_arg_info *arg_infos;
7106
7107 if (return_type_ast || fallback_return_type) {
7108 /* Use op_array->arg_info[-1] for return type */
7109 arg_infos = safe_emalloc(sizeof(zend_arg_info), list->children + 1, 0);
7110 arg_infos->name = NULL;
7111 if (return_type_ast) {
7112 arg_infos->type = zend_compile_typename(return_type_ast);
7113 ZEND_TYPE_FULL_MASK(arg_infos->type) |= _ZEND_ARG_INFO_FLAGS(
7114 (op_array->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0, /* is_variadic */ 0, /* is_tentative */ 0);
7115 } else {
7116 arg_infos->type = (zend_type) ZEND_TYPE_INIT_CODE(fallback_return_type, 0, 0);
7117 }
7118 arg_infos++;
7119 op_array->fn_flags |= ZEND_ACC_HAS_RETURN_TYPE;
7120
7121 if (ZEND_TYPE_CONTAINS_CODE(arg_infos[-1].type, IS_VOID)
7122 && (op_array->fn_flags & ZEND_ACC_RETURN_REFERENCE)) {
7123 zend_error(E_DEPRECATED, "Returning by reference from a void function is deprecated");
7124 }
7125 } else {
7126 if (list->children == 0) {
7127 return;
7128 }
7129 arg_infos = safe_emalloc(sizeof(zend_arg_info), list->children, 0);
7130 }
7131
7132 /* Find last required parameter number for deprecation message. */
7133 uint32_t last_required_param = (uint32_t) -1;
7134 for (i = 0; i < list->children; ++i) {
7135 zend_ast *param_ast = list->child[i];
7136 zend_ast *default_ast_ptr = param_ast->child[2];
7137 bool is_variadic = (param_ast->attr & ZEND_PARAM_VARIADIC) != 0;
7138 if (!default_ast_ptr && !is_variadic) {
7139 last_required_param = i;
7140 }
7141 }
7142
7143 for (i = 0; i < list->children; ++i) {
7144 zend_ast *param_ast = list->child[i];
7145 zend_ast *type_ast = param_ast->child[0];
7146 zend_ast *var_ast = param_ast->child[1];
7147 zend_ast **default_ast_ptr = ¶m_ast->child[2];
7148 zend_ast *attributes_ast = param_ast->child[3];
7149 zend_ast *doc_comment_ast = param_ast->child[4];
7150 zend_string *name = zval_make_interned_string(zend_ast_get_zval(var_ast));
7151 bool is_ref = (param_ast->attr & ZEND_PARAM_REF) != 0;
7152 bool is_variadic = (param_ast->attr & ZEND_PARAM_VARIADIC) != 0;
7153 uint32_t property_flags = param_ast->attr & (ZEND_ACC_PPP_MASK | ZEND_ACC_READONLY);
7154
7155 znode var_node, default_node;
7156 uint8_t opcode;
7157 zend_op *opline;
7158 zend_arg_info *arg_info;
7159
7160 if (zend_is_auto_global(name)) {
7161 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign auto-global variable %s",
7162 ZSTR_VAL(name));
7163 }
7164
7165 var_node.op_type = IS_CV;
7166 var_node.u.op.var = lookup_cv(name);
7167
7168 if (EX_VAR_TO_NUM(var_node.u.op.var) != i) {
7169 zend_error_noreturn(E_COMPILE_ERROR, "Redefinition of parameter $%s",
7170 ZSTR_VAL(name));
7171 } else if (zend_string_equals(name, ZSTR_KNOWN(ZEND_STR_THIS))) {
7172 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as parameter");
7173 }
7174
7175 if (op_array->fn_flags & ZEND_ACC_VARIADIC) {
7176 zend_error_noreturn(E_COMPILE_ERROR, "Only the last parameter can be variadic");
7177 }
7178
7179 if (is_variadic) {
7180 opcode = ZEND_RECV_VARIADIC;
7181 default_node.op_type = IS_UNUSED;
7182 op_array->fn_flags |= ZEND_ACC_VARIADIC;
7183
7184 if (*default_ast_ptr) {
7185 zend_error_noreturn(E_COMPILE_ERROR,
7186 "Variadic parameter cannot have a default value");
7187 }
7188 } else if (*default_ast_ptr) {
7189 /* we cannot substitute constants here or it will break ReflectionParameter::getDefaultValueConstantName() and ReflectionParameter::isDefaultValueConstant() */
7190 uint32_t cops = CG(compiler_options);
7191 CG(compiler_options) |= ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION | ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION;
7192 opcode = ZEND_RECV_INIT;
7193 default_node.op_type = IS_CONST;
7194 zend_const_expr_to_zval(
7195 &default_node.u.constant, default_ast_ptr, /* allow_dynamic */ true);
7196 CG(compiler_options) = cops;
7197 } else {
7198 opcode = ZEND_RECV;
7199 default_node.op_type = IS_UNUSED;
7200 op_array->required_num_args = i + 1;
7201 }
7202
7203 arg_info = &arg_infos[i];
7204 arg_info->name = zend_string_copy(name);
7205 arg_info->type = (zend_type) ZEND_TYPE_INIT_NONE(0);
7206
7207 if (attributes_ast) {
7208 zend_compile_attributes(
7209 &op_array->attributes, attributes_ast, i + 1, ZEND_ATTRIBUTE_TARGET_PARAMETER,
7210 property_flags ? ZEND_ATTRIBUTE_TARGET_PROPERTY : 0
7211 );
7212 }
7213
7214 bool forced_allow_nullable = false;
7215 if (type_ast) {
7216 uint32_t default_type = *default_ast_ptr ? Z_TYPE(default_node.u.constant) : IS_UNDEF;
7217 bool force_nullable = default_type == IS_NULL && !property_flags;
7218
7219 op_array->fn_flags |= ZEND_ACC_HAS_TYPE_HINTS;
7220 arg_info->type = zend_compile_typename_ex(type_ast, force_nullable, &forced_allow_nullable);
7221
7222 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_VOID) {
7223 zend_error_noreturn(E_COMPILE_ERROR, "void cannot be used as a parameter type");
7224 }
7225
7226 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_NEVER) {
7227 zend_error_noreturn(E_COMPILE_ERROR, "never cannot be used as a parameter type");
7228 }
7229
7230 if (default_type != IS_UNDEF && default_type != IS_CONSTANT_AST && !force_nullable
7231 && !zend_is_valid_default_value(arg_info->type, &default_node.u.constant)) {
7232 zend_string *type_str = zend_type_to_string(arg_info->type);
7233 zend_error_noreturn(E_COMPILE_ERROR,
7234 "Cannot use %s as default value for parameter $%s of type %s",
7235 zend_get_type_by_const(default_type),
7236 ZSTR_VAL(name), ZSTR_VAL(type_str));
7237 }
7238 }
7239 if (last_required_param != (uint32_t) -1
7240 && i < last_required_param
7241 && default_node.op_type == IS_CONST) {
7242 /* Ignore parameters of the form "Type $param = null".
7243 * This is the PHP 5 style way of writing "?Type $param", so allow it for now. */
7244 if (!forced_allow_nullable) {
7245 zend_ast *required_param_ast = list->child[last_required_param];
7246 zend_error(E_DEPRECATED,
7247 "Optional parameter $%s declared before required parameter $%s "
7248 "is implicitly treated as a required parameter",
7249 ZSTR_VAL(name), ZSTR_VAL(zend_ast_get_str(required_param_ast->child[1])));
7250 }
7251
7252 /* Regardless of whether we issue a deprecation, convert this parameter into
7253 * a required parameter without a default value. This ensures that it cannot be
7254 * used as an optional parameter even with named parameters. */
7255 opcode = ZEND_RECV;
7256 default_node.op_type = IS_UNUSED;
7257 zval_ptr_dtor(&default_node.u.constant);
7258 }
7259
7260 opline = zend_emit_op(NULL, opcode, NULL, &default_node);
7261 SET_NODE(opline->result, &var_node);
7262 opline->op1.num = i + 1;
7263
7264 if (type_ast) {
7265 /* Allocate cache slot to speed-up run-time class resolution */
7266 opline->extended_value =
7267 zend_alloc_cache_slots(zend_type_get_num_classes(arg_info->type));
7268 }
7269
7270 uint32_t arg_info_flags = _ZEND_ARG_INFO_FLAGS(is_ref, is_variadic, /* is_tentative */ 0)
7271 | (property_flags ? _ZEND_IS_PROMOTED_BIT : 0);
7272 ZEND_TYPE_FULL_MASK(arg_info->type) |= arg_info_flags;
7273 if (opcode == ZEND_RECV) {
7274 opline->op2.num = type_ast ?
7275 ZEND_TYPE_FULL_MASK(arg_info->type) : MAY_BE_ANY;
7276 }
7277
7278 if (property_flags) {
7279 zend_op_array *op_array = CG(active_op_array);
7280 zend_class_entry *scope = op_array->scope;
7281
7282 bool is_ctor =
7283 scope && zend_is_constructor(op_array->function_name);
7284 if (!is_ctor) {
7285 zend_error_noreturn(E_COMPILE_ERROR,
7286 "Cannot declare promoted property outside a constructor");
7287 }
7288 if ((op_array->fn_flags & ZEND_ACC_ABSTRACT)
7289 || (scope->ce_flags & ZEND_ACC_INTERFACE)) {
7290 zend_error_noreturn(E_COMPILE_ERROR,
7291 "Cannot declare promoted property in an abstract constructor");
7292 }
7293 if (is_variadic) {
7294 zend_error_noreturn(E_COMPILE_ERROR,
7295 "Cannot declare variadic promoted property");
7296 }
7297 if (zend_hash_exists(&scope->properties_info, name)) {
7298 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::$%s",
7299 ZSTR_VAL(scope->name), ZSTR_VAL(name));
7300 }
7301 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_CALLABLE) {
7302 zend_string *str = zend_type_to_string(arg_info->type);
7303 zend_error_noreturn(E_COMPILE_ERROR,
7304 "Property %s::$%s cannot have type %s",
7305 ZSTR_VAL(scope->name), ZSTR_VAL(name), ZSTR_VAL(str));
7306 }
7307
7308 if (!(property_flags & ZEND_ACC_READONLY) && (scope->ce_flags & ZEND_ACC_READONLY_CLASS)) {
7309 property_flags |= ZEND_ACC_READONLY;
7310 }
7311
7312 /* Recompile the type, as it has different memory management requirements. */
7313 zend_type type = ZEND_TYPE_INIT_NONE(0);
7314 if (type_ast) {
7315 type = zend_compile_typename(type_ast);
7316 }
7317
7318 /* Don't give the property an explicit default value. For typed properties this means
7319 * uninitialized, for untyped properties it means an implicit null default value. */
7320 zval default_value;
7321 if (ZEND_TYPE_IS_SET(type)) {
7322 ZVAL_UNDEF(&default_value);
7323 } else {
7324 if (property_flags & ZEND_ACC_READONLY) {
7325 zend_error_noreturn(E_COMPILE_ERROR, "Readonly property %s::$%s must have type",
7326 ZSTR_VAL(scope->name), ZSTR_VAL(name));
7327 }
7328
7329 ZVAL_NULL(&default_value);
7330 }
7331
7332 zend_string *doc_comment =
7333 doc_comment_ast ? zend_string_copy(zend_ast_get_str(doc_comment_ast)) : NULL;
7334 zend_property_info *prop = zend_declare_typed_property(
7335 scope, name, &default_value, property_flags | ZEND_ACC_PROMOTED, doc_comment, type);
7336 if (attributes_ast) {
7337 zend_compile_attributes(
7338 &prop->attributes, attributes_ast, 0, ZEND_ATTRIBUTE_TARGET_PROPERTY, ZEND_ATTRIBUTE_TARGET_PARAMETER);
7339 }
7340 }
7341 }
7342
7343 /* These are assigned at the end to avoid uninitialized memory in case of an error */
7344 op_array->num_args = list->children;
7345 op_array->arg_info = arg_infos;
7346
7347 /* Don't count the variadic argument */
7348 if (op_array->fn_flags & ZEND_ACC_VARIADIC) {
7349 op_array->num_args--;
7350 }
7351 zend_set_function_arg_flags((zend_function*)op_array);
7352
7353 for (i = 0; i < list->children; i++) {
7354 zend_ast *param_ast = list->child[i];
7355 bool is_ref = (param_ast->attr & ZEND_PARAM_REF) != 0;
7356 uint32_t flags = param_ast->attr & (ZEND_ACC_PPP_MASK | ZEND_ACC_READONLY);
7357 if (!flags) {
7358 continue;
7359 }
7360
7361 /* Emit $this->prop = $prop for promoted properties. */
7362 zend_string *name = zend_ast_get_str(param_ast->child[1]);
7363 znode name_node, value_node;
7364 name_node.op_type = IS_CONST;
7365 ZVAL_STR_COPY(&name_node.u.constant, name);
7366 value_node.op_type = IS_CV;
7367 value_node.u.op.var = lookup_cv(name);
7368
7369 zend_op *opline = zend_emit_op(NULL,
7370 is_ref ? ZEND_ASSIGN_OBJ_REF : ZEND_ASSIGN_OBJ, NULL, &name_node);
7371 opline->extended_value = zend_alloc_cache_slots(3);
7372 zend_emit_op_data(&value_node);
7373 }
7374 }
7375 /* }}} */
7376
zend_compile_closure_binding(znode * closure,zend_op_array * op_array,zend_ast * uses_ast)7377 static void zend_compile_closure_binding(znode *closure, zend_op_array *op_array, zend_ast *uses_ast) /* {{{ */
7378 {
7379 zend_ast_list *list = zend_ast_get_list(uses_ast);
7380 uint32_t i;
7381
7382 if (!list->children) {
7383 return;
7384 }
7385
7386 if (!op_array->static_variables) {
7387 op_array->static_variables = zend_new_array(8);
7388 }
7389
7390 for (i = 0; i < list->children; ++i) {
7391 zend_ast *var_name_ast = list->child[i];
7392 zend_string *var_name = zval_make_interned_string(zend_ast_get_zval(var_name_ast));
7393 uint32_t mode = var_name_ast->attr;
7394 zend_op *opline;
7395 zval *value;
7396
7397 if (zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
7398 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as lexical variable");
7399 }
7400
7401 if (zend_is_auto_global(var_name)) {
7402 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use auto-global as lexical variable");
7403 }
7404
7405 value = zend_hash_add(op_array->static_variables, var_name, &EG(uninitialized_zval));
7406 if (!value) {
7407 zend_error_noreturn_unchecked(E_COMPILE_ERROR,
7408 "Cannot use variable $%S twice", var_name);
7409 }
7410
7411 CG(zend_lineno) = zend_ast_get_lineno(var_name_ast);
7412
7413 opline = zend_emit_op(NULL, ZEND_BIND_LEXICAL, closure, NULL);
7414 opline->op2_type = IS_CV;
7415 opline->op2.var = lookup_cv(var_name);
7416 opline->extended_value =
7417 (uint32_t)((char*)value - (char*)op_array->static_variables->arData) | mode;
7418 }
7419 }
7420 /* }}} */
7421
7422 typedef struct {
7423 HashTable uses;
7424 bool varvars_used;
7425 } closure_info;
7426
find_implicit_binds_recursively(closure_info * info,zend_ast * ast)7427 static void find_implicit_binds_recursively(closure_info *info, zend_ast *ast) {
7428 if (!ast) {
7429 return;
7430 }
7431
7432 if (ast->kind == ZEND_AST_VAR) {
7433 zend_ast *name_ast = ast->child[0];
7434 if (name_ast->kind == ZEND_AST_ZVAL && Z_TYPE_P(zend_ast_get_zval(name_ast)) == IS_STRING) {
7435 zend_string *name = zend_ast_get_str(name_ast);
7436 if (zend_is_auto_global(name)) {
7437 /* These is no need to explicitly import auto-globals. */
7438 return;
7439 }
7440
7441 if (zend_string_equals(name, ZSTR_KNOWN(ZEND_STR_THIS))) {
7442 /* $this does not need to be explicitly imported. */
7443 return;
7444 }
7445
7446 zend_hash_add_empty_element(&info->uses, name);
7447 } else {
7448 info->varvars_used = 1;
7449 find_implicit_binds_recursively(info, name_ast);
7450 }
7451 } else if (zend_ast_is_list(ast)) {
7452 zend_ast_list *list = zend_ast_get_list(ast);
7453 uint32_t i;
7454 for (i = 0; i < list->children; i++) {
7455 find_implicit_binds_recursively(info, list->child[i]);
7456 }
7457 } else if (ast->kind == ZEND_AST_CLOSURE) {
7458 /* For normal closures add the use() list. */
7459 zend_ast_decl *closure_ast = (zend_ast_decl *) ast;
7460 zend_ast *uses_ast = closure_ast->child[1];
7461 if (uses_ast) {
7462 zend_ast_list *uses_list = zend_ast_get_list(uses_ast);
7463 uint32_t i;
7464 for (i = 0; i < uses_list->children; i++) {
7465 zend_hash_add_empty_element(&info->uses, zend_ast_get_str(uses_list->child[i]));
7466 }
7467 }
7468 } else if (ast->kind == ZEND_AST_ARROW_FUNC) {
7469 /* For arrow functions recursively check the expression. */
7470 zend_ast_decl *closure_ast = (zend_ast_decl *) ast;
7471 find_implicit_binds_recursively(info, closure_ast->child[2]);
7472 } else if (!zend_ast_is_special(ast)) {
7473 uint32_t i, children = zend_ast_get_num_children(ast);
7474 for (i = 0; i < children; i++) {
7475 find_implicit_binds_recursively(info, ast->child[i]);
7476 }
7477 }
7478 }
7479
find_implicit_binds(closure_info * info,zend_ast * params_ast,zend_ast * stmt_ast)7480 static void find_implicit_binds(closure_info *info, zend_ast *params_ast, zend_ast *stmt_ast)
7481 {
7482 zend_ast_list *param_list = zend_ast_get_list(params_ast);
7483 uint32_t i;
7484
7485 zend_hash_init(&info->uses, param_list->children, NULL, NULL, 0);
7486
7487 find_implicit_binds_recursively(info, stmt_ast);
7488
7489 /* Remove variables that are parameters */
7490 for (i = 0; i < param_list->children; i++) {
7491 zend_ast *param_ast = param_list->child[i];
7492 zend_hash_del(&info->uses, zend_ast_get_str(param_ast->child[1]));
7493 }
7494 }
7495
compile_implicit_lexical_binds(closure_info * info,znode * closure,zend_op_array * op_array)7496 static void compile_implicit_lexical_binds(
7497 closure_info *info, znode *closure, zend_op_array *op_array)
7498 {
7499 zend_string *var_name;
7500 zend_op *opline;
7501
7502 /* TODO We might want to use a special binding mode if varvars_used is set. */
7503 if (zend_hash_num_elements(&info->uses) == 0) {
7504 return;
7505 }
7506
7507 if (!op_array->static_variables) {
7508 op_array->static_variables = zend_new_array(8);
7509 }
7510
7511 ZEND_HASH_MAP_FOREACH_STR_KEY(&info->uses, var_name)
7512 zval *value = zend_hash_add(
7513 op_array->static_variables, var_name, &EG(uninitialized_zval));
7514 uint32_t offset = (uint32_t)((char*)value - (char*)op_array->static_variables->arData);
7515
7516 opline = zend_emit_op(NULL, ZEND_BIND_LEXICAL, closure, NULL);
7517 opline->op2_type = IS_CV;
7518 opline->op2.var = lookup_cv(var_name);
7519 opline->extended_value = offset | ZEND_BIND_IMPLICIT;
7520 ZEND_HASH_FOREACH_END();
7521 }
7522
zend_compile_closure_uses(zend_ast * ast)7523 static void zend_compile_closure_uses(zend_ast *ast) /* {{{ */
7524 {
7525 zend_op_array *op_array = CG(active_op_array);
7526 zend_ast_list *list = zend_ast_get_list(ast);
7527 uint32_t i;
7528
7529 for (i = 0; i < list->children; ++i) {
7530 uint32_t mode = ZEND_BIND_EXPLICIT;
7531 zend_ast *var_ast = list->child[i];
7532 zend_string *var_name = zend_ast_get_str(var_ast);
7533 zval zv;
7534 ZVAL_NULL(&zv);
7535
7536 {
7537 int i;
7538 for (i = 0; i < op_array->last_var; i++) {
7539 if (zend_string_equals(op_array->vars[i], var_name)) {
7540 zend_error_noreturn_unchecked(E_COMPILE_ERROR,
7541 "Cannot use lexical variable $%S as a parameter name", var_name);
7542 }
7543 }
7544 }
7545
7546 CG(zend_lineno) = zend_ast_get_lineno(var_ast);
7547
7548 if (var_ast->attr) {
7549 mode |= ZEND_BIND_REF;
7550 }
7551
7552 zend_compile_static_var_common(var_name, &zv, mode);
7553 }
7554 }
7555 /* }}} */
7556
zend_compile_implicit_closure_uses(closure_info * info)7557 static void zend_compile_implicit_closure_uses(closure_info *info)
7558 {
7559 zend_string *var_name;
7560 ZEND_HASH_MAP_FOREACH_STR_KEY(&info->uses, var_name)
7561 zval zv;
7562 ZVAL_NULL(&zv);
7563 zend_compile_static_var_common(var_name, &zv, ZEND_BIND_IMPLICIT);
7564 ZEND_HASH_FOREACH_END();
7565 }
7566
add_stringable_interface(zend_class_entry * ce)7567 static void add_stringable_interface(zend_class_entry *ce) {
7568 for (uint32_t i = 0; i < ce->num_interfaces; i++) {
7569 if (zend_string_equals_literal(ce->interface_names[i].lc_name, "stringable")) {
7570 /* Interface already explicitly implemented */
7571 return;
7572 }
7573 }
7574
7575 ce->num_interfaces++;
7576 ce->interface_names =
7577 erealloc(ce->interface_names, sizeof(zend_class_name) * ce->num_interfaces);
7578 // TODO: Add known interned strings instead?
