1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Nikita Popov <nikic@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include <zend_language_parser.h>
22 #include "zend.h"
23 #include "zend_attributes.h"
24 #include "zend_compile.h"
25 #include "zend_constants.h"
26 #include "zend_llist.h"
27 #include "zend_API.h"
28 #include "zend_exceptions.h"
29 #include "zend_interfaces.h"
30 #include "zend_virtual_cwd.h"
31 #include "zend_multibyte.h"
32 #include "zend_language_scanner.h"
33 #include "zend_inheritance.h"
34 #include "zend_vm.h"
35 #include "zend_enum.h"
36 #include "zend_observer.h"
37 #include "zend_call_stack.h"
38
39 #define SET_NODE(target, src) do { \
40 target ## _type = (src)->op_type; \
41 if ((src)->op_type == IS_CONST) { \
42 target.constant = zend_add_literal(&(src)->u.constant); \
43 } else { \
44 target = (src)->u.op; \
45 } \
46 } while (0)
47
48 #define GET_NODE(target, src) do { \
49 (target)->op_type = src ## _type; \
50 if ((target)->op_type == IS_CONST) { \
51 ZVAL_COPY_VALUE(&(target)->u.constant, CT_CONSTANT(src)); \
52 } else { \
53 (target)->u.op = src; \
54 } \
55 } while (0)
56
57 #define FC(member) (CG(file_context).member)
58
59 typedef struct _zend_loop_var {
60 uint8_t opcode;
61 uint8_t var_type;
62 uint32_t var_num;
63 uint32_t try_catch_offset;
64 } zend_loop_var;
65
zend_alloc_cache_slots(unsigned count)66 static inline uint32_t zend_alloc_cache_slots(unsigned count) {
67 if (count == 0) {
68 /* Even if no cache slots are desired, the VM handler may still want to acquire
69 * CACHE_ADDR() unconditionally. Returning zero makes sure that the address
70 * calculation is still legal and ubsan does not complain. */
71 return 0;
72 }
73
74 zend_op_array *op_array = CG(active_op_array);
75 uint32_t ret = op_array->cache_size;
76 op_array->cache_size += count * sizeof(void*);
77 return ret;
78 }
79
zend_alloc_cache_slot(void)80 static inline uint32_t zend_alloc_cache_slot(void) {
81 return zend_alloc_cache_slots(1);
82 }
83
84 ZEND_API zend_op_array *(*zend_compile_file)(zend_file_handle *file_handle, int type);
85 ZEND_API zend_op_array *(*zend_compile_string)(zend_string *source_string, const char *filename, zend_compile_position position);
86
87 #ifndef ZTS
88 ZEND_API zend_compiler_globals compiler_globals;
89 ZEND_API zend_executor_globals executor_globals;
90 #endif
91
92 static zend_op *zend_emit_op(znode *result, uint8_t opcode, znode *op1, znode *op2);
93 static bool zend_try_ct_eval_array(zval *result, zend_ast *ast);
94 static void zend_eval_const_expr(zend_ast **ast_ptr);
95
96 static zend_op *zend_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref);
97 static zend_op *zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref);
98 static void zend_compile_expr(znode *result, zend_ast *ast);
99 static void zend_compile_stmt(zend_ast *ast);
100 static void zend_compile_assign(znode *result, zend_ast *ast);
101
102 #ifdef ZEND_CHECK_STACK_LIMIT
zend_stack_limit_error(void)103 zend_never_inline static void zend_stack_limit_error(void)
104 {
105 zend_error_noreturn(E_COMPILE_ERROR,
106 "Maximum call stack size of %zu bytes (zend.max_allowed_stack_size - zend.reserved_stack_size) reached during compilation. Try splitting expression",
107 (size_t) ((uintptr_t) EG(stack_base) - (uintptr_t) EG(stack_limit)));
108 }
109
zend_check_stack_limit(void)110 static void zend_check_stack_limit(void)
111 {
112 if (UNEXPECTED(zend_call_stack_overflowed(EG(stack_limit)))) {
113 zend_stack_limit_error();
114 }
115 }
116 #else /* ZEND_CHECK_STACK_LIMIT */
zend_check_stack_limit(void)117 static void zend_check_stack_limit(void)
118 {
119 }
120 #endif /* ZEND_CHECK_STACK_LIMIT */
121
init_op(zend_op * op)122 static void init_op(zend_op *op)
123 {
124 MAKE_NOP(op);
125 op->extended_value = 0;
126 op->lineno = CG(zend_lineno);
127 }
128
get_next_op_number(void)129 static zend_always_inline uint32_t get_next_op_number(void)
130 {
131 return CG(active_op_array)->last;
132 }
133
get_next_op(void)134 static zend_op *get_next_op(void)
135 {
136 zend_op_array *op_array = CG(active_op_array);
137 uint32_t next_op_num = op_array->last++;
138 zend_op *next_op;
139
140 if (UNEXPECTED(next_op_num >= CG(context).opcodes_size)) {
141 CG(context).opcodes_size *= 4;
142 op_array->opcodes = erealloc(op_array->opcodes, CG(context).opcodes_size * sizeof(zend_op));
143 }
144
145 next_op = &(op_array->opcodes[next_op_num]);
146
147 init_op(next_op);
148
149 return next_op;
150 }
151
get_next_brk_cont_element(void)152 static zend_brk_cont_element *get_next_brk_cont_element(void)
153 {
154 CG(context).last_brk_cont++;
155 CG(context).brk_cont_array = erealloc(CG(context).brk_cont_array, sizeof(zend_brk_cont_element) * CG(context).last_brk_cont);
156 return &CG(context).brk_cont_array[CG(context).last_brk_cont-1];
157 }
158
zend_build_runtime_definition_key(zend_string * name,uint32_t start_lineno)159 static zend_string *zend_build_runtime_definition_key(zend_string *name, uint32_t start_lineno) /* {{{ */
160 {
161 zend_string *filename = CG(active_op_array)->filename;
162 zend_string *result = zend_strpprintf(0, "%c%s%s:%" PRIu32 "$%" PRIx32,
163 '\0', ZSTR_VAL(name), ZSTR_VAL(filename), start_lineno, CG(rtd_key_counter)++);
164 return zend_new_interned_string(result);
165 }
166 /* }}} */
167
zend_get_unqualified_name(const zend_string * name,const char ** result,size_t * result_len)168 static bool zend_get_unqualified_name(const zend_string *name, const char **result, size_t *result_len) /* {{{ */
169 {
170 const char *ns_separator = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
171 if (ns_separator != NULL) {
172 *result = ns_separator + 1;
173 *result_len = ZSTR_VAL