7579 ce->interface_names[ce->num_interfaces - 1].name =
7580 ZSTR_INIT_LITERAL("Stringable", 0);
7581 ce->interface_names[ce->num_interfaces - 1].lc_name =
7582 ZSTR_INIT_LITERAL("stringable", 0);
7583 }
7584
zend_begin_method_decl(zend_op_array * op_array,zend_string * name,bool has_body)7585 static zend_string *zend_begin_method_decl(zend_op_array *op_array, zend_string *name, bool has_body) /* {{{ */
7586 {
7587 zend_class_entry *ce = CG(active_class_entry);
7588 bool in_interface = (ce->ce_flags & ZEND_ACC_INTERFACE) != 0;
7589 uint32_t fn_flags = op_array->fn_flags;
7590
7591 zend_string *lcname;
7592
7593 if (fn_flags & ZEND_ACC_READONLY) {
7594 zend_error(E_COMPILE_ERROR, "Cannot use 'readonly' as method modifier");
7595 }
7596
7597 if ((fn_flags & ZEND_ACC_PRIVATE) && (fn_flags & ZEND_ACC_FINAL) && !zend_is_constructor(name)) {
7598 zend_error(E_COMPILE_WARNING, "Private methods cannot be final as they are never overridden by other classes");
7599 }
7600
7601 if (in_interface) {
7602 if (!(fn_flags & ZEND_ACC_PUBLIC)) {
7603 zend_error_noreturn(E_COMPILE_ERROR, "Access type for interface method "
7604 "%s::%s() must be public", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7605 }
7606 if (fn_flags & ZEND_ACC_FINAL) {
7607 zend_error_noreturn(E_COMPILE_ERROR, "Interface method "
7608 "%s::%s() must not be final", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7609 }
7610 if (fn_flags & ZEND_ACC_ABSTRACT) {
7611 zend_error_noreturn(E_COMPILE_ERROR, "Interface method "
7612 "%s::%s() must not be abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7613 }
7614 op_array->fn_flags |= ZEND_ACC_ABSTRACT;
7615 }
7616
7617 if (op_array->fn_flags & ZEND_ACC_ABSTRACT) {
7618 if ((op_array->fn_flags & ZEND_ACC_PRIVATE) && !(ce->ce_flags & ZEND_ACC_TRAIT)) {
7619 zend_error_noreturn(E_COMPILE_ERROR, "%s function %s::%s() cannot be declared private",
7620 in_interface ? "Interface" : "Abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7621 }
7622
7623 if (has_body) {
7624 zend_error_noreturn(E_COMPILE_ERROR, "%s function %s::%s() cannot contain body",
7625 in_interface ? "Interface" : "Abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7626 }
7627
7628 ce->ce_flags |= ZEND_ACC_IMPLICIT_ABSTRACT_CLASS;
7629 } else if (!has_body) {
7630 zend_error_noreturn(E_COMPILE_ERROR, "Non-abstract method %s::%s() must contain body",
7631 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7632 }
7633
7634 op_array->scope = ce;
7635 op_array->function_name = zend_string_copy(name);
7636
7637 lcname = zend_string_tolower(name);
7638 lcname = zend_new_interned_string(lcname);
7639
7640 if (zend_hash_add_ptr(&ce->function_table, lcname, op_array) == NULL) {
7641 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::%s()",
7642 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7643 }
7644
7645 zend_add_magic_method(ce, (zend_function *) op_array, lcname);
7646 if (zend_string_equals_literal(lcname, ZEND_TOSTRING_FUNC_NAME)
7647 && !(ce->ce_flags & ZEND_ACC_TRAIT)) {
7648 add_stringable_interface(ce);
7649 }
7650
7651 return lcname;
7652 }
7653 /* }}} */
7654
zend_add_dynamic_func_def(zend_op_array * def)7655 static uint32_t zend_add_dynamic_func_def(zend_op_array *def) {
7656 zend_op_array *op_array = CG(active_op_array);
7657 uint32_t def_offset = op_array->num_dynamic_func_defs++;
7658 op_array->dynamic_func_defs = erealloc(
7659 op_array->dynamic_func_defs, op_array->num_dynamic_func_defs * sizeof(zend_op_array *));
7660 op_array->dynamic_func_defs[def_offset] = def;
7661 return def_offset;
7662 }
7663
zend_begin_func_decl(znode * result,zend_op_array * op_array,zend_ast_decl * decl,bool toplevel)7664 static zend_string *zend_begin_func_decl(znode *result, zend_op_array *op_array, zend_ast_decl *decl, bool toplevel) /* {{{ */
7665 {
7666 zend_string *unqualified_name, *name, *lcname;
7667 zend_op *opline;
7668
7669 unqualified_name = decl->name;
7670 op_array->function_name = name = zend_prefix_with_ns(unqualified_name);
7671 lcname = zend_string_tolower(name);
7672
7673 if (FC(imports_function)) {
7674 zend_string *import_name =
7675 zend_hash_find_ptr_lc(FC(imports_function), unqualified_name);
7676 if (import_name && !zend_string_equals_ci(lcname, import_name)) {
7677 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare function %s "
7678 "because the name is already in use", ZSTR_VAL(name));
7679 }
7680 }
7681
7682 if (zend_string_equals_literal(lcname, "__autoload")) {
7683 zend_error_noreturn(E_COMPILE_ERROR,
7684 "__autoload() is no longer supported, use spl_autoload_register() instead");
7685 }
7686
7687 if (zend_string_equals_literal_ci(unqualified_name, "assert")) {
7688 zend_error(E_COMPILE_ERROR,
7689 "Defining a custom assert() function is not allowed, "
7690 "as the function has special semantics");
7691 }
7692
7693 zend_register_seen_symbol(lcname, ZEND_SYMBOL_FUNCTION);
7694 if (!toplevel) {
7695 uint32_t func_ref = zend_add_dynamic_func_def(op_array);
7696 if (op_array->fn_flags & ZEND_ACC_CLOSURE) {
7697 opline = zend_emit_op_tmp(result, ZEND_DECLARE_LAMBDA_FUNCTION, NULL, NULL);
7698 opline->op2.num = func_ref;
7699 } else {
7700 opline = get_next_op();
7701 opline->opcode = ZEND_DECLARE_FUNCTION;
7702 opline->op1_type = IS_CONST;
7703 LITERAL_STR(opline->op1, zend_string_copy(lcname));
7704 opline->op2.num = func_ref;
7705 }
7706 }
7707 return lcname;
7708 }
7709 /* }}} */
7710
zend_compile_func_decl(znode * result,zend_ast * ast,bool toplevel)7711 static void zend_compile_func_decl(znode *result, zend_ast *ast, bool toplevel) /* {{{ */
7712 {
7713 zend_ast_decl *decl = (zend_ast_decl *) ast;
7714 zend_ast *params_ast = decl->child[0];
7715 zend_ast *uses_ast = decl->child[1];
7716 zend_ast *stmt_ast = decl->child[2];
7717 zend_ast *return_type_ast = decl->child[3];
7718 bool is_method = decl->kind == ZEND_AST_METHOD;
7719 zend_string *lcname;
7720
7721 zend_class_entry *orig_class_entry = CG(active_class_entry);
7722 zend_op_array *orig_op_array = CG(active_op_array);
7723 zend_op_array *op_array = zend_arena_alloc(&CG(arena), sizeof(zend_op_array));
7724 zend_oparray_context orig_oparray_context;
7725 closure_info info;
7726 memset(&info, 0, sizeof(closure_info));
7727
7728 init_op_array(op_array, ZEND_USER_FUNCTION, INITIAL_OP_ARRAY_SIZE);
7729
7730 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
7731 op_array->fn_flags |= ZEND_ACC_PRELOADED;
7732 }
7733
7734 op_array->fn_flags |= (orig_op_array->fn_flags & ZEND_ACC_STRICT_TYPES);
7735 op_array->fn_flags |= decl->flags;
7736 op_array->line_start = decl->start_lineno;
7737 op_array->line_end = decl->end_lineno;
7738 if (decl->doc_comment) {
7739 op_array->doc_comment = zend_string_copy(decl->doc_comment);
7740 }
7741
7742 if (decl->kind == ZEND_AST_CLOSURE || decl->kind == ZEND_AST_ARROW_FUNC) {
7743 op_array->fn_flags |= ZEND_ACC_CLOSURE;
7744 }
7745
7746 if (is_method) {
7747 bool has_body = stmt_ast != NULL;
7748 lcname = zend_begin_method_decl(op_array, decl->name, has_body);
7749 } else {
7750 lcname = zend_begin_func_decl(result, op_array, decl, toplevel);
7751 if (decl->kind == ZEND_AST_ARROW_FUNC) {
7752 find_implicit_binds(&info, params_ast, stmt_ast);
7753 compile_implicit_lexical_binds(&info, result, op_array);
7754 } else if (uses_ast) {
7755 zend_compile_closure_binding(result, op_array, uses_ast);
7756 }
7757 }
7758
7759 CG(active_op_array) = op_array;
7760
7761 if (decl->child[4]) {
7762 int target = ZEND_ATTRIBUTE_TARGET_FUNCTION;
7763
7764 if (is_method) {
7765 target = ZEND_ATTRIBUTE_TARGET_METHOD;
7766 }
7767
7768 zend_compile_attributes(&op_array->attributes, decl->child[4], 0, target, 0);
7769
7770 zend_attribute *override_attribute = zend_get_attribute_str(
7771 op_array->attributes,
7772 "override",
7773 sizeof("override")-1
7774 );
7775
7776 if (override_attribute) {
7777 op_array->fn_flags |= ZEND_ACC_OVERRIDE;
7778 }
7779 }
7780
7781 /* Do not leak the class scope into free standing functions, even if they are dynamically
7782 * defined inside a class method. This is necessary for correct handling of magic constants.
7783 * For example __CLASS__ should always be "" inside a free standing function. */
7784 if (decl->kind == ZEND_AST_FUNC_DECL) {
7785 CG(active_class_entry) = NULL;
7786 }
7787
7788 if (toplevel) {
7789 op_array->fn_flags |= ZEND_ACC_TOP_LEVEL;
7790 }
7791
7792 zend_oparray_context_begin(&orig_oparray_context);
7793
7794 {
7795 /* Push a separator to the loop variable stack */
7796 zend_loop_var dummy_var;
7797 dummy_var.opcode = ZEND_RETURN;
7798
7799 zend_stack_push(&CG(loop_var_stack), (void *) &dummy_var);
7800 }
7801
7802 zend_compile_params(params_ast, return_type_ast,
7803 is_method && zend_string_equals_literal(lcname, ZEND_TOSTRING_FUNC_NAME) ? IS_STRING : 0);
7804 if (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) {
7805 zend_mark_function_as_generator();
7806 zend_emit_op(NULL, ZEND_GENERATOR_CREATE, NULL, NULL);
7807 }
7808 if (decl->kind == ZEND_AST_ARROW_FUNC) {
7809 zend_compile_implicit_closure_uses(&info);
7810 zend_hash_destroy(&info.uses);
7811 } else if (uses_ast) {
7812 zend_compile_closure_uses(uses_ast);
7813 }
7814
7815 if (ast->kind == ZEND_AST_ARROW_FUNC && decl->child[2]->kind != ZEND_AST_RETURN) {
7816 bool needs_return = true;
7817 if (op_array->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
7818 zend_arg_info *return_info = CG(active_op_array)->arg_info - 1;
7819 needs_return = !ZEND_TYPE_CONTAINS_CODE(return_info->type, IS_NEVER);
7820 }
7821 if (needs_return) {
7822 stmt_ast = zend_ast_create(ZEND_AST_RETURN, stmt_ast);
7823 decl->child[2] = stmt_ast;
7824 }
7825 }
7826
7827 zend_compile_stmt(stmt_ast);
7828
7829 if (is_method) {
7830 CG(zend_lineno) = decl->start_lineno;
7831 zend_check_magic_method_implementation(
7832 CG(active_class_entry), (zend_function *) op_array, lcname, E_COMPILE_ERROR);
7833 } else if (toplevel) {
7834 /* Only register the function after a successful compile */
7835 if (UNEXPECTED(zend_hash_add_ptr(CG(function_table), lcname, op_array) == NULL)) {
7836 do_bind_function_error(lcname, op_array, true);
7837 }
7838 }
7839
7840 /* put the implicit return on the really last line */
7841 CG(zend_lineno) = decl->end_lineno;
7842
7843 zend_do_extended_stmt();
7844 zend_emit_final_return(0);
7845
7846 pass_two(CG(active_op_array));
7847 zend_oparray_context_end(&orig_oparray_context);
7848
7849 /* Pop the loop variable stack separator */
7850 zend_stack_del_top(&CG(loop_var_stack));
7851
7852 if (toplevel) {
7853 zend_observer_function_declared_notify(op_array, lcname);
7854 }
7855
7856 zend_string_release_ex(lcname, 0);
7857
7858 CG(active_op_array) = orig_op_array;
7859 CG(active_class_entry) = orig_class_entry;
7860 }
7861 /* }}} */
7862
zend_compile_prop_decl(zend_ast * ast,zend_ast * type_ast,uint32_t flags,zend_ast * attr_ast)7863 static void zend_compile_prop_decl(zend_ast *ast, zend_ast *type_ast, uint32_t flags, zend_ast *attr_ast) /* {{{ */
7864 {
7865 zend_ast_list *list = zend_ast_get_list(ast);
7866 zend_class_entry *ce = CG(active_class_entry);
7867 uint32_t i, children = list->children;
7868
7869 if (ce->ce_flags & ZEND_ACC_INTERFACE) {
7870 zend_error_noreturn(E_COMPILE_ERROR, "Interfaces may not include properties");
7871 }
7872
7873 if (ce->ce_flags & ZEND_ACC_ENUM) {
7874 zend_error_noreturn(E_COMPILE_ERROR, "Enum %s cannot include properties", ZSTR_VAL(ce->name));
7875 }
7876
7877 for (i = 0; i < children; ++i) {
7878 zend_property_info *info;
7879 zend_ast *prop_ast = list->child[i];
7880 zend_ast *name_ast = prop_ast->child[0];
7881 zend_ast **value_ast_ptr = &prop_ast->child[1];
7882 zend_ast *doc_comment_ast = prop_ast->child[2];
7883 zend_string *name = zval_make_interned_string(zend_ast_get_zval(name_ast));
7884 zend_string *doc_comment = NULL;
7885 zval value_zv;
7886 zend_type type = ZEND_TYPE_INIT_NONE(0);
7887
7888 if (type_ast) {
7889 type = zend_compile_typename(type_ast);
7890
7891 if (ZEND_TYPE_FULL_MASK(type) & (MAY_BE_VOID|MAY_BE_NEVER|MAY_BE_CALLABLE)) {
7892 zend_string *str = zend_type_to_string(type);
7893 zend_error_noreturn(E_COMPILE_ERROR,
7894 "Property %s::$%s cannot have type %s",
7895 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(str));
7896 }
7897 }
7898
7899 /* Doc comment has been appended as last element in ZEND_AST_PROP_ELEM ast */
7900 if (doc_comment_ast) {
7901 doc_comment = zend_string_copy(zend_ast_get_str(doc_comment_ast));
7902 }
7903
7904 if (zend_hash_exists(&ce->properties_info, name)) {
7905 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::$%s",
7906 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7907 }
7908
7909 if (*value_ast_ptr) {
7910 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
7911
7912 if (ZEND_TYPE_IS_SET(type) && !Z_CONSTANT(value_zv)
7913 && !zend_is_valid_default_value(type, &value_zv)) {
7914 zend_string *str = zend_type_to_string(type);
7915 if (Z_TYPE(value_zv) == IS_NULL && !ZEND_TYPE_IS_INTERSECTION(type)) {
7916 ZEND_TYPE_FULL_MASK(type) |= MAY_BE_NULL;
7917 zend_string *nullable_str = zend_type_to_string(type);
7918
7919 zend_error_noreturn(E_COMPILE_ERROR,
7920 "Default value for property of type %s may not be null. "
7921 "Use the nullable type %s to allow null default value",
7922 ZSTR_VAL(str), ZSTR_VAL(nullable_str));
7923 } else {
7924 zend_error_noreturn(E_COMPILE_ERROR,
7925 "Cannot use %s as default value for property %s::$%s of type %s",
7926 zend_zval_value_name(&value_zv),
7927 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(str));
7928 }
7929 }
7930 } else if (!ZEND_TYPE_IS_SET(type)) {
7931 ZVAL_NULL(&value_zv);
7932 } else {
7933 ZVAL_UNDEF(&value_zv);
7934 }
7935
7936 if ((ce->ce_flags & ZEND_ACC_READONLY_CLASS)) {
7937 flags |= ZEND_ACC_READONLY;
7938 }
7939
7940 if (flags & ZEND_ACC_READONLY) {
7941 if (!ZEND_TYPE_IS_SET(type)) {
7942 zend_error_noreturn(E_COMPILE_ERROR, "Readonly property %s::$%s must have type",
7943 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7944 }
7945 if (!Z_ISUNDEF(value_zv)) {
7946 zend_error_noreturn(E_COMPILE_ERROR,
7947 "Readonly property %s::$%s cannot have default value",
7948 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7949 }
7950 if (flags & ZEND_ACC_STATIC) {
7951 zend_error_noreturn(E_COMPILE_ERROR,
7952 "Static property %s::$%s cannot be readonly",
7953 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7954 }
7955 }
7956
7957 info = zend_declare_typed_property(ce, name, &value_zv, flags, doc_comment, type);
7958
7959 if (attr_ast) {
7960 zend_compile_attributes(&info->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_PROPERTY, 0);
7961 }
7962 }
7963 }
7964 /* }}} */
7965
zend_compile_prop_group(zend_ast * ast)7966 static void zend_compile_prop_group(zend_ast *ast) /* {{{ */
7967 {
7968 zend_ast *type_ast = ast->child[0];
7969 zend_ast *prop_ast = ast->child[1];
7970 zend_ast *attr_ast = ast->child[2];
7971
7972 zend_compile_prop_decl(prop_ast, type_ast, ast->attr, attr_ast);
7973 }
7974 /* }}} */
7975
zend_check_trait_alias_modifiers(uint32_t attr)7976 static void zend_check_trait_alias_modifiers(uint32_t attr) /* {{{ */
7977 {
7978 if (attr & ZEND_ACC_STATIC) {
7979 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"static\" as method modifier in trait alias");
7980 } else if (attr & ZEND_ACC_ABSTRACT) {
7981 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"abstract\" as method modifier in trait alias");
7982 }
7983 }
7984 /* }}} */
7985
zend_compile_class_const_decl(zend_ast * ast,uint32_t flags,zend_ast * attr_ast,zend_ast * type_ast)7986 static void zend_compile_class_const_decl(zend_ast *ast, uint32_t flags, zend_ast *attr_ast, zend_ast *type_ast)
7987 {
7988 zend_ast_list *list = zend_ast_get_list(ast);
7989 zend_class_entry *ce = CG(active_class_entry);
7990 uint32_t i, children = list->children;
7991
7992 for (i = 0; i < children; ++i) {
7993 zend_class_constant *c;
7994 zend_ast *const_ast = list->child[i];
7995 zend_ast *name_ast = const_ast->child[0];
7996 zend_ast **value_ast_ptr = &const_ast->child[1];
7997 zend_ast *doc_comment_ast = const_ast->child[2];
7998 zend_string *name = zval_make_interned_string(zend_ast_get_zval(name_ast));
7999 zend_string *doc_comment = doc_comment_ast ? zend_string_copy(zend_ast_get_str(doc_comment_ast)) : NULL;
8000 zval value_zv;
8001 zend_type type = ZEND_TYPE_INIT_NONE(0);
8002
8003 if (type_ast) {
8004 type = zend_compile_typename(type_ast);
8005
8006 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
8007
8008 if (type_mask != MAY_BE_ANY && (type_mask & (MAY_BE_CALLABLE|MAY_BE_VOID|MAY_BE_NEVER))) {
8009 zend_string *type_str = zend_type_to_string(type);
8010
8011 zend_error_noreturn(E_COMPILE_ERROR, "Class constant %s::%s cannot have type %s",
8012 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(type_str));
8013 }
8014 }
8015
8016 if (UNEXPECTED((flags & ZEND_ACC_PRIVATE) && (flags & ZEND_ACC_FINAL))) {
8017 zend_error_noreturn(
8018 E_COMPILE_ERROR, "Private constant %s::%s cannot be final as it is not visible to other classes",
8019 ZSTR_VAL(ce->name), ZSTR_VAL(name)
8020 );
8021 }
8022
8023 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
8024
8025 if (!Z_CONSTANT(value_zv) && ZEND_TYPE_IS_SET(type) && !zend_is_valid_default_value(type, &value_zv)) {
8026 zend_string *type_str = zend_type_to_string(type);
8027
8028 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use %s as value for class constant %s::%s of type %s",
8029 zend_zval_type_name(&value_zv), ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(type_str));
8030 }
8031
8032 c = zend_declare_typed_class_constant(ce, name, &value_zv, flags, doc_comment, type);
8033
8034 if (attr_ast) {
8035 zend_compile_attributes(&c->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_CLASS_CONST, 0);
8036 }
8037 }
8038 }
8039
zend_compile_class_const_group(zend_ast * ast)8040 static void zend_compile_class_const_group(zend_ast *ast) /* {{{ */
8041 {
8042 zend_ast *const_ast = ast->child[0];
8043 zend_ast *attr_ast = ast->child[1];
8044 zend_ast *type_ast = ast->child[2];
8045
8046 zend_compile_class_const_decl(const_ast, ast->attr, attr_ast, type_ast);
8047 }
8048 /* }}} */
8049
zend_compile_method_ref(zend_ast * ast,zend_trait_method_reference * method_ref)8050 static void zend_compile_method_ref(zend_ast *ast, zend_trait_method_reference *method_ref) /* {{{ */
8051 {
8052 zend_ast *class_ast = ast->child[0];
8053 zend_ast *method_ast = ast->child[1];
8054
8055 method_ref->method_name = zend_string_copy(zend_ast_get_str(method_ast));
8056
8057 if (class_ast) {
8058 method_ref->class_name = zend_resolve_const_class_name_reference(class_ast, "trait name");
8059 } else {
8060 method_ref->class_name = NULL;
8061 }
8062 }
8063 /* }}} */
8064
zend_compile_trait_precedence(zend_ast * ast)8065 static void zend_compile_trait_precedence(zend_ast *ast) /* {{{ */
8066 {
8067 zend_ast *method_ref_ast = ast->child[0];
8068 zend_ast *insteadof_ast = ast->child[1];
8069 zend_ast_list *insteadof_list = zend_ast_get_list(insteadof_ast);
8070 uint32_t i;
8071
8072 zend_trait_precedence *precedence = emalloc(sizeof(zend_trait_precedence) + (insteadof_list->children - 1) * sizeof(zend_string*));
8073 zend_compile_method_ref(method_ref_ast, &precedence->trait_method);
8074 precedence->num_excludes = insteadof_list->children;
8075
8076 for (i = 0; i < insteadof_list->children; ++i) {
8077 zend_ast *name_ast = insteadof_list->child[i];
8078 precedence->exclude_class_names[i] =
8079 zend_resolve_const_class_name_reference(name_ast, "trait name");
8080 }
8081
8082 zend_add_to_list(&CG(active_class_entry)->trait_precedences, precedence);
8083 }
8084 /* }}} */
8085
zend_compile_trait_alias(zend_ast * ast)8086 static void zend_compile_trait_alias(zend_ast *ast) /* {{{ */
8087 {
8088 zend_ast *method_ref_ast = ast->child[0];
8089 zend_ast *alias_ast = ast->child[1];
8090 uint32_t modifiers = ast->attr;
8091
8092 zend_trait_alias *alias;
8093
8094 zend_check_trait_alias_modifiers(modifiers);
8095
8096 alias = emalloc(sizeof(zend_trait_alias));
8097 zend_compile_method_ref(method_ref_ast, &alias->trait_method);
8098 alias->modifiers = modifiers;
8099
8100 if (alias_ast) {
8101 alias->alias = zend_string_copy(zend_ast_get_str(alias_ast));
8102 } else {
8103 alias->alias = NULL;
8104 }
8105
8106 zend_add_to_list(&CG(active_class_entry)->trait_aliases, alias);
8107 }
8108 /* }}} */
8109
zend_compile_use_trait(zend_ast * ast)8110 static void zend_compile_use_trait(zend_ast *ast) /* {{{ */
8111 {
8112 zend_ast_list *traits = zend_ast_get_list(ast->child[0]);
8113 zend_ast_list *adaptations = ast->child[1] ? zend_ast_get_list(ast->child[1]) : NULL;
8114 zend_class_entry *ce = CG(active_class_entry);
8115 uint32_t i;
8116
8117 ce->trait_names = erealloc(ce->trait_names, sizeof(zend_class_name) * (ce->num_traits + traits->children));
8118
8119 for (i = 0; i < traits->children; ++i) {
8120 zend_ast *trait_ast = traits->child[i];
8121
8122 if (ce->ce_flags & ZEND_ACC_INTERFACE) {
8123 zend_string *name = zend_ast_get_str(trait_ast);
8124 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use traits inside of interfaces. "
8125 "%s is used in %s", ZSTR_VAL(name), ZSTR_VAL(ce->name));
8126 }
8127
8128 ce->trait_names[ce->num_traits].name =
8129 zend_resolve_const_class_name_reference(trait_ast, "trait name");
8130 ce->trait_names[ce->num_traits].lc_name = zend_string_tolower(ce->trait_names[ce->num_traits].name);
8131 ce->num_traits++;
8132 }
8133
8134 if (!adaptations) {
8135 return;
8136 }
8137
8138 for (i = 0; i < adaptations->children; ++i) {
8139 zend_ast *adaptation_ast = adaptations->child[i];
8140 switch (adaptation_ast->kind) {
8141 case ZEND_AST_TRAIT_PRECEDENCE:
8142 zend_compile_trait_precedence(adaptation_ast);
8143 break;
8144 case ZEND_AST_TRAIT_ALIAS:
8145 zend_compile_trait_alias(adaptation_ast);
8146 break;
8147 EMPTY_SWITCH_DEFAULT_CASE()
8148 }
8149 }
8150 }
8151 /* }}} */
8152
zend_compile_implements(zend_ast * ast)8153 static void zend_compile_implements(zend_ast *ast) /* {{{ */
8154 {
8155 zend_ast_list *list = zend_ast_get_list(ast);
8156 zend_class_entry *ce = CG(active_class_entry);
8157 zend_class_name *interface_names;
8158 uint32_t i;
8159
8160 interface_names = emalloc(sizeof(zend_class_name) * list->children);
8161
8162 for (i = 0; i < list->children; ++i) {
8163 zend_ast *class_ast = list->child[i];
8164 interface_names[i].name =
8165 zend_resolve_const_class_name_reference(class_ast, "interface name");
8166 interface_names[i].lc_name = zend_string_tolower(interface_names[i].name);
8167 }
8168
8169 ce->num_interfaces = list->children;
8170 ce->interface_names = interface_names;
8171 }
8172 /* }}} */
8173
zend_generate_anon_class_name(zend_ast_decl * decl)8174 static zend_string *zend_generate_anon_class_name(zend_ast_decl *decl)
8175 {
8176 zend_string *filename = CG(active_op_array)->filename;
8177 uint32_t start_lineno = decl->start_lineno;
8178
8179 /* Use parent or first interface as prefix. */
8180 zend_string *prefix = ZSTR_KNOWN(ZEND_STR_CLASS);
8181 if (decl->child[0]) {
8182 prefix = zend_resolve_const_class_name_reference(decl->child[0], "class name");
8183 } else if (decl->child[1]) {
8184 zend_ast_list *list = zend_ast_get_list(decl->child[1]);
8185 prefix = zend_resolve_const_class_name_reference(list->child[0], "interface name");
8186 }
8187
8188 zend_string *result = zend_strpprintf(0, "%s@anonymous%c%s:%" PRIu32 "$%" PRIx32,
8189 ZSTR_VAL(prefix), '\0', ZSTR_VAL(filename), start_lineno, CG(rtd_key_counter)++);
8190 zend_string_release(prefix);
8191 return zend_new_interned_string(result);
8192 }
8193
zend_compile_enum_backing_type(zend_class_entry * ce,zend_ast * enum_backing_type_ast)8194 static void zend_compile_enum_backing_type(zend_class_entry *ce, zend_ast *enum_backing_type_ast)
8195 {
8196 ZEND_ASSERT(ce->ce_flags & ZEND_ACC_ENUM);
8197 zend_type type = zend_compile_typename(enum_backing_type_ast);
8198 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
8199 if (ZEND_TYPE_IS_COMPLEX(type) || (type_mask != MAY_BE_LONG && type_mask != MAY_BE_STRING)) {
8200 zend_string *type_string = zend_type_to_string(type);
8201 zend_error_noreturn(E_COMPILE_ERROR,
8202 "Enum backing type must be int or string, %s given",
8203 ZSTR_VAL(type_string));
8204 }
8205 if (type_mask == MAY_BE_LONG) {
8206 ce->enum_backing_type = IS_LONG;
8207 } else {
8208 ZEND_ASSERT(type_mask == MAY_BE_STRING);
8209 ce->enum_backing_type = IS_STRING;
8210 }
8211 zend_type_release(type, 0);
8212 }
8213
zend_compile_class_decl(znode * result,zend_ast * ast,bool toplevel)8214 static void zend_compile_class_decl(znode *result, zend_ast *ast, bool toplevel) /* {{{ */
8215 {
8216 zend_ast_decl *decl = (zend_ast_decl *) ast;
8217 zend_ast *extends_ast = decl->child[0];
8218 zend_ast *implements_ast = decl->child[1];
8219 zend_ast *stmt_ast = decl->child[2];
8220 zend_ast *enum_backing_type_ast = decl->child[4];
8221 zend_string *name, *lcname;
8222 zend_class_entry *ce = zend_arena_alloc(&CG(arena), sizeof(zend_class_entry));
8223 zend_op *opline;
8224
8225 zend_class_entry *original_ce = CG(active_class_entry);
8226
8227 if (EXPECTED((decl->flags & ZEND_ACC_ANON_CLASS) == 0)) {
8228 zend_string *unqualified_name = decl->name;
8229
8230 if (CG(active_class_entry)) {
8231 zend_error_noreturn(E_COMPILE_ERROR, "Class declarations may not be nested");
8232 }
8233
8234 zend_assert_valid_class_name(unqualified_name);
8235 name = zend_prefix_with_ns(unqualified_name);
8236 name = zend_new_interned_string(name);
8237 lcname = zend_string_tolower(name);
8238
8239 if (FC(imports)) {
8240 zend_string *import_name =
8241 zend_hash_find_ptr_lc(FC(imports), unqualified_name);
8242 if (import_name && !zend_string_equals_ci(lcname, import_name)) {
8243 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare class %s "
8244 "because the name is already in use", ZSTR_VAL(name));
8245 }
8246 }
8247
8248 zend_register_seen_symbol(lcname, ZEND_SYMBOL_CLASS);
8249 } else {
8250 /* Find an anon class name that is not in use yet. */
8251 name = NULL;
8252 lcname = NULL;
8253 do {
8254 zend_tmp_string_release(name);
8255 zend_tmp_string_release(lcname);
8256 name = zend_generate_anon_class_name(decl);
8257 lcname = zend_string_tolower(name);
8258 } while (zend_hash_exists(CG(class_table), lcname));
8259 }
8260 lcname = zend_new_interned_string(lcname);
8261
8262 ce->type = ZEND_USER_CLASS;
8263 ce->name = name;
8264 zend_initialize_class_data(ce, 1);
8265 if (!(decl->flags & ZEND_ACC_ANON_CLASS)) {
8266 zend_alloc_ce_cache(ce->name);
8267 }
8268
8269 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
8270 ce->ce_flags |= ZEND_ACC_PRELOADED;
8271 ZEND_MAP_PTR_NEW(ce->static_members_table);
8272 ZEND_MAP_PTR_NEW(ce->mutable_data);
8273 }
8274
8275 ce->ce_flags |= decl->flags;
8276 ce->info.user.filename = zend_string_copy(zend_get_compiled_filename());
8277 ce->info.user.line_start = decl->start_lineno;
8278 ce->info.user.line_end = decl->end_lineno;
8279
8280 if (decl->doc_comment) {
8281 ce->info.user.doc_comment = zend_string_copy(decl->doc_comment);
8282 }
8283
8284 if (UNEXPECTED((decl->flags & ZEND_ACC_ANON_CLASS))) {
8285 /* Serialization is not supported for anonymous classes */
8286 ce->ce_flags |= ZEND_ACC_NOT_SERIALIZABLE;
8287 }
8288
8289 if (extends_ast) {
8290 ce->parent_name =
8291 zend_resolve_const_class_name_reference(extends_ast, "class name");
8292 }
8293
8294 CG(active_class_entry) = ce;
8295
8296 if (decl->child[3]) {
8297 zend_compile_attributes(&ce->attributes, decl->child[3], 0, ZEND_ATTRIBUTE_TARGET_CLASS, 0);
8298 }
8299
8300 if (implements_ast) {
8301 zend_compile_implements(implements_ast);
8302 }
8303
8304 if (ce->ce_flags & ZEND_ACC_ENUM) {
8305 if (enum_backing_type_ast != NULL) {
8306 zend_compile_enum_backing_type(ce, enum_backing_type_ast);
8307 }
8308 zend_enum_add_interfaces(ce);
8309 zend_enum_register_props(ce);
8310 }
8311
8312 zend_compile_stmt(stmt_ast);
8313
8314 /* Reset lineno for final opcodes and errors */
8315 CG(zend_lineno) = ast->lineno;
8316
8317 if ((ce->ce_flags & (ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_INTERFACE|ZEND_ACC_TRAIT|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) == ZEND_ACC_IMPLICIT_ABSTRACT_CLASS) {
8318 zend_verify_abstract_class(ce);
8319 }
8320
8321 CG(active_class_entry) = original_ce;
8322
8323 if (toplevel) {
8324 ce->ce_flags |= ZEND_ACC_TOP_LEVEL;
8325 }
8326
8327 /* We currently don't early-bind classes that implement interfaces or use traits */
8328 if (!ce->num_interfaces && !ce->num_traits
8329 && !(CG(compiler_options) & ZEND_COMPILE_WITHOUT_EXECUTION)) {
8330 if (toplevel) {
8331 if (extends_ast) {
8332 zend_class_entry *parent_ce = zend_lookup_class_ex(
8333 ce->parent_name, NULL, ZEND_FETCH_CLASS_NO_AUTOLOAD);
8334
8335 if (parent_ce
8336 && ((parent_ce->type != ZEND_INTERNAL_CLASS) || !(CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_CLASSES))
8337 && ((parent_ce->type != ZEND_USER_CLASS) || !(CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES) || (parent_ce->info.user.filename == ce->info.user.filename))) {
8338
8339 if (zend_try_early_bind(ce, parent_ce, lcname, NULL)) {
8340 zend_string_release(lcname);
8341 return;
8342 }
8343 }
8344 } else if (EXPECTED(zend_hash_add_ptr(CG(class_table), lcname, ce) != NULL)) {
8345 zend_string_release(lcname);
8346 zend_build_properties_info_table(ce);
8347 zend_inheritance_check_override(ce);
8348 ce->ce_flags |= ZEND_ACC_LINKED;
8349 zend_observer_class_linked_notify(ce, lcname);
8350 return;
8351 } else {
8352 goto link_unbound;
8353 }
8354 } else if (!extends_ast) {
8355 link_unbound:
8356 /* Link unbound simple class */
8357 zend_build_properties_info_table(ce);
8358 zend_inheritance_check_override(ce);
8359 ce->ce_flags |= ZEND_ACC_LINKED;
8360 }
8361 }
8362
8363 opline = get_next_op();
8364
8365 if (ce->parent_name) {
8366 /* Lowercased parent name */
8367 zend_string *lc_parent_name = zend_string_tolower(ce->parent_name);
8368 opline->op2_type = IS_CONST;
8369 LITERAL_STR(opline->op2, lc_parent_name);
8370 }
8371
8372 opline->op1_type = IS_CONST;
8373 LITERAL_STR(opline->op1, lcname);
8374
8375 if (decl->flags & ZEND_ACC_ANON_CLASS) {
8376 opline->opcode = ZEND_DECLARE_ANON_CLASS;
8377 opline->extended_value = zend_alloc_cache_slot();
8378 zend_make_var_result(result, opline);
8379 if (!zend_hash_add_ptr(CG(class_table), lcname, ce)) {
8380 /* We checked above that the class name is not used. This really shouldn't happen. */
8381 zend_error_noreturn(E_ERROR,
8382 "Runtime definition key collision for %s. This is a bug", ZSTR_VAL(name));
8383 }
8384 } else {
8385 /* Generate RTD keys until we find one that isn't in use yet. */
8386 zend_string *key = NULL;
8387 do {
8388 zend_tmp_string_release(key);
8389 key = zend_build_runtime_definition_key(lcname, decl->start_lineno);
8390 } while (!zend_hash_add_ptr(CG(class_table), key, ce));
8391
8392 /* RTD key is placed after lcname literal in op1 */
8393 zend_add_literal_string(&key);
8394
8395 opline->opcode = ZEND_DECLARE_CLASS;
8396 if (toplevel
8397 && (CG(compiler_options) & ZEND_COMPILE_DELAYED_BINDING)
8398 /* We currently don't early-bind classes that implement interfaces or use traits */
8399 && !ce->num_interfaces && !ce->num_traits
8400 ) {
8401 if (!extends_ast) {
8402 /* Use empty string for classes without parents to avoid new handler, and special
8403 * handling of zend_early_binding. */
8404 opline->op2_type = IS_CONST;
8405 LITERAL_STR(opline->op2, ZSTR_EMPTY_ALLOC());
8406 }
8407 CG(active_op_array)->fn_flags |= ZEND_ACC_EARLY_BINDING;
8408 opline->opcode = ZEND_DECLARE_CLASS_DELAYED;
8409 opline->extended_value = zend_alloc_cache_slot();
8410 opline->result_type = IS_UNUSED;
8411 opline->result.opline_num = -1;
8412 }
8413 }
8414 }
8415 /* }}} */
8416
zend_compile_enum_case(zend_ast * ast)8417 static void zend_compile_enum_case(zend_ast *ast)
8418 {
8419 zend_class_entry *enum_class = CG(active_class_entry);
8420 if (!(enum_class->ce_flags & ZEND_ACC_ENUM)) {
8421 zend_error_noreturn(E_COMPILE_ERROR, "Case can only be used in enums");
8422 }
8423
8424 zend_string *enum_case_name = zval_make_interned_string(zend_ast_get_zval(ast->child[0]));
8425 zend_string *enum_class_name = enum_class->name;
8426
8427 zval class_name_zval;
8428 ZVAL_STR_COPY(&class_name_zval, enum_class_name);
8429 zend_ast *class_name_ast = zend_ast_create_zval(&class_name_zval);
8430
8431 zval case_name_zval;
8432 ZVAL_STR_COPY(&case_name_zval, enum_case_name);
8433 zend_ast *case_name_ast = zend_ast_create_zval(&case_name_zval);
8434
8435 zend_ast *case_value_ast = ast->child[1];
8436 // Remove case_value_ast from the original AST to avoid freeing it, as it will be freed by zend_const_expr_to_zval
8437 ast->child[1] = NULL;
8438 if (enum_class->enum_backing_type != IS_UNDEF && case_value_ast == NULL) {
8439 zend_error_noreturn(E_COMPILE_ERROR, "Case %s of backed enum %s must have a value",
8440 ZSTR_VAL(enum_case_name),
8441 ZSTR_VAL(enum_class_name));
8442 } else if (enum_class->enum_backing_type == IS_UNDEF && case_value_ast != NULL) {
8443 zend_error_noreturn(E_COMPILE_ERROR, "Case %s of non-backed enum %s must not have a value",
8444 ZSTR_VAL(enum_case_name),
8445 ZSTR_VAL(enum_class_name));
8446 }
8447
8448 zend_ast *const_enum_init_ast = zend_ast_create(ZEND_AST_CONST_ENUM_INIT, class_name_ast, case_name_ast, case_value_ast);
8449
8450 zval value_zv;
8451 zend_const_expr_to_zval(&value_zv, &const_enum_init_ast, /* allow_dynamic */ false);
8452
8453 /* Doc comment has been appended as second last element in ZEND_AST_ENUM ast - attributes are conventionally last */
8454 zend_ast *doc_comment_ast = ast->child[2];
8455 zend_string *doc_comment = NULL;
8456 if (doc_comment_ast) {
8457 doc_comment = zend_string_copy(zend_ast_get_str(doc_comment_ast));
8458 }
8459
8460 zend_class_constant *c = zend_declare_class_constant_ex(enum_class, enum_case_name, &value_zv, ZEND_ACC_PUBLIC, doc_comment);
8461 ZEND_CLASS_CONST_FLAGS(c) |= ZEND_CLASS_CONST_IS_CASE;
8462 zend_ast_destroy(const_enum_init_ast);
8463
8464 zend_ast *attr_ast = ast->child[3];
8465 if (attr_ast) {
8466 zend_compile_attributes(&c->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_CLASS_CONST, 0);
8467 }
8468 }
8469
zend_get_import_ht(uint32_t type)8470 static HashTable *zend_get_import_ht(uint32_t type) /* {{{ */
8471 {
8472 switch (type) {
8473 case ZEND_SYMBOL_CLASS:
8474 if (!FC(imports)) {
8475 FC(imports) = emalloc(sizeof(HashTable));
8476 zend_hash_init(FC(imports), 8, NULL, str_dtor, 0);
8477 }
8478 return FC(imports);
8479 case ZEND_SYMBOL_FUNCTION:
8480 if (!FC(imports_function)) {
8481 FC(imports_function) = emalloc(sizeof(HashTable));
8482 zend_hash_init(FC(imports_function), 8, NULL, str_dtor, 0);
8483 }
8484 return FC(imports_function);
8485 case ZEND_SYMBOL_CONST:
8486 if (!FC(imports_const)) {
8487 FC(imports_const) = emalloc(sizeof(HashTable));
8488 zend_hash_init(FC(imports_const), 8, NULL, str_dtor, 0);
8489 }
8490 return FC(imports_const);
8491 EMPTY_SWITCH_DEFAULT_CASE()
8492 }
8493
8494 return NULL;
8495 }
8496 /* }}} */
8497
zend_get_use_type_str(uint32_t type)8498 static char *zend_get_use_type_str(uint32_t type) /* {{{ */
8499 {
8500 switch (type) {
8501 case ZEND_SYMBOL_CLASS:
8502 return "";
8503 case ZEND_SYMBOL_FUNCTION:
8504 return " function";
8505 case ZEND_SYMBOL_CONST:
8506 return " const";
8507 EMPTY_SWITCH_DEFAULT_CASE()
8508 }
8509
8510 return " unknown";
8511 }
8512 /* }}} */
8513
zend_check_already_in_use(uint32_t type,zend_string * old_name,zend_string * new_name,zend_string * check_name)8514 static void zend_check_already_in_use(uint32_t type, zend_string *old_name, zend_string *new_name, zend_string *check_name) /* {{{ */
8515 {
8516 if (zend_string_equals_ci(old_name, check_name)) {
8517 return;
8518 }
8519
8520 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use%s %s as %s because the name "
8521 "is already in use", zend_get_use_type_str(type), ZSTR_VAL(old_name), ZSTR_VAL(new_name));
8522 }
8523 /* }}} */
8524
zend_compile_use(zend_ast * ast)8525 static void zend_compile_use(zend_ast *ast) /* {{{ */
8526 {
8527 zend_ast_list *list = zend_ast_get_list(ast);
8528 uint32_t i;
8529 zend_string *current_ns = FC(current_namespace);
8530 uint32_t type = ast->attr;
8531 HashTable *current_import = zend_get_import_ht(type);
8532 bool case_sensitive = type == ZEND_SYMBOL_CONST;
8533
8534 for (i = 0; i < list->children; ++i) {
8535 zend_ast *use_ast = list->child[i];
8536 zend_ast *old_name_ast = use_ast->child[0];
8537 zend_ast *new_name_ast = use_ast->child[1];
8538 zend_string *old_name = zend_ast_get_str(old_name_ast);
8539 zend_string *new_name, *lookup_name;
8540
8541 if (new_name_ast) {
8542 new_name = zend_string_copy(zend_ast_get_str(new_name_ast));
8543 } else {
8544 const char *unqualified_name;
8545 size_t unqualified_name_len;
8546 if (zend_get_unqualified_name(old_name, &unqualified_name, &unqualified_name_len)) {
8547 /* The form "use A\B" is equivalent to "use A\B as B" */
8548 new_name = zend_string_init(unqualified_name, unqualified_name_len, 0);
8549 } else {
8550 new_name = zend_string_copy(old_name);
8551
8552 if (!current_ns) {
8553 zend_error(E_WARNING, "The use statement with non-compound name '%s' "
8554 "has no effect", ZSTR_VAL(new_name));
8555 }
8556 }
8557 }
8558
8559 if (case_sensitive) {
8560 lookup_name = zend_string_copy(new_name);
8561 } else {
8562 lookup_name = zend_string_tolower(new_name);
8563 }
8564
8565 if (type == ZEND_SYMBOL_CLASS && zend_is_reserved_class_name(new_name)) {
8566 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use %s as %s because '%s' "
8567 "is a special class name", ZSTR_VAL(old_name), ZSTR_VAL(new_name), ZSTR_VAL(new_name));
8568 }
8569
8570 if (current_ns) {
8571 zend_string *ns_name = zend_string_alloc(ZSTR_LEN(current_ns) + 1 + ZSTR_LEN(new_name), 0);
8572 zend_str_tolower_copy(ZSTR_VAL(ns_name), ZSTR_VAL(current_ns), ZSTR_LEN(current_ns));
8573 ZSTR_VAL(ns_name)[ZSTR_LEN(current_ns)] = '\\';
8574 memcpy(ZSTR_VAL(ns_name) + ZSTR_LEN(current_ns) + 1, ZSTR_VAL(lookup_name), ZSTR_LEN(lookup_name) + 1);
8575
8576 if (zend_have_seen_symbol(ns_name, type)) {
8577 zend_check_already_in_use(type, old_name, new_name, ns_name);
8578 }
8579
8580 zend_string_efree(ns_name);
8581 } else if (zend_have_seen_symbol(lookup_name, type)) {
8582 zend_check_already_in_use(type, old_name, new_name, lookup_name);
8583 }
8584
8585 zend_string_addref(old_name);
8586 old_name = zend_new_interned_string(old_name);
8587 if (!zend_hash_add_ptr(current_import, lookup_name, old_name)) {
8588 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use%s %s as %s because the name "
8589 "is already in use", zend_get_use_type_str(type), ZSTR_VAL(old_name), ZSTR_VAL(new_name));
8590 }
8591
8592 zend_string_release_ex(lookup_name, 0);
8593 zend_string_release_ex(new_name, 0);
8594 }
8595 }
8596 /* }}} */
8597
zend_compile_group_use(zend_ast * ast)8598 static void zend_compile_group_use(zend_ast *ast) /* {{{ */
8599 {
8600 uint32_t i;
8601 zend_string *ns = zend_ast_get_str(ast->child[0]);
8602 zend_ast_list *list = zend_ast_get_list(ast->child[1]);
8603
8604 for (i = 0; i < list->children; i++) {
8605 zend_ast *inline_use, *use = list->child[i];
8606 zval *name_zval = zend_ast_get_zval(use->child[0]);
8607 zend_string *name = Z_STR_P(name_zval);
8608 zend_string *compound_ns = zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
8609 zend_string_release_ex(name, 0);
8610 ZVAL_STR(name_zval, compound_ns);
8611 inline_use = zend_ast_create_list(1, ZEND_AST_USE, use);
8612 inline_use->attr = ast->attr ? ast->attr : use->attr;
8613 zend_compile_use(inline_use);
8614 }
8615 }
8616 /* }}} */
8617
zend_compile_const_decl(zend_ast * ast)8618 static void zend_compile_const_decl(zend_ast *ast) /* {{{ */
8619 {
8620 zend_ast_list *list = zend_ast_get_list(ast);
8621 uint32_t i;
8622 for (i = 0; i < list->children; ++i) {
8623 zend_ast *const_ast = list->child[i];
8624 zend_ast *name_ast = const_ast->child[0];
8625 zend_ast **value_ast_ptr = &const_ast->child[1];
8626 zend_string *unqualified_name = zend_ast_get_str(name_ast);
8627
8628 zend_string *name;
8629 znode name_node, value_node;
8630 zval *value_zv = &value_node.u.constant;
8631
8632 value_node.op_type = IS_CONST;
8633 zend_const_expr_to_zval(value_zv, value_ast_ptr, /* allow_dynamic */ true);
8634
8635 if (zend_get_special_const(ZSTR_VAL(unqualified_name), ZSTR_LEN(unqualified_name))) {
8636 zend_error_noreturn(E_COMPILE_ERROR,
8637 "Cannot redeclare constant '%s'", ZSTR_VAL(unqualified_name));
8638 }
8639
8640 name = zend_prefix_with_ns(unqualified_name);
8641 name = zend_new_interned_string(name);
8642
8643 if (FC(imports_const)) {
8644 zend_string *import_name = zend_hash_find_ptr(FC(imports_const), unqualified_name);
8645 if (import_name && !zend_string_equals(import_name, name)) {
8646 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare const %s because "
8647 "the name is already in use", ZSTR_VAL(name));
8648 }
8649 }
8650
8651 name_node.op_type = IS_CONST;
8652 ZVAL_STR(&name_node.u.constant, name);
8653
8654 zend_emit_op(NULL, ZEND_DECLARE_CONST, &name_node, &value_node);
8655
8656 zend_register_seen_symbol(name, ZEND_SYMBOL_CONST);
8657 }
8658 }
8659 /* }}}*/
8660
zend_compile_namespace(zend_ast * ast)8661 static void zend_compile_namespace(zend_ast *ast) /* {{{ */
8662 {
8663 zend_ast *name_ast = ast->child[0];
8664 zend_ast *stmt_ast = ast->child[1];
8665 zend_string *name;
8666 bool with_bracket = stmt_ast != NULL;
8667
8668 /* handle mixed syntax declaration or nested namespaces */
8669 if (!FC(has_bracketed_namespaces)) {
8670 if (FC(current_namespace)) {
8671 /* previous namespace declarations were unbracketed */
8672 if (with_bracket) {
8673 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix bracketed namespace declarations "
8674 "with unbracketed namespace declarations");
8675 }
8676 }
8677 } else {
8678 /* previous namespace declarations were bracketed */
8679 if (!with_bracket) {
8680 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix bracketed namespace declarations "
8681 "with unbracketed namespace declarations");
8682 } else if (FC(current_namespace) || FC(in_namespace)) {
8683 zend_error_noreturn(E_COMPILE_ERROR, "Namespace declarations cannot be nested");
8684 }
8685 }
8686
8687 bool is_first_namespace = (!with_bracket && !FC(current_namespace))
8688 || (with_bracket && !FC(has_bracketed_namespaces));
8689 if (is_first_namespace && FAILURE == zend_is_first_statement(ast, /* allow_nop */ 1)) {
8690 zend_error_noreturn(E_COMPILE_ERROR, "Namespace declaration statement has to be "
8691 "the very first statement or after any declare call in the script");
8692 }
8693
8694 if (FC(current_namespace)) {
8695 zend_string_release_ex(FC(current_namespace), 0);
8696 }
8697
8698 if (name_ast) {
8699 name = zend_ast_get_str(name_ast);
8700
8701 if (zend_string_equals_literal_ci(name, "namespace")) {
8702 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use '%s' as namespace name", ZSTR_VAL(name));
8703 }
8704
8705 FC(current_namespace) = zend_string_copy(name);
8706 } else {
8707 FC(current_namespace) = NULL;
8708 }
8709
8710 zend_reset_import_tables();
8711
8712 FC(in_namespace) = 1;
8713 if (with_bracket) {
8714 FC(has_bracketed_namespaces) = 1;
8715 }
8716
8717 if (stmt_ast) {
8718 zend_compile_top_stmt(stmt_ast);
8719 zend_end_namespace();
8720 }
8721 }
8722 /* }}} */
8723
zend_compile_halt_compiler(zend_ast * ast)8724 static void zend_compile_halt_compiler(zend_ast *ast) /* {{{ */
8725 {
8726 zend_ast *offset_ast = ast->child[0];
8727 zend_long offset = Z_LVAL_P(zend_ast_get_zval(offset_ast));
8728
8729 zend_string *filename, *name;
8730 const char const_name[] = "__COMPILER_HALT_OFFSET__";
8731
8732 if (FC(has_bracketed_namespaces) && FC(in_namespace)) {
8733 zend_error_noreturn(E_COMPILE_ERROR,
8734 "__HALT_COMPILER() can only be used from the outermost scope");
8735 }
8736
8737 filename = zend_get_compiled_filename();
8738 name = zend_mangle_property_name(const_name, sizeof(const_name) - 1,
8739 ZSTR_VAL(filename), ZSTR_LEN(filename), 0);
8740
8741 zend_register_long_constant(ZSTR_VAL(name), ZSTR_LEN(name), offset, 0, 0);
8742 zend_string_release_ex(name, 0);
8743 }
8744 /* }}} */
8745
zend_try_ct_eval_magic_const(zval * zv,zend_ast * ast)8746 static bool zend_try_ct_eval_magic_const(zval *zv, zend_ast *ast) /* {{{ */
8747 {
8748 zend_op_array *op_array = CG(active_op_array);
8749 zend_class_entry *ce = CG(active_class_entry);
8750
8751 switch (ast->attr) {
8752 case T_LINE:
8753 ZVAL_LONG(zv, ast->lineno);
8754 break;
8755 case T_FILE:
8756 ZVAL_STR_COPY(zv, CG(compiled_filename));
8757 break;
8758 case T_DIR:
8759 {
8760 zend_string *filename = CG(compiled_filename);
8761 zend_string *dirname = zend_string_init(ZSTR_VAL(filename), ZSTR_LEN(filename), 0);
8762 #ifdef ZEND_WIN32
8763 ZSTR_LEN(dirname) = php_win32_ioutil_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
8764 #else
8765 ZSTR_LEN(dirname) = zend_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
8766 #endif
8767
8768 if (zend_string_equals_literal(dirname, ".")) {
8769 dirname = zend_string_extend(dirname, MAXPATHLEN, 0);
8770 #if HAVE_GETCWD
8771 ZEND_IGNORE_VALUE(VCWD_GETCWD(ZSTR_VAL(dirname), MAXPATHLEN));
8772 #elif HAVE_GETWD
8773 ZEND_IGNORE_VALUE(VCWD_GETWD(ZSTR_VAL(dirname)));
8774 #endif
8775 ZSTR_LEN(dirname) = strlen(ZSTR_VAL(dirname));
8776 }
8777
8778 ZVAL_STR(zv, dirname);
8779 break;
8780 }
8781 case T_FUNC_C:
8782 if (op_array && op_array->function_name) {
8783 ZVAL_STR_COPY(zv, op_array->function_name);
8784 } else {
8785 ZVAL_EMPTY_STRING(zv);
8786 }
8787 break;
8788 case T_METHOD_C:
8789 /* Detect whether we are directly inside a class (e.g. a class constant) and treat
8790 * this as not being inside a function. */
8791 if (op_array && ce && !op_array->scope && !(op_array->fn_flags & ZEND_ACC_CLOSURE)) {
8792 op_array = NULL;
8793 }
8794 if (op_array && op_array->function_name) {
8795 if (op_array->scope) {
8796 ZVAL_NEW_STR(zv,
8797 zend_create_member_string(op_array->scope->name, op_array->function_name));
8798 } else {
8799 ZVAL_STR_COPY(zv, op_array->function_name);
8800 }
8801 } else {
8802 ZVAL_EMPTY_STRING(zv);
8803 }
8804 break;
8805 case T_CLASS_C:
8806 if (ce) {
8807 if ((ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
8808 return 0;
8809 } else {
8810 ZVAL_STR_COPY(zv, ce->name);
8811 }
8812 } else {
8813 ZVAL_EMPTY_STRING(zv);
8814 }
8815 break;
8816 case T_TRAIT_C:
8817 if (ce && (ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
8818 ZVAL_STR_COPY(zv, ce->name);
8819 } else {
8820 ZVAL_EMPTY_STRING(zv);
8821 }
8822 break;
8823 case T_NS_C:
8824 if (FC(current_namespace)) {
8825 ZVAL_STR_COPY(zv, FC(current_namespace));
8826 } else {
8827 ZVAL_EMPTY_STRING(zv);
8828 }
8829 break;
8830 EMPTY_SWITCH_DEFAULT_CASE()
8831 }
8832
8833 return 1;
8834 }
8835 /* }}} */
8836
zend_is_op_long_compatible(const zval * op)8837 ZEND_API bool zend_is_op_long_compatible(const zval *op)
8838 {
8839 if (Z_TYPE_P(op) == IS_ARRAY) {
8840 return false;
8841 }
8842
8843 if (Z_TYPE_P(op) == IS_DOUBLE
8844 && !zend_is_long_compatible(Z_DVAL_P(op), zend_dval_to_lval(Z_DVAL_P(op)))) {
8845 return false;
8846 }
8847
8848 if (Z_TYPE_P(op) == IS_STRING) {
8849 double dval = 0;
8850 uint8_t is_num = is_numeric_str_function(Z_STR_P(op), NULL, &dval);
8851 if (is_num == 0 || (is_num == IS_DOUBLE && !zend_is_long_compatible(dval, zend_dval_to_lval(dval)))) {
8852 return false;
8853 }
8854 }
8855
8856 return true;
8857 }
8858
zend_binary_op_produces_error(uint32_t opcode,const zval * op1,const zval * op2)8859 ZEND_API bool zend_binary_op_produces_error(uint32_t opcode, const zval *op1, const zval *op2) /* {{{ */
8860 {
8861 if ((opcode == ZEND_CONCAT || opcode == ZEND_FAST_CONCAT)) {
8862 /* Array to string warning. */
8863 return Z_TYPE_P(op1) == IS_ARRAY || Z_TYPE_P(op2) == IS_ARRAY;
8864 }
8865
8866 if (!(opcode == ZEND_ADD || opcode == ZEND_SUB || opcode == ZEND_MUL || opcode == ZEND_DIV
8867 || opcode == ZEND_POW || opcode == ZEND_MOD || opcode == ZEND_SL || opcode == ZEND_SR
8868 || opcode == ZEND_BW_OR || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR)) {
8869 /* Only the numeric operations throw errors. */
8870 return 0;
8871 }
8872
8873 if (Z_TYPE_P(op1) == IS_ARRAY || Z_TYPE_P(op2) == IS_ARRAY) {
8874 if (opcode == ZEND_ADD && Z_TYPE_P(op1) == IS_ARRAY && Z_TYPE_P(op2) == IS_ARRAY) {
8875 /* Adding two arrays is allowed. */
8876 return 0;
8877 }
8878
8879 /* Numeric operators throw when one of the operands is an array. */
8880 return 1;
8881 }
8882
8883 /* While basic arithmetic operators always produce numeric string errors,
8884 * bitwise operators don't produce errors if both operands are strings */
8885 if ((opcode == ZEND_BW_OR || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR)
8886 && Z_TYPE_P(op1) == IS_STRING && Z_TYPE_P(op2) == IS_STRING) {
8887 return 0;
8888 }
8889
8890 if (Z_TYPE_P(op1) == IS_STRING
8891 && !is_numeric_string(Z_STRVAL_P(op1), Z_STRLEN_P(op1), NULL, NULL, 0)) {
8892 return 1;
8893 }
8894
8895 if (Z_TYPE_P(op2) == IS_STRING
8896 && !is_numeric_string(Z_STRVAL_P(op2), Z_STRLEN_P(op2), NULL, NULL, 0)) {
8897 return 1;
8898 }
8899
8900 if ((opcode == ZEND_MOD && zval_get_long(op2) == 0)
8901 || (opcode == ZEND_DIV && zval_get_double(op2) == 0.0)) {
8902 /* Division by zero throws an error. */
8903 return 1;
8904 }
8905 if ((opcode == ZEND_SL || opcode == ZEND_SR) && zval_get_long(op2) < 0) {
8906 /* Shift by negative number throws an error. */
8907 return 1;
8908 }
8909
8910 /* Operation which cast float/float-strings to integers might produce incompatible float to int errors */
8911 if (opcode == ZEND_SL || opcode == ZEND_SR || opcode == ZEND_BW_OR
8912 || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR || opcode == ZEND_MOD) {
8913 return !zend_is_op_long_compatible(op1) || !zend_is_op_long_compatible(op2);
8914 }
8915
8916 return 0;
8917 }
8918 /* }}} */
8919
zend_try_ct_eval_binary_op(zval * result,uint32_t opcode,zval * op1,zval * op2)8920 static inline bool zend_try_ct_eval_binary_op(zval *result, uint32_t opcode, zval *op1, zval *op2) /* {{{ */
8921 {
8922 if (zend_binary_op_produces_error(opcode, op1, op2)) {
8923 return 0;
8924 }
8925
8926 binary_op_type fn = get_binary_op(opcode);
8927 fn(result, op1, op2);
8928 return 1;
8929 }
8930 /* }}} */
8931
zend_unary_op_produces_error(uint32_t opcode,const zval * op)8932 ZEND_API bool zend_unary_op_produces_error(uint32_t opcode, const zval *op)
8933 {
8934 if (opcode == ZEND_BW_NOT) {
8935 /* BW_NOT on string does not convert the string into an integer. */
8936 if (Z_TYPE_P(op) == IS_STRING) {
8937 return 0;
8938 }
8939 return Z_TYPE_P(op) <= IS_TRUE || !zend_is_op_long_compatible(op);
8940 }
8941
8942 return 0;
8943 }
8944
zend_try_ct_eval_unary_op(zval * result,uint32_t opcode,zval * op)8945 static inline bool zend_try_ct_eval_unary_op(zval *result, uint32_t opcode, zval *op) /* {{{ */
8946 {
8947 if (zend_unary_op_produces_error(opcode, op)) {
8948 return 0;
8949 }
8950
8951 unary_op_type fn = get_unary_op(opcode);
8952 fn(result, op);
8953 return 1;
8954 }
8955 /* }}} */
8956
zend_try_ct_eval_unary_pm(zval * result,zend_ast_kind kind,zval * op)8957 static inline bool zend_try_ct_eval_unary_pm(zval *result, zend_ast_kind kind, zval *op) /* {{{ */
8958 {
8959 zval right;
8960 ZVAL_LONG(&right, (kind == ZEND_AST_UNARY_PLUS) ? 1 : -1);
8961 return zend_try_ct_eval_binary_op(result, ZEND_MUL, op, &right);
8962 }
8963 /* }}} */
8964
zend_ct_eval_greater(zval * result,zend_ast_kind kind,zval * op1,zval * op2)8965 static inline void zend_ct_eval_greater(zval *result, zend_ast_kind kind, zval *op1, zval *op2) /* {{{ */
8966 {
8967 binary_op_type fn = kind == ZEND_AST_GREATER
8968 ? is_smaller_function : is_smaller_or_equal_function;
8969 fn(result, op2, op1);
8970 }
8971 /* }}} */
8972
zend_try_ct_eval_array(zval * result,zend_ast * ast)8973 static bool zend_try_ct_eval_array(zval *result, zend_ast *ast) /* {{{ */
8974 {
8975 zend_ast_list *list = zend_ast_get_list(ast);
8976 zend_ast *last_elem_ast = NULL;
8977 uint32_t i;
8978 bool is_constant = 1;
8979
8980 if (ast->attr == ZEND_ARRAY_SYNTAX_LIST) {
8981 zend_error(E_COMPILE_ERROR, "Cannot use list() as standalone expression");
8982 }
8983
8984 /* First ensure that *all* child nodes are constant and by-val */
8985 for (i = 0; i < list->children; ++i) {
8986 zend_ast *elem_ast = list->child[i];
8987
8988 if (elem_ast == NULL) {
8989 /* Report error at line of last non-empty element */
8990 if (last_elem_ast) {
8991 CG(zend_lineno) = zend_ast_get_lineno(last_elem_ast);
8992 }
8993 zend_error(E_COMPILE_ERROR, "Cannot use empty array elements in arrays");
8994 }
8995
8996 if (elem_ast->kind != ZEND_AST_UNPACK) {
8997 zend_eval_const_expr(&elem_ast->child[0]);
8998 zend_eval_const_expr(&elem_ast->child[1]);
8999
9000 if (elem_ast->attr /* by_ref */ || elem_ast->child[0]->kind != ZEND_AST_ZVAL
9001 || (elem_ast->child[1] && elem_ast->child[1]->kind != ZEND_AST_ZVAL)
9002 ) {
9003 is_constant = 0;
9004 }
9005 } else {
9006 zend_eval_const_expr(&elem_ast->child[0]);
9007
9008 if (elem_ast->child[0]->kind != ZEND_AST_ZVAL) {
9009 is_constant = 0;
9010 }
9011 }
9012
9013 last_elem_ast = elem_ast;
9014 }
9015
9016 if (!is_constant) {
9017 return 0;
9018 }
9019
9020 if (!list->children) {
9021 ZVAL_EMPTY_ARRAY(result);
9022 return 1;
9023 }
9024
9025 array_init_size(result, list->children);
9026 for (i = 0; i < list->children; ++i) {
9027 zend_ast *elem_ast = list->child[i];
9028 zend_ast *value_ast = elem_ast->child[0];
9029 zend_ast *key_ast;
9030
9031 zval *value = zend_ast_get_zval(value_ast);
9032 if (elem_ast->kind == ZEND_AST_UNPACK) {
9033 if (Z_TYPE_P(value) == IS_ARRAY) {
9034 HashTable *ht = Z_ARRVAL_P(value);
9035 zval *val;
9036 zend_string *key;
9037
9038 ZEND_HASH_FOREACH_STR_KEY_VAL(ht, key, val) {
9039 if (key) {
9040 zend_hash_update(Z_ARRVAL_P(result), key, val);
9041 } else if (!zend_hash_next_index_insert(Z_ARRVAL_P(result), val)) {
9042 zval_ptr_dtor(result);
9043 return 0;
9044 }
9045 Z_TRY_ADDREF_P(val);
9046 } ZEND_HASH_FOREACH_END();
9047
9048 continue;
9049 } else {
9050 zend_error_noreturn(E_COMPILE_ERROR, "Only arrays and Traversables can be unpacked");
9051 }
9052 }
9053
9054 Z_TRY_ADDREF_P(value);
9055
9056 key_ast = elem_ast->child[1];
9057 if (key_ast) {
9058 zval *key = zend_ast_get_zval(key_ast);
9059 switch (Z_TYPE_P(key)) {
9060 case IS_LONG:
9061 zend_hash_index_update(Z_ARRVAL_P(result), Z_LVAL_P(key), value);
9062 break;
9063 case IS_STRING:
9064 zend_symtable_update(Z_ARRVAL_P(result), Z_STR_P(key), value);
9065 break;
9066 case IS_DOUBLE: {
9067 zend_long lval = zend_dval_to_lval(Z_DVAL_P(key));
9068 /* Incompatible float will generate an error, leave this to run-time */
9069 if (!zend_is_long_compatible(Z_DVAL_P(key), lval)) {
9070 zval_ptr_dtor_nogc(value);
9071 zval_ptr_dtor(result);
9072 return 0;
9073 }
9074 zend_hash_index_update(Z_ARRVAL_P(result), lval, value);
9075 break;
9076 }
9077 case IS_FALSE:
9078 zend_hash_index_update(Z_ARRVAL_P(result), 0, value);
9079 break;
9080 case IS_TRUE:
9081 zend_hash_index_update(Z_ARRVAL_P(result), 1, value);
9082 break;
9083 case IS_NULL:
9084 zend_hash_update(Z_ARRVAL_P(result), ZSTR_EMPTY_ALLOC(), value);
9085 break;
9086 default:
9087 zend_error_noreturn(E_COMPILE_ERROR, "Illegal offset type");
9088 break;
9089 }
9090 } else if (!zend_hash_next_index_insert(Z_ARRVAL_P(result), value)) {
9091 zval_ptr_dtor_nogc(value);
9092 zval_ptr_dtor(result);
9093 return 0;
9094 }
9095 }
9096
9097 return 1;
9098 }
9099 /* }}} */
9100
zend_compile_binary_op(znode * result,zend_ast * ast)9101 static void zend_compile_binary_op(znode *result, zend_ast *ast) /* {{{ */
9102 {
9103 zend_ast *left_ast = ast->child[0];
9104 zend_ast *right_ast = ast->child[1];
9105 uint32_t opcode = ast->attr;
9106
9107 znode left_node, right_node;
9108
9109 zend_compile_expr(&left_node, left_ast);
9110 zend_compile_expr(&right_node, right_ast);
9111
9112 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
9113 if (zend_try_ct_eval_binary_op(&result->u.constant, opcode,
9114 &left_node.u.constant, &right_node.u.constant)
9115 ) {
9116 result->op_type = IS_CONST;
9117 zval_ptr_dtor(&left_node.u.constant);
9118 zval_ptr_dtor(&right_node.u.constant);
9119 return;
9120 }
9121 }
9122
9123 do {
9124 if (opcode == ZEND_IS_EQUAL || opcode == ZEND_IS_NOT_EQUAL) {
9125 if (left_node.op_type == IS_CONST) {
9126 if (Z_TYPE(left_node.u.constant) == IS_FALSE) {
9127 opcode = (opcode == ZEND_IS_NOT_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
9128 zend_emit_op_tmp(result, opcode, &right_node, NULL);
9129 break;
9130 } else if (Z_TYPE(left_node.u.constant) == IS_TRUE) {
9131 opcode = (opcode == ZEND_IS_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
9132 zend_emit_op_tmp(result, opcode, &right_node, NULL);
9133 break;
9134 }
9135 } else if (right_node.op_type == IS_CONST) {
9136 if (Z_TYPE(right_node.u.constant) == IS_FALSE) {
9137 opcode = (opcode == ZEND_IS_NOT_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
9138 zend_emit_op_tmp(result, opcode, &left_node, NULL);
9139 break;
9140 } else if (Z_TYPE(right_node.u.constant) == IS_TRUE) {
9141 opcode = (opcode == ZEND_IS_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
9142 zend_emit_op_tmp(result, opcode, &left_node, NULL);
9143 break;
9144 }
9145 }
9146 } else if (opcode == ZEND_IS_IDENTICAL || opcode == ZEND_IS_NOT_IDENTICAL) {
9147 /* convert $x === null to is_null($x) (i.e. ZEND_TYPE_CHECK opcode). Do the same thing for false/true. (covers IS_NULL, IS_FALSE, and IS_TRUE) */
9148 if (left_node.op_type == IS_CONST) {
9149 if (Z_TYPE(left_node.u.constant) <= IS_TRUE && Z_TYPE(left_node.u.constant) >= IS_NULL) {
9150 zend_op *opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &right_node, NULL);
9151 opline->extended_value =
9152 (opcode == ZEND_IS_IDENTICAL) ?
9153 (1 << Z_TYPE(left_node.u.constant)) :
9154 (MAY_BE_ANY - (1 << Z_TYPE(left_node.u.constant)));
9155 return;
9156 }
9157 } else if (right_node.op_type == IS_CONST) {
9158 if (Z_TYPE(right_node.u.constant) <= IS_TRUE && Z_TYPE(right_node.u.constant) >= IS_NULL) {
9159 zend_op *opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &left_node, NULL);
9160 opline->extended_value =
9161 (opcode == ZEND_IS_IDENTICAL) ?
9162 (1 << Z_TYPE(right_node.u.constant)) :
9163 (MAY_BE_ANY - (1 << Z_TYPE(right_node.u.constant)));
9164 return;
9165 }
9166 }
9167 } else if (opcode == ZEND_CONCAT) {
9168 /* convert constant operands to strings at compile-time */
9169 if (left_node.op_type == IS_CONST) {
9170 if (Z_TYPE(left_node.u.constant) == IS_ARRAY) {
9171 zend_emit_op_tmp(&left_node, ZEND_CAST, &left_node, NULL)->extended_value = IS_STRING;
9172 } else {
9173 convert_to_string(&left_node.u.constant);
9174 }
9175 }
9176 if (right_node.op_type == IS_CONST) {
9177 if (Z_TYPE(right_node.u.constant) == IS_ARRAY) {
9178 zend_emit_op_tmp(&right_node, ZEND_CAST, &right_node, NULL)->extended_value = IS_STRING;
9179 } else {
9180 convert_to_string(&right_node.u.constant);
9181 }
9182 }
9183 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
9184 opcode = ZEND_FAST_CONCAT;
9185 }
9186 }
9187 zend_emit_op_tmp(result, opcode, &left_node, &right_node);
9188 } while (0);
9189 }
9190 /* }}} */
9191
9192 /* We do not use zend_compile_binary_op for this because we want to retain the left-to-right
9193 * evaluation order. */
zend_compile_greater(znode * result,zend_ast * ast)9194 static void zend_compile_greater(znode *result, zend_ast *ast) /* {{{ */
9195 {
9196 zend_ast *left_ast = ast->child[0];
9197 zend_ast *right_ast = ast->child[1];
9198 znode left_node, right_node;
9199
9200 ZEND_ASSERT(ast->kind == ZEND_AST_GREATER || ast->kind == ZEND_AST_GREATER_EQUAL);
9201
9202 zend_compile_expr(&left_node, left_ast);
9203 zend_compile_expr(&right_node, right_ast);
9204
9205 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
9206 result->op_type = IS_CONST;
9207 zend_ct_eval_greater(&result->u.constant, ast->kind,
9208 &left_node.u.constant, &right_node.u.constant);
9209 zval_ptr_dtor(&left_node.u.constant);
9210 zval_ptr_dtor(&right_node.u.constant);
9211 return;
9212 }
9213
9214 zend_emit_op_tmp(result,
9215 ast->kind == ZEND_AST_GREATER ? ZEND_IS_SMALLER : ZEND_IS_SMALLER_OR_EQUAL,
9216 &right_node, &left_node);
9217 }
9218 /* }}} */
9219
zend_compile_unary_op(znode * result,zend_ast * ast)9220 static void zend_compile_unary_op(znode *result, zend_ast *ast) /* {{{ */
9221 {
9222 zend_ast *expr_ast = ast->child[0];
9223 uint32_t opcode = ast->attr;
9224
9225 znode expr_node;
9226 zend_compile_expr(&expr_node, expr_ast);
9227
9228 if (expr_node.op_type == IS_CONST
9229 && zend_try_ct_eval_unary_op(&result->u.constant, opcode, &expr_node.u.constant)) {
9230 result->op_type = IS_CONST;
9231 zval_ptr_dtor(&expr_node.u.constant);
9232 return;
9233 }
9234
9235 zend_emit_op_tmp(result, opcode, &expr_node, NULL);
9236 }
9237 /* }}} */
9238
zend_compile_unary_pm(znode * result,zend_ast * ast)9239 static void zend_compile_unary_pm(znode *result, zend_ast *ast) /* {{{ */
9240 {
9241 zend_ast *expr_ast = ast->child[0];
9242 znode expr_node, right_node;
9243
9244 ZEND_ASSERT(ast->kind == ZEND_AST_UNARY_PLUS || ast->kind == ZEND_AST_UNARY_MINUS);
9245
9246 zend_compile_expr(&expr_node, expr_ast);
9247
9248 if (expr_node.op_type == IS_CONST
9249 && zend_try_ct_eval_unary_pm(&result->u.constant, ast->kind, &expr_node.u.constant)) {
9250 result->op_type = IS_CONST;
9251 zval_ptr_dtor(&expr_node.u.constant);
9252 return;
9253 }
9254
9255 right_node.op_type = IS_CONST;
9256 ZVAL_LONG(&right_node.u.constant, (ast->kind == ZEND_AST_UNARY_PLUS) ? 1 : -1);
9257 zend_emit_op_tmp(result, ZEND_MUL, &expr_node, &right_node);
9258 }
9259 /* }}} */
9260
zend_compile_short_circuiting(znode * result,zend_ast * ast)9261 static void zend_compile_short_circuiting(znode *result, zend_ast *ast) /* {{{ */
9262 {
9263 zend_ast *left_ast = ast->child[0];
9264 zend_ast *right_ast = ast->child[1];
9265
9266 znode left_node, right_node;
9267 zend_op *opline_jmpz, *opline_bool;
9268 uint32_t opnum_jmpz;
9269
9270 ZEND_ASSERT(ast->kind == ZEND_AST_AND || ast->kind == ZEND_AST_OR);
9271
9272 zend_compile_expr(&left_node, left_ast);
9273
9274 if (left_node.op_type == IS_CONST) {
9275 if ((ast->kind == ZEND_AST_AND && !zend_is_true(&left_node.u.constant))
9276 || (ast->kind == ZEND_AST_OR && zend_is_true(&left_node.u.constant))) {
9277 result->op_type = IS_CONST;
9278 ZVAL_BOOL(&result->u.constant, zend_is_true(&left_node.u.constant));
9279 } else {
9280 zend_compile_expr(&right_node, right_ast);
9281
9282 if (right_node.op_type == IS_CONST) {
9283 result->op_type = IS_CONST;
9284 ZVAL_BOOL(&result->u.constant, zend_is_true(&right_node.u.constant));
9285
9286 zval_ptr_dtor(&right_node.u.constant);
9287 } else {
9288 zend_emit_op_tmp(result, ZEND_BOOL, &right_node, NULL);
9289 }
9290 }
9291
9292 zval_ptr_dtor(&left_node.u.constant);
9293 return;
9294 }
9295
9296 opnum_jmpz = get_next_op_number();
9297 opline_jmpz = zend_emit_op(NULL, ast->kind == ZEND_AST_AND ? ZEND_JMPZ_EX : ZEND_JMPNZ_EX,
9298 &left_node, NULL);
9299
9300 if (left_node.op_type == IS_TMP_VAR) {
9301 SET_NODE(opline_jmpz->result, &left_node);
9302 GET_NODE(result, opline_jmpz->result);
9303 } else {
9304 zend_make_tmp_result(result, opline_jmpz);
9305 }
9306
9307 zend_compile_expr(&right_node, right_ast);
9308
9309 opline_bool = zend_emit_op(NULL, ZEND_BOOL, &right_node, NULL);
9310 SET_NODE(opline_bool->result, result);
9311
9312 zend_update_jump_target_to_next(opnum_jmpz);
9313 }
9314 /* }}} */
9315
zend_compile_post_incdec(znode * result,zend_ast * ast)9316 static void zend_compile_post_incdec(znode *result, zend_ast *ast) /* {{{ */
9317 {
9318 zend_ast *var_ast = ast->child[0];
9319 ZEND_ASSERT(ast->kind == ZEND_AST_POST_INC || ast->kind == ZEND_AST_POST_DEC);
9320
9321 zend_ensure_writable_variable(var_ast);
9322
9323 if (var_ast->kind == ZEND_AST_PROP || var_ast->kind == ZEND_AST_NULLSAFE_PROP) {
9324 zend_op *opline = zend_compile_prop(NULL, var_ast, BP_VAR_RW, 0);
9325 opline->opcode = ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC_OBJ : ZEND_POST_DEC_OBJ;
9326 zend_make_tmp_result(result, opline);
9327 } else if (var_ast->kind == ZEND_AST_STATIC_PROP) {
9328 zend_op *opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_RW, 0, 0);
9329 opline->opcode = ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC_STATIC_PROP : ZEND_POST_DEC_STATIC_PROP;
9330 zend_make_tmp_result(result, opline);
9331 } else {
9332 znode var_node;
9333 zend_op *opline = zend_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
9334 if (opline && opline->opcode == ZEND_FETCH_DIM_RW) {
9335 opline->extended_value = ZEND_FETCH_DIM_INCDEC;
9336 }
9337 zend_emit_op_tmp(result, ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC : ZEND_POST_DEC,
9338 &var_node, NULL);
9339 }
9340 }
9341 /* }}} */
9342
zend_compile_pre_incdec(znode * result,zend_ast * ast)9343 static void zend_compile_pre_incdec(znode *result, zend_ast *ast) /* {{{ */
9344 {
9345 zend_ast *var_ast = ast->child[0];
9346 ZEND_ASSERT(ast->kind == ZEND_AST_PRE_INC || ast->kind == ZEND_AST_PRE_DEC);
9347
9348 zend_ensure_writable_variable(var_ast);
9349
9350 if (var_ast->kind == ZEND_AST_PROP || var_ast->kind == ZEND_AST_NULLSAFE_PROP) {
9351 zend_op *opline = zend_compile_prop(result, var_ast, BP_VAR_RW, 0);
9352 opline->opcode = ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC_OBJ : ZEND_PRE_DEC_OBJ;
9353 opline->result_type = IS_TMP_VAR;
9354 result->op_type = IS_TMP_VAR;
9355 } else if (var_ast->kind == ZEND_AST_STATIC_PROP) {
9356 zend_op *opline = zend_compile_static_prop(result, var_ast, BP_VAR_RW, 0, 0);
9357 opline->opcode = ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC_STATIC_PROP : ZEND_PRE_DEC_STATIC_PROP;
9358 opline->result_type = IS_TMP_VAR;
9359 result->op_type = IS_TMP_VAR;
9360 } else {
9361 znode var_node;
9362 zend_op *opline = zend_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
9363 if (opline && opline->opcode == ZEND_FETCH_DIM_RW) {
9364 opline->extended_value = ZEND_FETCH_DIM_INCDEC;
9365 }
9366 zend_emit_op_tmp(result, ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC : ZEND_PRE_DEC,
9367 &var_node, NULL);
9368 }
9369 }
9370 /* }}} */
9371
zend_compile_cast(znode * result,zend_ast * ast)9372 static void zend_compile_cast(znode *result, zend_ast *ast) /* {{{ */
9373 {
9374 zend_ast *expr_ast = ast->child[0];
9375 znode expr_node;
9376 zend_op *opline;
9377
9378 zend_compile_expr(&expr_node, expr_ast);
9379
9380 if (ast->attr == _IS_BOOL) {
9381 opline = zend_emit_op_tmp(result, ZEND_BOOL, &expr_node, NULL);
9382 } else if (ast->attr == IS_NULL) {
9383 zend_error(E_COMPILE_ERROR, "The (unset) cast is no longer supported");
9384 } else {
9385 opline = zend_emit_op_tmp(result, ZEND_CAST, &expr_node, NULL);
9386 opline->extended_value = ast->attr;
9387 }
9388 }
9389 /* }}} */
9390
zend_compile_shorthand_conditional(znode * result,zend_ast * ast)9391 static void zend_compile_shorthand_conditional(znode *result, zend_ast *ast) /* {{{ */
9392 {
9393 zend_ast *cond_ast = ast->child[0];
9394 zend_ast *false_ast = ast->child[2];
9395
9396 znode cond_node, false_node;
9397 zend_op *opline_qm_assign;
9398 uint32_t opnum_jmp_set;
9399
9400 ZEND_ASSERT(ast->child[1] == NULL);
9401
9402 zend_compile_expr(&cond_node, cond_ast);
9403
9404 opnum_jmp_set = get_next_op_number();
9405 zend_emit_op_tmp(result, ZEND_JMP_SET, &cond_node, NULL);
9406
9407 zend_compile_expr(&false_node, false_ast);
9408
9409 opline_qm_assign = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &false_node, NULL);
9410 SET_NODE(opline_qm_assign->result, result);
9411
9412 zend_update_jump_target_to_next(opnum_jmp_set);
9413 }
9414 /* }}} */
9415
zend_compile_conditional(znode * result,zend_ast * ast)9416 static void zend_compile_conditional(znode *result, zend_ast *ast) /* {{{ */
9417 {
9418 zend_ast *cond_ast = ast->child[0];
9419 zend_ast *true_ast = ast->child[1];
9420 zend_ast *false_ast = ast->child[2];
9421
9422 znode cond_node, true_node, false_node;
9423 zend_op *opline_qm_assign2;
9424 uint32_t opnum_jmpz, opnum_jmp;
9425
9426 if (cond_ast->kind == ZEND_AST_CONDITIONAL
9427 && cond_ast->attr != ZEND_PARENTHESIZED_CONDITIONAL) {
9428 if (cond_ast->child[1]) {
9429 if (true_ast) {
9430 zend_error(E_COMPILE_ERROR,
9431 "Unparenthesized `a ? b : c ? d : e` is not supported. "
9432 "Use either `(a ? b : c) ? d : e` or `a ? b : (c ? d : e)`");
9433 } else {
9434 zend_error(E_COMPILE_ERROR,
9435 "Unparenthesized `a ? b : c ?: d` is not supported. "
9436 "Use either `(a ? b : c) ?: d` or `a ? b : (c ?: d)`");
9437 }
9438 } else {
9439 if (true_ast) {
9440 zend_error(E_COMPILE_ERROR,
9441 "Unparenthesized `a ?: b ? c : d` is not supported. "
9442 "Use either `(a ?: b) ? c : d` or `a ?: (b ? c : d)`");
9443 } else {
9444 /* This case is harmless: (a ?: b) ?: c always produces the same result
9445 * as a ?: (b ?: c). */
9446 }
9447 }
9448 }
9449
9450 if (!true_ast) {
9451 zend_compile_shorthand_conditional(result, ast);
9452 return;
9453 }
9454
9455 zend_compile_expr(&cond_node, cond_ast);
9456
9457 opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
9458
9459 zend_compile_expr(&true_node, true_ast);
9460
9461 zend_emit_op_tmp(result, ZEND_QM_ASSIGN, &true_node, NULL);
9462
9463 opnum_jmp = zend_emit_jump(0);
9464
9465 zend_update_jump_target_to_next(opnum_jmpz);
9466
9467 zend_compile_expr(&false_node, false_ast);
9468
9469 opline_qm_assign2 = zend_emit_op(NULL, ZEND_QM_ASSIGN, &false_node, NULL);
9470 SET_NODE(opline_qm_assign2->result, result);
9471
9472 zend_update_jump_target_to_next(opnum_jmp);
9473 }
9474 /* }}} */
9475
zend_compile_coalesce(znode * result,zend_ast * ast)9476 static void zend_compile_coalesce(znode *result, zend_ast *ast) /* {{{ */
9477 {
9478 zend_ast *expr_ast = ast->child[0];
9479 zend_ast *default_ast = ast->child[1];
9480
9481 znode expr_node, default_node;
9482 zend_op *opline;
9483 uint32_t opnum;
9484
9485 zend_compile_var(&expr_node, expr_ast, BP_VAR_IS, 0);
9486
9487 opnum = get_next_op_number();
9488 zend_emit_op_tmp(result, ZEND_COALESCE, &expr_node, NULL);
9489
9490 zend_compile_expr(&default_node, default_ast);
9491
9492 opline = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &default_node, NULL);
9493 SET_NODE(opline->result, result);
9494
9495 opline = &CG(active_op_array)->opcodes[opnum];
9496 opline->op2.opline_num = get_next_op_number();
9497 }
9498 /* }}} */
9499
znode_dtor(zval * zv)9500 static void znode_dtor(zval *zv) {
9501 znode *node = Z_PTR_P(zv);
9502 if (node->op_type == IS_CONST) {
9503 zval_ptr_dtor_nogc(&node->u.constant);
9504 }
9505 efree(node);
9506 }
9507
zend_compile_assign_coalesce(znode * result,zend_ast * ast)9508 static void zend_compile_assign_coalesce(znode *result, zend_ast *ast) /* {{{ */
9509 {
9510 zend_ast *var_ast = ast->child[0];
9511 zend_ast *default_ast = ast->child[1];
9512
9513 znode var_node_is, var_node_w, default_node, assign_node, *node;
9514 zend_op *opline;
9515 uint32_t coalesce_opnum;
9516 bool need_frees = 0;
9517
9518 /* Remember expressions compiled during the initial BP_VAR_IS lookup,
9519 * to avoid double-evaluation when we compile again with BP_VAR_W. */
9520 HashTable *orig_memoized_exprs = CG(memoized_exprs);
9521 const zend_memoize_mode orig_memoize_mode = CG(memoize_mode);
9522
9523 zend_ensure_writable_variable(var_ast);
9524 if (is_this_fetch(var_ast)) {
9525 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
9526 }
9527
9528 ALLOC_HASHTABLE(CG(memoized_exprs));
9529 zend_hash_init(CG(memoized_exprs), 0, NULL, znode_dtor, 0);
9530
9531 CG(memoize_mode) = ZEND_MEMOIZE_COMPILE;
9532 zend_compile_var(&var_node_is, var_ast, BP_VAR_IS, 0);
9533
9534 coalesce_opnum = get_next_op_number();
9535 zend_emit_op_tmp(result, ZEND_COALESCE, &var_node_is, NULL);
9536
9537 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
9538 if (var_ast->kind == ZEND_AST_DIM) {
9539 zend_compile_expr_with_potential_assign_to_self(&default_node, default_ast, var_ast);
9540 } else {
9541 zend_compile_expr(&default_node, default_ast);
9542 }
9543
9544 CG(memoize_mode) = ZEND_MEMOIZE_FETCH;
9545 zend_compile_var(&var_node_w, var_ast, BP_VAR_W, 0);
9546
9547 /* Reproduce some of the zend_compile_assign() opcode fixup logic here. */
9548 opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
9549 /* Treat $GLOBALS['x'] assignment like assignment to variable. */
9550 zend_ast_kind kind = is_global_var_fetch(var_ast) ? ZEND_AST_VAR : var_ast->kind;
9551 switch (kind) {
9552 case ZEND_AST_VAR:
9553 zend_emit_op_tmp(&assign_node, ZEND_ASSIGN, &var_node_w, &default_node);
9554 break;
9555 case ZEND_AST_STATIC_PROP:
9556 opline->opcode = ZEND_ASSIGN_STATIC_PROP;
9557 opline->result_type = IS_TMP_VAR;
9558 var_node_w.op_type = IS_TMP_VAR;
9559 zend_emit_op_data(&default_node);
9560 assign_node = var_node_w;
9561 break;
9562 case ZEND_AST_DIM:
9563 opline->opcode = ZEND_ASSIGN_DIM;
9564 opline->result_type = IS_TMP_VAR;
9565 var_node_w.op_type = IS_TMP_VAR;
9566 zend_emit_op_data(&default_node);
9567 assign_node = var_node_w;
9568 break;
9569 case ZEND_AST_PROP:
9570 case ZEND_AST_NULLSAFE_PROP:
9571 opline->opcode = ZEND_ASSIGN_OBJ;
9572 opline->result_type = IS_TMP_VAR;
9573 var_node_w.op_type = IS_TMP_VAR;
9574 zend_emit_op_data(&default_node);
9575 assign_node = var_node_w;
9576 break;
9577 EMPTY_SWITCH_DEFAULT_CASE();
9578 }
9579
9580 opline = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &assign_node, NULL);
9581 SET_NODE(opline->result, result);
9582
9583 ZEND_HASH_FOREACH_PTR(CG(memoized_exprs), node) {
9584 if (node->op_type == IS_TMP_VAR || node->op_type == IS_VAR) {
9585 need_frees = 1;
9586 break;
9587 }
9588 } ZEND_HASH_FOREACH_END();
9589
9590 /* Free DUPed expressions if there are any */
9591 if (need_frees) {
9592 uint32_t jump_opnum = zend_emit_jump(0);
9593 zend_update_jump_target_to_next(coalesce_opnum);
9594 ZEND_HASH_FOREACH_PTR(CG(memoized_exprs), node) {
9595 if (node->op_type == IS_TMP_VAR || node->op_type == IS_VAR) {
9596 zend_emit_op(NULL, ZEND_FREE, node, NULL);
9597 }
9598 } ZEND_HASH_FOREACH_END();
9599 zend_update_jump_target_to_next(jump_opnum);
9600 } else {
9601 zend_update_jump_target_to_next(coalesce_opnum);
9602 }
9603
9604 zend_hash_destroy(CG(memoized_exprs));
9605 FREE_HASHTABLE(CG(memoized_exprs));
9606 CG(memoized_exprs) = orig_memoized_exprs;
9607 CG(memoize_mode) = orig_memoize_mode;
9608 }
9609 /* }}} */
9610
zend_compile_print(znode * result,zend_ast * ast)9611 static void zend_compile_print(znode *result, zend_ast *ast) /* {{{ */
9612 {
9613 zend_op *opline;
9614 zend_ast *expr_ast = ast->child[0];
9615
9616 znode expr_node;
9617 zend_compile_expr(&expr_node, expr_ast);
9618
9619 opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
9620 opline->extended_value = 1;
9621
9622 result->op_type = IS_CONST;
9623 ZVAL_LONG(&result->u.constant, 1);
9624 }
9625 /* }}} */
9626
zend_compile_exit(znode * result,zend_ast * ast)9627 static void zend_compile_exit(znode *result, zend_ast *ast) /* {{{ */
9628 {
9629 zend_ast *expr_ast = ast->child[0];
9630 znode expr_node;
9631
9632 if (expr_ast) {
9633 zend_compile_expr(&expr_node, expr_ast);
9634 } else {
9635 expr_node.op_type = IS_UNUSED;
9636 }
9637
9638 zend_op *opline = zend_emit_op(NULL, ZEND_EXIT, &expr_node, NULL);
9639 if (result) {
9640 /* Mark this as an "expression throw" for opcache. */
9641 opline->extended_value = ZEND_THROW_IS_EXPR;
9642 result->op_type = IS_CONST;
9643 ZVAL_TRUE(&result->u.constant);
9644 }
9645 }
9646 /* }}} */
9647
zend_compile_yield(znode * result,zend_ast * ast)9648 static void zend_compile_yield(znode *result, zend_ast *ast) /* {{{ */
9649 {
9650 zend_ast *value_ast = ast->child[0];
9651 zend_ast *key_ast = ast->child[1];
9652
9653 znode value_node, key_node;
9654 znode *value_node_ptr = NULL, *key_node_ptr = NULL;
9655 zend_op *opline;
9656 bool returns_by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
9657
9658 zend_mark_function_as_generator();
9659
9660 if (key_ast) {
9661 zend_compile_expr(&key_node, key_ast);
9662 key_node_ptr = &key_node;
9663 }
9664
9665 if (value_ast) {
9666 if (returns_by_ref && zend_is_variable(value_ast)) {
9667 zend_compile_var(&value_node, value_ast, BP_VAR_W, 1);
9668 } else {
9669 zend_compile_expr(&value_node, value_ast);
9670 }
9671 value_node_ptr = &value_node;
9672 }
9673
9674 opline = zend_emit_op(result, ZEND_YIELD, value_node_ptr, key_node_ptr);
9675
9676 if (value_ast && returns_by_ref && zend_is_call(value_ast)) {
9677 opline->extended_value = ZEND_RETURNS_FUNCTION;
9678 }
9679 }
9680 /* }}} */
9681
zend_compile_yield_from(znode * result,zend_ast * ast)9682 static void zend_compile_yield_from(znode *result, zend_ast *ast) /* {{{ */
9683 {
9684 zend_ast *expr_ast = ast->child[0];
9685 znode expr_node;
9686
9687 zend_mark_function_as_generator();
9688
9689 if (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) {
9690 zend_error_noreturn(E_COMPILE_ERROR,
9691 "Cannot use \"yield from\" inside a by-reference generator");
9692 }
9693
9694 zend_compile_expr(&expr_node, expr_ast);
9695 zend_emit_op_tmp(result, ZEND_YIELD_FROM, &expr_node, NULL);
9696 }
9697 /* }}} */
9698
zend_compile_instanceof(znode * result,zend_ast * ast)9699 static void zend_compile_instanceof(znode *result, zend_ast *ast) /* {{{ */
9700 {
9701 zend_ast *obj_ast = ast->child[0];
9702 zend_ast *class_ast = ast->child[1];
9703
9704 znode obj_node, class_node;
9705 zend_op *opline;
9706
9707 zend_compile_expr(&obj_node, obj_ast);
9708 if (obj_node.op_type == IS_CONST) {
9709 zend_do_free(&obj_node);
9710 result->op_type = IS_CONST;
9711 ZVAL_FALSE(&result->u.constant);
9712 return;
9713 }
9714
9715 zend_compile_class_ref(&class_node, class_ast,
9716 ZEND_FETCH_CLASS_NO_AUTOLOAD | ZEND_FETCH_CLASS_EXCEPTION | ZEND_FETCH_CLASS_SILENT);
9717
9718 opline = zend_emit_op_tmp(result, ZEND_INSTANCEOF, &obj_node, NULL);
9719
9720 if (class_node.op_type == IS_CONST) {
9721 opline->op2_type = IS_CONST;
9722 opline->op2.constant = zend_add_class_name_literal(
9723 Z_STR(class_node.u.constant));
9724 opline->extended_value = zend_alloc_cache_slot();
9725 } else {
9726 SET_NODE(opline->op2, &class_node);
9727 }
9728 }
9729 /* }}} */
9730
zend_compile_include_or_eval(znode * result,zend_ast * ast)9731 static void zend_compile_include_or_eval(znode *result, zend_ast *ast) /* {{{ */
9732 {
9733 zend_ast *expr_ast = ast->child[0];
9734 znode expr_node;
9735 zend_op *opline;
9736
9737 zend_do_extended_fcall_begin();
9738 zend_compile_expr(&expr_node, expr_ast);
9739
9740 opline = zend_emit_op(result, ZEND_INCLUDE_OR_EVAL, &expr_node, NULL);
9741 opline->extended_value = ast->attr;
9742
9743 zend_do_extended_fcall_end();
9744 }
9745 /* }}} */
9746
zend_compile_isset_or_empty(znode * result,zend_ast * ast)9747 static void zend_compile_isset_or_empty(znode *result, zend_ast *ast) /* {{{ */
9748 {
9749 zend_ast *var_ast = ast->child[0];
9750
9751 znode var_node;
9752 zend_op *opline = NULL;
9753
9754 ZEND_ASSERT(ast->kind == ZEND_AST_ISSET || ast->kind == ZEND_AST_EMPTY);
9755
9756 if (!zend_is_variable(var_ast)) {
9757 if (ast->kind == ZEND_AST_EMPTY) {
9758 /* empty(expr) can be transformed to !expr */
9759 zend_ast *not_ast = zend_ast_create_ex(ZEND_AST_UNARY_OP, ZEND_BOOL_NOT, var_ast);
9760 zend_compile_expr(result, not_ast);
9761 return;
9762 } else {
9763 zend_error_noreturn(E_COMPILE_ERROR,
9764 "Cannot use isset() on the result of an expression "
9765 "(you can use \"null !== expression\" instead)");
9766 }
9767 }
9768
9769 if (is_globals_fetch(var_ast)) {
9770 result->op_type = IS_CONST;
9771 ZVAL_BOOL(&result->u.constant, ast->kind == ZEND_AST_ISSET);
9772 return;
9773 }
9774
9775 if (is_global_var_fetch(var_ast)) {
9776 if (!var_ast->child[1]) {
9777 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
9778 }
9779
9780 zend_compile_expr(&var_node, var_ast->child[1]);
9781 if (var_node.op_type == IS_CONST) {
9782 convert_to_string(&var_node.u.constant);
9783 }
9784
9785 opline = zend_emit_op_tmp(result, ZEND_ISSET_ISEMPTY_VAR, &var_node, NULL);
9786 opline->extended_value =
9787 ZEND_FETCH_GLOBAL | (ast->kind == ZEND_AST_EMPTY ? ZEND_ISEMPTY : 0);
9788 return;
9789 }
9790
9791 zend_short_circuiting_mark_inner(var_ast);
9792 switch (var_ast->kind) {
9793 case ZEND_AST_VAR:
9794 if (is_this_fetch(var_ast)) {
9795 opline = zend_emit_op(result, ZEND_ISSET_ISEMPTY_THIS, NULL, NULL);
9796 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
9797 } else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
9798 opline = zend_emit_op(result, ZEND_ISSET_ISEMPTY_CV, &var_node, NULL);
9799 } else {
9800 opline = zend_compile_simple_var_no_cv(result, var_ast, BP_VAR_IS, 0);
9801 opline->opcode = ZEND_ISSET_ISEMPTY_VAR;
9802 }
9803 break;
9804 case ZEND_AST_DIM:
9805 opline = zend_compile_dim(result, var_ast, BP_VAR_IS, /* by_ref */ false);
9806 opline->opcode = ZEND_ISSET_ISEMPTY_DIM_OBJ;
9807 break;
9808 case ZEND_AST_PROP:
9809 case ZEND_AST_NULLSAFE_PROP:
9810 opline = zend_compile_prop(result, var_ast, BP_VAR_IS, 0);
9811 opline->opcode = ZEND_ISSET_ISEMPTY_PROP_OBJ;
9812 break;
9813 case ZEND_AST_STATIC_PROP:
9814 opline = zend_compile_static_prop(result, var_ast, BP_VAR_IS, 0, 0);
9815 opline->opcode = ZEND_ISSET_ISEMPTY_STATIC_PROP;
9816 break;
9817 EMPTY_SWITCH_DEFAULT_CASE()
9818 }
9819
9820 result->op_type = opline->result_type = IS_TMP_VAR;
9821 if (!(ast->kind == ZEND_AST_ISSET)) {
9822 opline->extended_value |= ZEND_ISEMPTY;
9823 }
9824 }
9825 /* }}} */
9826
zend_compile_silence(znode * result,zend_ast * ast)9827 static void zend_compile_silence(znode *result, zend_ast *ast) /* {{{ */
9828 {
9829 zend_ast *expr_ast = ast->child[0];
9830 znode silence_node;
9831
9832 zend_emit_op_tmp(&silence_node, ZEND_BEGIN_SILENCE, NULL, NULL);
9833
9834 if (expr_ast->kind == ZEND_AST_VAR) {
9835 /* For @$var we need to force a FETCH instruction, otherwise the CV access will
9836 * happen outside the silenced section. */
9837 zend_compile_simple_var_no_cv(result, expr_ast, BP_VAR_R, 0 );
9838 } else {
9839 zend_compile_expr(result, expr_ast);
9840 }
9841
9842 zend_emit_op(NULL, ZEND_END_SILENCE, &silence_node, NULL);
9843 }
9844 /* }}} */
9845
zend_compile_shell_exec(znode * result,zend_ast * ast)9846 static void zend_compile_shell_exec(znode *result, zend_ast *ast) /* {{{ */
9847 {
9848 zend_ast *expr_ast = ast->child[0];
9849
9850 zval fn_name;
9851 zend_ast *name_ast, *args_ast, *call_ast;
9852
9853 ZVAL_STRING(&fn_name, "shell_exec");
9854 name_ast = zend_ast_create_zval(&fn_name);
9855 args_ast = zend_ast_create_list(1, ZEND_AST_ARG_LIST, expr_ast);
9856 call_ast = zend_ast_create(ZEND_AST_CALL, name_ast, args_ast);
9857
9858 zend_compile_expr(result, call_ast);
9859
9860 zval_ptr_dtor(&fn_name);
9861 }
9862 /* }}} */
9863
zend_compile_array(znode * result,zend_ast * ast)9864 static void zend_compile_array(znode *result, zend_ast *ast) /* {{{ */
9865 {
9866 zend_ast_list *list = zend_ast_get_list(ast);
9867 zend_op *opline;
9868 uint32_t i, opnum_init = -1;
9869 bool packed = 1;
9870
9871 if (zend_try_ct_eval_array(&result->u.constant, ast)) {
9872 result->op_type = IS_CONST;
9873 return;
9874 }
9875
9876 /* Empty arrays are handled at compile-time */
9877 ZEND_ASSERT(list->children > 0);
9878
9879 for (i = 0; i < list->children; ++i) {
9880 zend_ast *elem_ast = list->child[i];
9881 zend_ast *value_ast, *key_ast;
9882 bool by_ref;
9883 znode value_node, key_node, *key_node_ptr = NULL;
9884
9885 if (elem_ast == NULL) {
9886 zend_error(E_COMPILE_ERROR, "Cannot use empty array elements in arrays");
9887 }
9888
9889 value_ast = elem_ast->child[0];
9890
9891 if (elem_ast->kind == ZEND_AST_UNPACK) {
9892 zend_compile_expr(&value_node, value_ast);
9893 if (i == 0) {
9894 opnum_init = get_next_op_number();
9895 opline = zend_emit_op_tmp(result, ZEND_INIT_ARRAY, NULL, NULL);
9896 }
9897 opline = zend_emit_op(NULL, ZEND_ADD_ARRAY_UNPACK, &value_node, NULL);
9898 SET_NODE(opline->result, result);
9899 continue;
9900 }
9901
9902 key_ast = elem_ast->child[1];
9903 by_ref = elem_ast->attr;
9904
9905 if (key_ast) {
9906 zend_compile_expr(&key_node, key_ast);
9907 zend_handle_numeric_op(&key_node);
9908 key_node_ptr = &key_node;
9909 }
9910
9911 if (by_ref) {
9912 zend_ensure_writable_variable(value_ast);
9913 zend_compile_var(&value_node, value_ast, BP_VAR_W, 1);
9914 } else {
9915 zend_compile_expr(&value_node, value_ast);
9916 }
9917
9918 if (i == 0) {
9919 opnum_init = get_next_op_number();
9920 opline = zend_emit_op_tmp(result, ZEND_INIT_ARRAY, &value_node, key_node_ptr);
9921 opline->extended_value = list->children << ZEND_ARRAY_SIZE_SHIFT;
9922 } else {
9923 opline = zend_emit_op(NULL, ZEND_ADD_ARRAY_ELEMENT,
9924 &value_node, key_node_ptr);
9925 SET_NODE(opline->result, result);
9926 }
9927 opline->extended_value |= by_ref;
9928
9929 if (key_ast && key_node.op_type == IS_CONST && Z_TYPE(key_node.u.constant) == IS_STRING) {
9930 packed = 0;
9931 }
9932 }
9933
9934 /* Add a flag to INIT_ARRAY if we know this array cannot be packed */
9935 if (!packed) {
9936 ZEND_ASSERT(opnum_init != (uint32_t)-1);
9937 opline = &CG(active_op_array)->opcodes[opnum_init];
9938 opline->extended_value |= ZEND_ARRAY_NOT_PACKED;
9939 }
9940 }
9941 /* }}} */
9942
zend_compile_const(znode * result,zend_ast * ast)9943 static void zend_compile_const(znode *result, zend_ast *ast) /* {{{ */
9944 {
9945 zend_ast *name_ast = ast->child[0];
9946
9947 zend_op *opline;
9948
9949 bool is_fully_qualified;
9950 zend_string *orig_name = zend_ast_get_str(name_ast);
9951 zend_string *resolved_name = zend_resolve_const_name(orig_name, name_ast->attr, &is_fully_qualified);
9952
9953 if (zend_string_equals_literal(resolved_name, "__COMPILER_HALT_OFFSET__") || (name_ast->attr != ZEND_NAME_RELATIVE && zend_string_equals_literal(orig_name, "__COMPILER_HALT_OFFSET__"))) {
9954 zend_ast *last = CG(ast);
9955
9956 while (last && last->kind == ZEND_AST_STMT_LIST) {
9957 zend_ast_list *list = zend_ast_get_list(last);
9958 if (list->children == 0) {
9959 break;
9960 }
9961 last = list->child[list->children-1];
9962 }
9963 if (last && last->kind == ZEND_AST_HALT_COMPILER) {
9964 result->op_type = IS_CONST;
9965 ZVAL_LONG(&result->u.constant, Z_LVAL_P(zend_ast_get_zval(last->child[0])));
9966 zend_string_release_ex(resolved_name, 0);
9967 return;
9968 }
9969 }
9970
9971 if (zend_try_ct_eval_const(&result->u.constant, resolved_name, is_fully_qualified)) {
9972 result->op_type = IS_CONST;
9973 zend_string_release_ex(resolved_name, 0);
9974 return;
9975 }
9976
9977 opline = zend_emit_op_tmp(result, ZEND_FETCH_CONSTANT, NULL, NULL);
9978 opline->op2_type = IS_CONST;
9979
9980 if (is_fully_qualified || !FC(current_namespace)) {
9981 opline->op1.num = 0;
9982 opline->op2.constant = zend_add_const_name_literal(
9983 resolved_name, 0);
9984 } else {
9985 opline->op1.num = IS_CONSTANT_UNQUALIFIED_IN_NAMESPACE;
9986 opline->op2.constant = zend_add_const_name_literal(
9987 resolved_name, 1);
9988 }
9989 opline->extended_value = zend_alloc_cache_slot();
9990 }
9991 /* }}} */
9992
zend_compile_class_const(znode * result,zend_ast * ast)9993 static void zend_compile_class_const(znode *result, zend_ast *ast) /* {{{ */
9994 {
9995 zend_ast *class_ast;
9996 zend_ast *const_ast;
9997 znode class_node, const_node;
9998 zend_op *opline;
9999
10000 zend_eval_const_expr(&ast->child[0]);
10001 zend_eval_const_expr(&ast->child[1]);
10002
10003 class_ast = ast->child[0];
10004 const_ast = ast->child[1];
10005
10006 if (class_ast->kind == ZEND_AST_ZVAL && const_ast->kind == ZEND_AST_ZVAL) {
10007 zval *const_zv = zend_ast_get_zval(const_ast);
10008 if (Z_TYPE_P(const_zv) == IS_STRING) {
10009 zend_string *const_str = Z_STR_P(const_zv);
10010 zend_string *resolved_name = zend_resolve_class_name_ast(class_ast);
10011 if (zend_try_ct_eval_class_const(&result->u.constant, resolved_name, const_str)) {
10012 result->op_type = IS_CONST;
10013 zend_string_release_ex(resolved_name, 0);
10014 return;
10015 }
10016 zend_string_release_ex(resolved_name, 0);
10017 }
10018 }
10019
10020 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
10021
10022 zend_compile_expr(&const_node, const_ast);
10023
10024 opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_CONSTANT, NULL, &const_node);
10025
10026 zend_set_class_name_op1(opline, &class_node);
10027
10028 if (opline->op1_type == IS_CONST || opline->op2_type == IS_CONST) {
10029 opline->extended_value = zend_alloc_cache_slots(2);
10030 }
10031 }
10032 /* }}} */
10033
zend_compile_class_name(znode * result,zend_ast * ast)10034 static void zend_compile_class_name(znode *result, zend_ast *ast) /* {{{ */
10035 {
10036 zend_ast *class_ast = ast->child[0];
10037
10038 if (zend_try_compile_const_expr_resolve_class_name(&result->u.constant, class_ast)) {
10039 result->op_type = IS_CONST;
10040 return;
10041 }
10042
10043 if (class_ast->kind == ZEND_AST_ZVAL) {
10044 zend_op *opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, NULL, NULL);
10045 opline->op1.num = zend_get_class_fetch_type(zend_ast_get_str(class_ast));
10046 } else {
10047 znode expr_node;
10048 zend_compile_expr(&expr_node, class_ast);
10049 if (expr_node.op_type == IS_CONST) {
10050 /* Unlikely case that happen if class_ast is constant folded.
10051 * Handle it here, to avoid needing a CONST specialization in the VM. */
10052 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"::class\" on %s",
10053 zend_zval_value_name(&expr_node.u.constant));
10054 }
10055
10056 zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, &expr_node, NULL);
10057 }
10058 }
10059 /* }}} */
10060
zend_compile_rope_add_ex(zend_op * opline,znode * result,uint32_t num,znode * elem_node)10061 static zend_op *zend_compile_rope_add_ex(zend_op *opline, znode *result, uint32_t num, znode *elem_node) /* {{{ */
10062 {
10063 if (num == 0) {
10064 result->op_type = IS_TMP_VAR;
10065 result->u.op.var = -1;
10066 opline->opcode = ZEND_ROPE_INIT;
10067 } else {
10068 opline->opcode = ZEND_ROPE_ADD;
10069 SET_NODE(opline->op1, result);
10070 }
10071 SET_NODE(opline->op2, elem_node);
10072 SET_NODE(opline->result, result);
10073 opline->extended_value = num;
10074 return opline;
10075 }
10076 /* }}} */
10077
zend_compile_rope_add(znode * result,uint32_t num,znode * elem_node)10078 static zend_op *zend_compile_rope_add(znode *result, uint32_t num, znode *elem_node) /* {{{ */
10079 {
10080 zend_op *opline = get_next_op();
10081
10082 if (num == 0) {
10083 result->op_type = IS_TMP_VAR;
10084 result->u.op.var = -1;
10085 opline->opcode = ZEND_ROPE_INIT;
10086 } else {
10087 opline->opcode = ZEND_ROPE_ADD;
10088 SET_NODE(opline->op1, result);
10089 }
10090 SET_NODE(opline->op2, elem_node);
10091 SET_NODE(opline->result, result);
10092 opline->extended_value = num;
10093 return opline;
10094 }
10095 /* }}} */
10096
zend_compile_encaps_list(znode * result,zend_ast * ast)10097 static void zend_compile_encaps_list(znode *result, zend_ast *ast) /* {{{ */
10098 {
10099 uint32_t i, j;
10100 uint32_t rope_init_lineno = -1;
10101 zend_op *opline = NULL, *init_opline;
10102 znode elem_node, last_const_node;
10103 zend_ast_list *list = zend_ast_get_list(ast);
10104 uint32_t reserved_op_number = -1;
10105
10106 ZEND_ASSERT(list->children > 0);
10107
10108 j = 0;
10109 last_const_node.op_type = IS_UNUSED;
10110 for (i = 0; i < list->children; i++) {
10111 zend_ast *encaps_var = list->child[i];
10112
10113 if (encaps_var->attr & (ZEND_ENCAPS_VAR_DOLLAR_CURLY|ZEND_ENCAPS_VAR_DOLLAR_CURLY_VAR_VAR)) {
10114 if ((encaps_var->kind == ZEND_AST_VAR || encaps_var->kind == ZEND_AST_DIM) && (encaps_var->attr & ZEND_ENCAPS_VAR_DOLLAR_CURLY)) {
10115 zend_error(E_DEPRECATED, "Using ${var} in strings is deprecated, use {$var} instead");
10116 } else if (encaps_var->kind == ZEND_AST_VAR && (encaps_var->attr & ZEND_ENCAPS_VAR_DOLLAR_CURLY_VAR_VAR)) {
10117 zend_error(E_DEPRECATED, "Using ${expr} (variable variables) in strings is deprecated, use {${expr}} instead");
10118 }
10119 }
10120
10121 zend_compile_expr(&elem_node, encaps_var);
10122
10123 if (elem_node.op_type == IS_CONST) {
10124 convert_to_string(&elem_node.u.constant);
10125
10126 if (Z_STRLEN(elem_node.u.constant) == 0) {
10127 zval_ptr_dtor(&elem_node.u.constant);
10128 } else if (last_const_node.op_type == IS_CONST) {
10129 concat_function(&last_const_node.u.constant, &last_const_node.u.constant, &elem_node.u.constant);
10130 zval_ptr_dtor(&elem_node.u.constant);
10131 } else {
10132 last_const_node.op_type = IS_CONST;
10133 ZVAL_COPY_VALUE(&last_const_node.u.constant, &elem_node.u.constant);
10134 /* Reserve place for ZEND_ROPE_ADD instruction */
10135 reserved_op_number = get_next_op_number();
10136 opline = get_next_op();
10137 opline->opcode = ZEND_NOP;
10138 }
10139 continue;
10140 } else {
10141 if (j == 0) {
10142 if (last_const_node.op_type == IS_CONST) {
10143 rope_init_lineno = reserved_op_number;
10144 } else {
10145 rope_init_lineno = get_next_op_number();
10146 }
10147 }
10148 if (last_const_node.op_type == IS_CONST) {
10149 opline = &CG(active_op_array)->opcodes[reserved_op_number];
10150 zend_compile_rope_add_ex(opline, result, j++, &last_const_node);
10151 last_const_node.op_type = IS_UNUSED;
10152 }
10153 opline = zend_compile_rope_add(result, j++, &elem_node);
10154 }
10155 }
10156
10157 if (j == 0) {
10158 result->op_type = IS_CONST;
10159 if (last_const_node.op_type == IS_CONST) {
10160 ZVAL_COPY_VALUE(&result->u.constant, &last_const_node.u.constant);
10161 } else {
10162 ZVAL_EMPTY_STRING(&result->u.constant);
10163 /* empty string */
10164 }
10165 CG(active_op_array)->last = reserved_op_number - 1;
10166 return;
10167 } else if (last_const_node.op_type == IS_CONST) {
10168 opline = &CG(active_op_array)->opcodes[reserved_op_number];
10169 opline = zend_compile_rope_add_ex(opline, result, j++, &last_const_node);
10170 }
10171 init_opline = CG(active_op_array)->opcodes + rope_init_lineno;
10172 if (j == 1) {
10173 if (opline->op2_type == IS_CONST) {
10174 GET_NODE(result, opline->op2);
10175 MAKE_NOP(opline);
10176 } else {
10177 opline->opcode = ZEND_CAST;
10178 opline->extended_value = IS_STRING;
10179 opline->op1_type = opline->op2_type;
10180 opline->op1 = opline->op2;
10181 SET_UNUSED(opline->op2);
10182 zend_make_tmp_result(result, opline);
10183 }
10184 } else if (j == 2) {
10185 opline->opcode = ZEND_FAST_CONCAT;
10186 opline->extended_value = 0;
10187 opline->op1_type = init_opline->op2_type;
10188 opline->op1 = init_opline->op2;
10189 zend_make_tmp_result(result, opline);
10190 MAKE_NOP(init_opline);
10191 } else {
10192 uint32_t var;
10193
10194 init_opline->extended_value = j;
10195 opline->opcode = ZEND_ROPE_END;
10196 zend_make_tmp_result(result, opline);
10197 var = opline->op1.var = get_temporary_variable();
10198
10199 /* Allocates the necessary number of zval slots to keep the rope */
10200 i = ((j * sizeof(zend_string*)) + (sizeof(zval) - 1)) / sizeof(zval);
10201 while (i > 1) {
10202 get_temporary_variable();
10203 i--;
10204 }
10205
10206 /* Update all the previous opcodes to use the same variable */
10207 while (opline != init_opline) {
10208 opline--;
10209 if (opline->opcode == ZEND_ROPE_ADD &&
10210 opline->result.var == (uint32_t)-1) {
10211 opline->op1.var = var;
10212 opline->result.var = var;
10213 } else if (opline->opcode == ZEND_ROPE_INIT &&
10214 opline->result.var == (uint32_t)-1) {
10215 opline->result.var = var;
10216 }
10217 }
10218 }
10219 }
10220 /* }}} */
10221
zend_compile_magic_const(znode * result,zend_ast * ast)10222 static void zend_compile_magic_const(znode *result, zend_ast *ast) /* {{{ */
10223 {
10224 zend_op *opline;
10225
10226 if (zend_try_ct_eval_magic_const(&result->u.constant, ast)) {
10227 result->op_type = IS_CONST;
10228 return;
10229 }
10230
10231 ZEND_ASSERT(ast->attr == T_CLASS_C &&
10232 CG(active_class_entry) &&
10233 (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) != 0);
10234
10235 opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, NULL, NULL);
10236 opline->op1.num = ZEND_FETCH_CLASS_SELF;
10237 }
10238 /* }}} */
10239
zend_is_allowed_in_const_expr(zend_ast_kind kind)10240 static bool zend_is_allowed_in_const_expr(zend_ast_kind kind) /* {{{ */
10241 {
10242 return kind == ZEND_AST_ZVAL || kind == ZEND_AST_BINARY_OP
10243 || kind == ZEND_AST_GREATER || kind == ZEND_AST_GREATER_EQUAL
10244 || kind == ZEND_AST_AND || kind == ZEND_AST_OR
10245 || kind == ZEND_AST_UNARY_OP
10246 || kind == ZEND_AST_UNARY_PLUS || kind == ZEND_AST_UNARY_MINUS
10247 || kind == ZEND_AST_CONDITIONAL || kind == ZEND_AST_DIM
10248 || kind == ZEND_AST_ARRAY || kind == ZEND_AST_ARRAY_ELEM
10249 || kind == ZEND_AST_UNPACK
10250 || kind == ZEND_AST_CONST || kind == ZEND_AST_CLASS_CONST
10251 || kind == ZEND_AST_CLASS_NAME
10252 || kind == ZEND_AST_MAGIC_CONST || kind == ZEND_AST_COALESCE
10253 || kind == ZEND_AST_CONST_ENUM_INIT
10254 || kind == ZEND_AST_NEW || kind == ZEND_AST_ARG_LIST
10255 || kind == ZEND_AST_NAMED_ARG
10256 || kind == ZEND_AST_PROP || kind == ZEND_AST_NULLSAFE_PROP;
10257 }
10258 /* }}} */
10259
zend_compile_const_expr_class_const(zend_ast ** ast_ptr)10260 static void zend_compile_const_expr_class_const(zend_ast **ast_ptr) /* {{{ */
10261 {
10262 zend_ast *ast = *ast_ptr;
10263 zend_ast *class_ast = ast->child[0];
10264 zend_string *class_name;
10265 int fetch_type;
10266
10267 if (class_ast->kind != ZEND_AST_ZVAL) {
10268 zend_error_noreturn(E_COMPILE_ERROR,
10269 "Dynamic class names are not allowed in compile-time class constant references");
10270 }
10271 if (Z_TYPE_P(zend_ast_get_zval(class_ast)) != IS_STRING) {
10272 zend_throw_error(NULL, "Class name must be a valid object or a string");
10273 }
10274
10275 class_name = zend_ast_get_str(class_ast);
10276 fetch_type = zend_get_class_fetch_type(class_name);
10277
10278 if (ZEND_FETCH_CLASS_STATIC == fetch_type) {
10279 zend_error_noreturn(E_COMPILE_ERROR,
10280 "\"static::\" is not allowed in compile-time constants");
10281 }
10282
10283 if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
10284 zend_string *tmp = zend_resolve_class_name_ast(class_ast);
10285
10286 zend_string_release_ex(class_name, 0);
10287 if (tmp != class_name) {
10288 zval *zv = zend_ast_get_zval(class_ast);
10289 ZVAL_STR(zv, tmp);
10290 class_ast->attr = ZEND_NAME_FQ;
10291 }
10292 }
10293
10294 ast->attr |= ZEND_FETCH_CLASS_EXCEPTION;
10295 }
10296 /* }}} */
10297
zend_compile_const_expr_class_name(zend_ast ** ast_ptr)10298 static void zend_compile_const_expr_class_name(zend_ast **ast_ptr) /* {{{ */
10299 {
10300 zend_ast *ast = *ast_ptr;
10301 zend_ast *class_ast = ast->child[0];
10302 if (class_ast->kind != ZEND_AST_ZVAL) {
10303 zend_error_noreturn(E_COMPILE_ERROR,
10304 "(expression)::class cannot be used in constant expressions");
10305 }
10306
10307 zend_string *class_name = zend_ast_get_str(class_ast);
10308 uint32_t fetch_type = zend_get_class_fetch_type(class_name);
10309
10310 switch (fetch_type) {
10311 case ZEND_FETCH_CLASS_SELF:
10312 case ZEND_FETCH_CLASS_PARENT:
10313 /* For the const-eval representation store the fetch type instead of the name. */
10314 zend_string_release(class_name);
10315 ast->child[0] = NULL;
10316 ast->attr = fetch_type;
10317 return;
10318 case ZEND_FETCH_CLASS_STATIC:
10319 zend_error_noreturn(E_COMPILE_ERROR,
10320 "static::class cannot be used for compile-time class name resolution");
10321 return;
10322 EMPTY_SWITCH_DEFAULT_CASE()
10323 }
10324 }
10325
zend_compile_const_expr_const(zend_ast ** ast_ptr)10326 static void zend_compile_const_expr_const(zend_ast **ast_ptr) /* {{{ */
10327 {
10328 zend_ast *ast = *ast_ptr;
10329 zend_ast *name_ast = ast->child[0];
10330 zend_string *orig_name = zend_ast_get_str(name_ast);
10331 bool is_fully_qualified;
10332 zval result;
10333 zend_string *resolved_name;
10334
10335 CG(zend_lineno) = zend_ast_get_lineno(ast);
10336
10337 resolved_name = zend_resolve_const_name(
10338 orig_name, name_ast->attr, &is_fully_qualified);
10339
10340 if (zend_try_ct_eval_const(&result, resolved_name, is_fully_qualified)) {
10341 zend_string_release_ex(resolved_name, 0);
10342 zend_ast_destroy(ast);
10343 *ast_ptr = zend_ast_create_zval(&result);
10344 return;
10345 }
10346
10347 zend_ast_destroy(ast);
10348 *ast_ptr = zend_ast_create_constant(resolved_name,
10349 !is_fully_qualified && FC(current_namespace) ? IS_CONSTANT_UNQUALIFIED_IN_NAMESPACE : 0);
10350 }
10351 /* }}} */
10352
zend_compile_const_expr_magic_const(zend_ast ** ast_ptr)10353 static void zend_compile_const_expr_magic_const(zend_ast **ast_ptr) /* {{{ */
10354 {
10355 zend_ast *ast = *ast_ptr;
10356
10357 /* Other cases already resolved by constant folding */
10358 ZEND_ASSERT(ast->attr == T_CLASS_C);
10359
10360 zend_ast_destroy(ast);
10361 *ast_ptr = zend_ast_create(ZEND_AST_CONSTANT_CLASS);
10362 }
10363 /* }}} */
10364
zend_compile_const_expr_new(zend_ast ** ast_ptr)10365 static void zend_compile_const_expr_new(zend_ast **ast_ptr)
10366 {
10367 zend_ast *class_ast = (*ast_ptr)->child[0];
10368 if (class_ast->kind == ZEND_AST_CLASS) {
10369 zend_error_noreturn(E_COMPILE_ERROR,
10370 "Cannot use anonymous class in constant expression");
10371 }
10372 if (class_ast->kind != ZEND_AST_ZVAL) {
10373 zend_error_noreturn(E_COMPILE_ERROR,
10374 "Cannot use dynamic class name in constant expression");
10375 }
10376
10377 zend_string *class_name = zend_resolve_class_name_ast(class_ast);
10378 int fetch_type = zend_get_class_fetch_type(class_name);
10379 if (ZEND_FETCH_CLASS_STATIC == fetch_type) {
10380 zend_error_noreturn(E_COMPILE_ERROR,
10381 "\"static\" is not allowed in compile-time constants");
10382 }
10383
10384 zval *class_ast_zv = zend_ast_get_zval(class_ast);
10385 zval_ptr_dtor_nogc(class_ast_zv);
10386 ZVAL_STR(class_ast_zv, class_name);
10387 class_ast->attr = fetch_type << ZEND_CONST_EXPR_NEW_FETCH_TYPE_SHIFT;
10388 }
10389
zend_compile_const_expr_args(zend_ast ** ast_ptr)10390 static void zend_compile_const_expr_args(zend_ast **ast_ptr)
10391 {
10392 zend_ast_list *list = zend_ast_get_list(*ast_ptr);
10393 bool uses_named_args = false;
10394 for (uint32_t i = 0; i < list->children; i++) {
10395 zend_ast *arg = list->child[i];
10396 if (arg->kind == ZEND_AST_UNPACK) {
10397 zend_error_noreturn(E_COMPILE_ERROR,
10398 "Argument unpacking in constant expressions is not supported");
10399 }
10400 if (arg->kind == ZEND_AST_NAMED_ARG) {
10401 uses_named_args = true;
10402 } else if (uses_named_args) {
10403 zend_error_noreturn(E_COMPILE_ERROR,
10404 "Cannot use positional argument after named argument");
10405 }
10406 }
10407 if (uses_named_args) {
10408 list->attr = 1;
10409 }
10410 }
10411
10412 typedef struct {
10413 /* Whether the value of this expression may differ on each evaluation. */
10414 bool allow_dynamic;
10415 } const_expr_context;
10416
zend_compile_const_expr(zend_ast ** ast_ptr,void * context)10417 static void zend_compile_const_expr(zend_ast **ast_ptr, void *context) /* {{{ */
10418 {
10419 const_expr_context *ctx = (const_expr_context *) context;
10420 zend_ast *ast = *ast_ptr;
10421 if (ast == NULL || ast->kind == ZEND_AST_ZVAL) {
10422 return;
10423 }
10424
10425 if (!zend_is_allowed_in_const_expr(ast->kind)) {
10426 zend_error_noreturn(E_COMPILE_ERROR, "Constant expression contains invalid operations");
10427 }
10428
10429 switch (ast->kind) {
10430 case ZEND_AST_CLASS_CONST:
10431 zend_compile_const_expr_class_const(ast_ptr);
10432 break;
10433 case ZEND_AST_CLASS_NAME:
10434 zend_compile_const_expr_class_name(ast_ptr);
10435 break;
10436 case ZEND_AST_CONST:
10437 zend_compile_const_expr_const(ast_ptr);
10438 break;
10439 case ZEND_AST_MAGIC_CONST:
10440 zend_compile_const_expr_magic_const(ast_ptr);
10441 break;
10442 case ZEND_AST_NEW:
10443 if (!ctx->allow_dynamic) {
10444 zend_error_noreturn(E_COMPILE_ERROR,
10445 "New expressions are not supported in this context");
10446 }
10447 zend_compile_const_expr_new(ast_ptr);
10448 break;
10449 case ZEND_AST_ARG_LIST:
10450 zend_compile_const_expr_args(ast_ptr);
10451 break;
10452 }
10453
10454 zend_ast_apply(ast, zend_compile_const_expr, context);
10455 }
10456 /* }}} */
10457
zend_const_expr_to_zval(zval * result,zend_ast ** ast_ptr,bool allow_dynamic)10458 void zend_const_expr_to_zval(zval *result, zend_ast **ast_ptr, bool allow_dynamic) /* {{{ */
10459 {
10460 const_expr_context context;
10461 context.allow_dynamic = allow_dynamic;
10462
10463 zend_eval_const_expr(ast_ptr);
10464 zend_compile_const_expr(ast_ptr, &context);
10465 if ((*ast_ptr)->kind != ZEND_AST_ZVAL) {
10466 /* Replace with compiled AST zval representation. */
10467 zval ast_zv;
10468 ZVAL_AST(&ast_zv, zend_ast_copy(*ast_ptr));
10469 zend_ast_destroy(*ast_ptr);
10470 *ast_ptr = zend_ast_create_zval(&ast_zv);
10471 }
10472 ZVAL_COPY(result, zend_ast_get_zval(*ast_ptr));
10473 }
10474 /* }}} */
10475
10476 /* Same as compile_stmt, but with early binding */
zend_compile_top_stmt(zend_ast * ast)10477 void zend_compile_top_stmt(zend_ast *ast) /* {{{ */
10478 {
10479 if (!ast) {
10480 return;
10481 }
10482
10483 if (ast->kind == ZEND_AST_STMT_LIST) {
10484 zend_ast_list *list = zend_ast_get_list(ast);
10485 uint32_t i;
10486 for (i = 0; i < list->children; ++i) {
10487 zend_compile_top_stmt(list->child[i]);
10488 }
10489 return;
10490 }
10491
10492 if (ast->kind == ZEND_AST_FUNC_DECL) {
10493 CG(zend_lineno) = ast->lineno;
10494 zend_compile_func_decl(NULL, ast, 1);
10495 CG(zend_lineno) = ((zend_ast_decl *) ast)->end_lineno;
10496 } else if (ast->kind == ZEND_AST_CLASS) {
10497 CG(zend_lineno) = ast->lineno;
10498 zend_compile_class_decl(NULL, ast, 1);
10499 CG(zend_lineno) = ((zend_ast_decl *) ast)->end_lineno;
10500 } else {
10501 zend_compile_stmt(ast);
10502 }
10503 if (ast->kind != ZEND_AST_NAMESPACE && ast->kind != ZEND_AST_HALT_COMPILER) {
10504 zend_verify_namespace();
10505 }
10506 }
10507 /* }}} */
10508
zend_compile_stmt(zend_ast * ast)10509 static void zend_compile_stmt(zend_ast *ast) /* {{{ */
10510 {
10511 if (!ast) {
10512 return;
10513 }
10514
10515 CG(zend_lineno) = ast->lineno;
10516
10517 if ((CG(compiler_options) & ZEND_COMPILE_EXTENDED_STMT) && !zend_is_unticked_stmt(ast)) {
10518 zend_do_extended_stmt();
10519 }
10520
10521 switch (ast->kind) {
10522 case ZEND_AST_STMT_LIST:
10523 zend_compile_stmt_list(ast);
10524 break;
10525 case ZEND_AST_GLOBAL:
10526 zend_compile_global_var(ast);
10527 break;
10528 case ZEND_AST_STATIC:
10529 zend_compile_static_var(ast);
10530 break;
10531 case ZEND_AST_UNSET:
10532 zend_compile_unset(ast);
10533 break;
10534 case ZEND_AST_RETURN:
10535 zend_compile_return(ast);
10536 break;
10537 case ZEND_AST_ECHO:
10538 zend_compile_echo(ast);
10539 break;
10540 case ZEND_AST_BREAK:
10541 case ZEND_AST_CONTINUE:
10542 zend_compile_break_continue(ast);
10543 break;
10544 case ZEND_AST_GOTO:
10545 zend_compile_goto(ast);
10546 break;
10547 case ZEND_AST_LABEL:
10548 zend_compile_label(ast);
10549 break;
10550 case ZEND_AST_WHILE:
10551 zend_compile_while(ast);
10552 break;
10553 case ZEND_AST_DO_WHILE:
10554 zend_compile_do_while(ast);
10555 break;
10556 case ZEND_AST_FOR:
10557 zend_compile_for(ast);
10558 break;
10559 case ZEND_AST_FOREACH:
10560 zend_compile_foreach(ast);
10561 break;
10562 case ZEND_AST_IF:
10563 zend_compile_if(ast);
10564 break;
10565 case ZEND_AST_SWITCH:
10566 zend_compile_switch(ast);
10567 break;
10568 case ZEND_AST_TRY:
10569 zend_compile_try(ast);
10570 break;
10571 case ZEND_AST_DECLARE:
10572 zend_compile_declare(ast);
10573 break;
10574 case ZEND_AST_FUNC_DECL:
10575 case ZEND_AST_METHOD:
10576 zend_compile_func_decl(NULL, ast, 0);
10577 break;
10578 case ZEND_AST_ENUM_CASE:
10579 zend_compile_enum_case(ast);
10580 break;
10581 case ZEND_AST_PROP_GROUP:
10582 zend_compile_prop_group(ast);
10583 break;
10584 case ZEND_AST_CLASS_CONST_GROUP:
10585 zend_compile_class_const_group(ast);
10586 break;
10587 case ZEND_AST_USE_TRAIT:
10588 zend_compile_use_trait(ast);
10589 break;
10590 case ZEND_AST_CLASS:
10591 zend_compile_class_decl(NULL, ast, 0);
10592 break;
10593 case ZEND_AST_GROUP_USE:
10594 zend_compile_group_use(ast);
10595 break;
10596 case ZEND_AST_USE:
10597 zend_compile_use(ast);
10598 break;
10599 case ZEND_AST_CONST_DECL:
10600 zend_compile_const_decl(ast);
10601 break;
10602 case ZEND_AST_NAMESPACE:
10603 zend_compile_namespace(ast);
10604 break;
10605 case ZEND_AST_HALT_COMPILER:
10606 zend_compile_halt_compiler(ast);
10607 break;
10608 case ZEND_AST_THROW:
10609 case ZEND_AST_EXIT:
10610 zend_compile_expr(NULL, ast);
10611 break;
10612 default:
10613 {
10614 znode result;
10615 zend_compile_expr(&result, ast);
10616 zend_do_free(&result);
10617 }
10618 }
10619
10620 if (FC(declarables).ticks && !zend_is_unticked_stmt(ast)) {
10621 zend_emit_tick();
10622 }
10623 }
10624 /* }}} */
10625
zend_compile_expr_inner(znode * result,zend_ast * ast)10626 static void zend_compile_expr_inner(znode *result, zend_ast *ast) /* {{{ */
10627 {
10628 /* CG(zend_lineno) = ast->lineno; */
10629 CG(zend_lineno) = zend_ast_get_lineno(ast);
10630
10631 if (CG(memoize_mode) != ZEND_MEMOIZE_NONE) {
10632 zend_compile_memoized_expr(result, ast);
10633 return;
10634 }
10635
10636 switch (ast->kind) {
10637 case ZEND_AST_ZVAL:
10638 ZVAL_COPY(&result->u.constant, zend_ast_get_zval(ast));
10639 result->op_type = IS_CONST;
10640 return;
10641 case ZEND_AST_ZNODE:
10642 *result = *zend_ast_get_znode(ast);
10643 return;
10644 case ZEND_AST_VAR:
10645 case ZEND_AST_DIM:
10646 case ZEND_AST_PROP:
10647 case ZEND_AST_NULLSAFE_PROP:
10648 case ZEND_AST_STATIC_PROP:
10649 case ZEND_AST_CALL:
10650 case ZEND_AST_METHOD_CALL:
10651 case ZEND_AST_NULLSAFE_METHOD_CALL:
10652 case ZEND_AST_STATIC_CALL:
10653 zend_compile_var(result, ast, BP_VAR_R, 0);
10654 return;
10655 case ZEND_AST_ASSIGN:
10656 zend_compile_assign(result, ast);
10657 return;
10658 case ZEND_AST_ASSIGN_REF:
10659 zend_compile_assign_ref(result, ast);
10660 return;
10661 case ZEND_AST_NEW:
10662 zend_compile_new(result, ast);
10663 return;
10664 case ZEND_AST_CLONE:
10665 zend_compile_clone(result, ast);
10666 return;
10667 case ZEND_AST_ASSIGN_OP:
10668 zend_compile_compound_assign(result, ast);
10669 return;
10670 case ZEND_AST_BINARY_OP:
10671 zend_compile_binary_op(result, ast);
10672 return;
10673 case ZEND_AST_GREATER:
10674 case ZEND_AST_GREATER_EQUAL:
10675 zend_compile_greater(result, ast);
10676 return;
10677 case ZEND_AST_UNARY_OP:
10678 zend_compile_unary_op(result, ast);
10679 return;
10680 case ZEND_AST_UNARY_PLUS:
10681 case ZEND_AST_UNARY_MINUS:
10682 zend_compile_unary_pm(result, ast);
10683 return;
10684 case ZEND_AST_AND:
10685 case ZEND_AST_OR:
10686 zend_compile_short_circuiting(result, ast);
10687 return;
10688 case ZEND_AST_POST_INC:
10689 case ZEND_AST_POST_DEC:
10690 zend_compile_post_incdec(result, ast);
10691 return;
10692 case ZEND_AST_PRE_INC:
10693 case ZEND_AST_PRE_DEC:
10694 zend_compile_pre_incdec(result, ast);
10695 return;
10696 case ZEND_AST_CAST:
10697 zend_compile_cast(result, ast);
10698 return;
10699 case ZEND_AST_CONDITIONAL:
10700 zend_compile_conditional(result, ast);
10701 return;
10702 case ZEND_AST_COALESCE:
10703 zend_compile_coalesce(result, ast);
10704 return;
10705 case ZEND_AST_ASSIGN_COALESCE:
10706 zend_compile_assign_coalesce(result, ast);
10707 return;
10708 case ZEND_AST_PRINT:
10709 zend_compile_print(result, ast);
10710 return;
10711 case ZEND_AST_EXIT:
10712 zend_compile_exit(result, ast);
10713 return;
10714 case ZEND_AST_YIELD:
10715 zend_compile_yield(result, ast);
10716 return;
10717 case ZEND_AST_YIELD_FROM:
10718 zend_compile_yield_from(result, ast);
10719 return;
10720 case ZEND_AST_INSTANCEOF:
10721 zend_compile_instanceof(result, ast);
10722 return;
10723 case ZEND_AST_INCLUDE_OR_EVAL:
10724 zend_compile_include_or_eval(result, ast);
10725 return;
10726 case ZEND_AST_ISSET:
10727 case ZEND_AST_EMPTY:
10728 zend_compile_isset_or_empty(result, ast);
10729 return;
10730 case ZEND_AST_SILENCE:
10731 zend_compile_silence(result, ast);
10732 return;
10733 case ZEND_AST_SHELL_EXEC:
10734 zend_compile_shell_exec(result, ast);
10735 return;
10736 case ZEND_AST_ARRAY:
10737 zend_compile_array(result, ast);
10738 return;
10739 case ZEND_AST_CONST:
10740 zend_compile_const(result, ast);
10741 return;
10742 case ZEND_AST_CLASS_CONST:
10743 zend_compile_class_const(result, ast);
10744 return;
10745 case ZEND_AST_CLASS_NAME:
10746 zend_compile_class_name(result, ast);
10747 return;
10748 case ZEND_AST_ENCAPS_LIST:
10749 zend_compile_encaps_list(result, ast);
10750 return;
10751 case ZEND_AST_MAGIC_CONST:
10752 zend_compile_magic_const(result, ast);
10753 return;
10754 case ZEND_AST_CLOSURE:
10755 case ZEND_AST_ARROW_FUNC:
10756 zend_compile_func_decl(result, ast, 0);
10757 return;
10758 case ZEND_AST_THROW:
10759 zend_compile_throw(result, ast);
10760 return;
10761 case ZEND_AST_MATCH:
10762 zend_compile_match(result, ast);
10763 return;
10764 default:
10765 ZEND_ASSERT(0 /* not supported */);
10766 }
10767 }
10768 /* }}} */
10769
zend_compile_expr(znode * result,zend_ast * ast)10770 static void zend_compile_expr(znode *result, zend_ast *ast)
10771 {
10772 zend_check_stack_limit();
10773
10774 uint32_t checkpoint = zend_short_circuiting_checkpoint();
10775 zend_compile_expr_inner(result, ast);
10776 zend_short_circuiting_commit(checkpoint, result, ast);
10777 }
10778
zend_compile_var_inner(znode * result,zend_ast * ast,uint32_t type,bool by_ref)10779 static zend_op *zend_compile_var_inner(znode *result, zend_ast *ast, uint32_t type, bool by_ref)
10780 {
10781 CG(zend_lineno) = zend_ast_get_lineno(ast);
10782
10783 if (CG(memoize_mode) != ZEND_MEMOIZE_NONE) {
10784 switch (ast->kind) {
10785 case ZEND_AST_CALL:
10786 case ZEND_AST_METHOD_CALL:
10787 case ZEND_AST_NULLSAFE_METHOD_CALL:
10788 case ZEND_AST_STATIC_CALL:
10789 zend_compile_memoized_expr(result, ast);
10790 /* This might not actually produce an opcode, e.g. for expressions evaluated at comptime. */
10791 return NULL;
10792 }
10793 }
10794
10795 switch (ast->kind) {
10796 case ZEND_AST_VAR:
10797 return zend_compile_simple_var(result, ast, type, 0);
10798 case ZEND_AST_DIM:
10799 return zend_compile_dim(result, ast, type, by_ref);
10800 case ZEND_AST_PROP:
10801 case ZEND_AST_NULLSAFE_PROP:
10802 return zend_compile_prop(result, ast, type, by_ref);
10803 case ZEND_AST_STATIC_PROP:
10804 return zend_compile_static_prop(result, ast, type, by_ref, 0);
10805 case ZEND_AST_CALL:
10806 zend_compile_call(result, ast, type);
10807 return NULL;
10808 case ZEND_AST_METHOD_CALL:
10809 case ZEND_AST_NULLSAFE_METHOD_CALL:
10810 zend_compile_method_call(result, ast, type);
10811 return NULL;
10812 case ZEND_AST_STATIC_CALL:
10813 zend_compile_static_call(result, ast, type);
10814 return NULL;
10815 case ZEND_AST_ZNODE:
10816 *result = *zend_ast_get_znode(ast);
10817 return NULL;
10818 default:
10819 if (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET) {
10820 zend_error_noreturn(E_COMPILE_ERROR,
10821 "Cannot use temporary expression in write context");
10822 }
10823
10824 zend_compile_expr(result, ast);
10825 return NULL;
10826 }
10827 }
10828
zend_compile_var(znode * result,zend_ast * ast,uint32_t type,bool by_ref)10829 static zend_op *zend_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
10830 {
10831 uint32_t checkpoint = zend_short_circuiting_checkpoint();
10832 zend_op *opcode = zend_compile_var_inner(result, ast, type, by_ref);
10833 zend_short_circuiting_commit(checkpoint, result, ast);
10834 return opcode;
10835 }
10836
zend_delayed_compile_var(znode * result,zend_ast * ast,uint32_t type,bool by_ref)10837 static zend_op *zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
10838 {
10839 switch (ast->kind) {
10840 case ZEND_AST_VAR:
10841 return zend_compile_simple_var(result, ast, type, 1);
10842 case ZEND_AST_DIM:
10843 return zend_delayed_compile_dim(result, ast, type, by_ref);
10844 case ZEND_AST_PROP:
10845 case ZEND_AST_NULLSAFE_PROP:
10846 {
10847 zend_op *opline = zend_delayed_compile_prop(result, ast, type);
10848 if (by_ref) {
10849 opline->extended_value |= ZEND_FETCH_REF;
10850 }
10851 return opline;
10852 }
10853 case ZEND_AST_STATIC_PROP:
10854 return zend_compile_static_prop(result, ast, type, by_ref, 1);
10855 default:
10856 return zend_compile_var(result, ast, type, 0);
10857 }
10858 }
10859 /* }}} */
10860
zend_eval_const_expr(zend_ast ** ast_ptr)10861 static void zend_eval_const_expr(zend_ast **ast_ptr) /* {{{ */
10862 {
10863 zend_ast *ast = *ast_ptr;
10864 zval result;
10865
10866 if (!ast) {
10867 return;
10868 }
10869
10870 zend_check_stack_limit();
10871
10872 switch (ast->kind) {
10873 case ZEND_AST_BINARY_OP:
10874 zend_eval_const_expr(&ast->child[0]);
10875 zend_eval_const_expr(&ast->child[1]);
10876 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
10877 return;
10878 }
10879
10880 if (!zend_try_ct_eval_binary_op(&result, ast->attr,
10881 zend_ast_get_zval(ast->child[0]), zend_ast_get_zval(ast->child[1]))
10882 ) {
10883 return;
10884 }
10885 break;
10886 case ZEND_AST_GREATER:
10887 case ZEND_AST_GREATER_EQUAL:
10888 zend_eval_const_expr(&ast->child[0]);
10889 zend_eval_const_expr(&ast->child[1]);
10890 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
10891 return;
10892 }
10893
10894 zend_ct_eval_greater(&result, ast->kind,
10895 zend_ast_get_zval(ast->child[0]), zend_ast_get_zval(ast->child[1]));
10896 break;
10897 case ZEND_AST_AND:
10898 case ZEND_AST_OR:
10899 {
10900 bool child0_is_true, child1_is_true;
10901 zend_eval_const_expr(&ast->child[0]);
10902 zend_eval_const_expr(&ast->child[1]);
10903 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10904 return;
10905 }
10906
10907 child0_is_true = zend_is_true(zend_ast_get_zval(ast->child[0]));
10908 if (child0_is_true == (ast->kind == ZEND_AST_OR)) {
10909 ZVAL_BOOL(&result, ast->kind == ZEND_AST_OR);
10910 break;
10911 }
10912
10913 if (ast->child[1]->kind != ZEND_AST_ZVAL) {
10914 return;
10915 }
10916
10917 child1_is_true = zend_is_true(zend_ast_get_zval(ast->child[1]));
10918 if (ast->kind == ZEND_AST_OR) {
10919 ZVAL_BOOL(&result, child0_is_true || child1_is_true);
10920 } else {
10921 ZVAL_BOOL(&result, child0_is_true && child1_is_true);
10922 }
10923 break;
10924 }
10925 case ZEND_AST_UNARY_OP:
10926 zend_eval_const_expr(&ast->child[0]);
10927 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10928 return;
10929 }
10930
10931 if (!zend_try_ct_eval_unary_op(&result, ast->attr, zend_ast_get_zval(ast->child[0]))) {
10932 return;
10933 }
10934 break;
10935 case ZEND_AST_UNARY_PLUS:
10936 case ZEND_AST_UNARY_MINUS:
10937 zend_eval_const_expr(&ast->child[0]);
10938 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10939 return;
10940 }
10941
10942 if (!zend_try_ct_eval_unary_pm(&result, ast->kind, zend_ast_get_zval(ast->child[0]))) {
10943 return;
10944 }
10945 break;
10946 case ZEND_AST_COALESCE:
10947 /* Set isset fetch indicator here, opcache disallows runtime altering of the AST */
10948 if (ast->child[0]->kind == ZEND_AST_DIM) {
10949 ast->child[0]->attr |= ZEND_DIM_IS;
10950 }
10951 zend_eval_const_expr(&ast->child[0]);
10952
10953 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10954 /* ensure everything was compile-time evaluated at least once */
10955 zend_eval_const_expr(&ast->child[1]);
10956 return;
10957 }
10958
10959 if (Z_TYPE_P(zend_ast_get_zval(ast->child[0])) == IS_NULL) {
10960 zend_eval_const_expr(&ast->child[1]);
10961 *ast_ptr = ast->child[1];
10962 ast->child[1] = NULL;
10963 zend_ast_destroy(ast);
10964 } else {
10965 *ast_ptr = ast->child[0];
10966 ast->child[0] = NULL;
10967 zend_ast_destroy(ast);
10968 }
10969 return;
10970 case ZEND_AST_CONDITIONAL:
10971 {
10972 zend_ast **child, *child_ast;
10973 zend_eval_const_expr(&ast->child[0]);
10974 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10975 /* ensure everything was compile-time evaluated at least once */
10976 if (ast->child[1]) {
10977 zend_eval_const_expr(&ast->child[1]);
10978 }
10979 zend_eval_const_expr(&ast->child[2]);
10980 return;
10981 }
10982
10983 child = &ast->child[2 - zend_is_true(zend_ast_get_zval(ast->child[0]))];
10984 if (*child == NULL) {
10985 child--;
10986 }
10987 child_ast = *child;
10988 *child = NULL;
10989 zend_ast_destroy(ast);
10990 *ast_ptr = child_ast;
10991 zend_eval_const_expr(ast_ptr);
10992 return;
10993 }
10994 case ZEND_AST_DIM:
10995 {
10996 /* constant expression should be always read context ... */
10997 zval *container, *dim;
10998
10999 if (ast->child[1] == NULL) {
11000 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
11001 }
11002
11003 if (ast->attr & ZEND_DIM_ALTERNATIVE_SYNTAX) {
11004 ast->attr &= ~ZEND_DIM_ALTERNATIVE_SYNTAX; /* remove flag to avoid duplicate warning */
11005 zend_error(E_COMPILE_ERROR, "Array and string offset access syntax with curly braces is no longer supported");
11006 }
11007
11008 /* Set isset fetch indicator here, opcache disallows runtime altering of the AST */
11009 if ((ast->attr & ZEND_DIM_IS) && ast->child[0]->kind == ZEND_AST_DIM) {
11010 ast->child[0]->attr |= ZEND_DIM_IS;
11011 }
11012
11013 zend_eval_const_expr(&ast->child[0]);
11014 zend_eval_const_expr(&ast->child[1]);
11015 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
11016 return;
11017 }
11018
11019 container = zend_ast_get_zval(ast->child[0]);
11020 dim = zend_ast_get_zval(ast->child[1]);
11021
11022 if (Z_TYPE_P(container) == IS_ARRAY) {
11023 zval *el;
11024 if (Z_TYPE_P(dim) == IS_LONG) {
11025 el = zend_hash_index_find(Z_ARR_P(container), Z_LVAL_P(dim));
11026 if (el) {
11027 ZVAL_COPY(&result, el);
11028 } else {
11029 return;
11030 }
11031 } else if (Z_TYPE_P(dim) == IS_STRING) {
11032 el = zend_symtable_find(Z_ARR_P(container), Z_STR_P(dim));
11033 if (el) {
11034 ZVAL_COPY(&result, el);
11035 } else {
11036 return;
11037 }
11038 } else {
11039 return; /* warning... handle at runtime */
11040 }
11041 } else if (Z_TYPE_P(container) == IS_STRING) {
11042 zend_long offset;
11043 uint8_t c;
11044 if (Z_TYPE_P(dim) == IS_LONG) {
11045 offset = Z_LVAL_P(dim);
11046 } else if (Z_TYPE_P(dim) != IS_STRING || is_numeric_string(Z_STRVAL_P(dim), Z_STRLEN_P(dim), &offset, NULL, 1) != IS_LONG) {
11047 return;
11048 }
11049 if (offset < 0 || (size_t)offset >= Z_STRLEN_P(container)) {
11050 return;
11051 }
11052 c = (uint8_t) Z_STRVAL_P(container)[offset];
11053 ZVAL_CHAR(&result, c);
11054 } else if (Z_TYPE_P(container) <= IS_FALSE) {
11055 return; /* warning... handle at runtime */
11056 } else {
11057 return;
11058 }
11059 break;
11060 }
11061 case ZEND_AST_ARRAY:
11062 if (!zend_try_ct_eval_array(&result, ast)) {
11063 return;
11064 }
11065 break;
11066 case ZEND_AST_MAGIC_CONST:
11067 if (!zend_try_ct_eval_magic_const(&result, ast)) {
11068 return;
11069 }
11070 break;
11071 case ZEND_AST_CONST:
11072 {
11073 zend_ast *name_ast = ast->child[0];
11074 bool is_fully_qualified;
11075 zend_string *resolved_name = zend_resolve_const_name(
11076 zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
11077
11078 if (!zend_try_ct_eval_const(&result, resolved_name, is_fully_qualified)) {
11079 zend_string_release_ex(resolved_name, 0);
11080 return;
11081 }
11082
11083 zend_string_release_ex(resolved_name, 0);
11084 break;
11085 }
11086 case ZEND_AST_CLASS_CONST:
11087 {
11088 zend_ast *class_ast;
11089 zend_ast *name_ast;
11090 zend_string *resolved_name;
11091
11092 zend_eval_const_expr(&ast->child[0]);
11093 zend_eval_const_expr(&ast->child[1]);
11094
11095 if (UNEXPECTED(ast->child[1]->kind != ZEND_AST_ZVAL
11096 || Z_TYPE_P(zend_ast_get_zval(ast->child[1])) != IS_STRING)) {
11097 return;
11098 }
11099
11100 class_ast = ast->child[0];
11101 name_ast = ast->child[1];
11102
11103 if (class_ast->kind != ZEND_AST_ZVAL || name_ast->kind != ZEND_AST_ZVAL) {
11104 return;
11105 }
11106
11107 resolved_name = zend_resolve_class_name_ast(class_ast);
11108 if (!zend_try_ct_eval_class_const(&result, resolved_name, zend_ast_get_str(name_ast))) {
11109 zend_string_release_ex(resolved_name, 0);
11110 return;
11111 }
11112
11113 zend_string_release_ex(resolved_name, 0);
11114 break;
11115 }
11116 case ZEND_AST_CLASS_NAME:
11117 {
11118 zend_ast *class_ast = ast->child[0];
11119 if (!zend_try_compile_const_expr_resolve_class_name(&result, class_ast)) {
11120 return;
11121 }
11122 break;
11123 }
11124 // TODO: We should probably use zend_ast_apply to recursively walk nodes without
11125 // special handling. It is required that all nodes that are part of a const expr
11126 // are visited. Probably we should be distinguishing evaluation of const expr and
11127 // normal exprs here.
11128 case ZEND_AST_ARG_LIST:
11129 {
11130 zend_ast_list *list = zend_ast_get_list(ast);
11131 for (uint32_t i = 0; i < list->children; i++) {
11132 zend_eval_const_expr(&list->child[i]);
11133 }
11134 return;
11135 }
11136 case ZEND_AST_NEW:
11137 zend_eval_const_expr(&ast->child[0]);
11138 zend_eval_const_expr(&ast->child[1]);
11139 return;
11140 case ZEND_AST_NAMED_ARG:
11141 zend_eval_const_expr(&ast->child[1]);
11142 return;
11143 case ZEND_AST_CONST_ENUM_INIT:
11144 zend_eval_const_expr(&ast->child[2]);
11145 return;
11146 case ZEND_AST_PROP:
11147 case ZEND_AST_NULLSAFE_PROP:
11148 zend_eval_const_expr(&ast->child[0]);
11149 zend_eval_const_expr(&ast->child[1]);
11150 return;
11151 default:
11152 return;
11153 }
11154
11155 zend_ast_destroy(ast);
11156 *ast_ptr = zend_ast_create_zval(&result);
11157 }
11158 /* }}} */
11159
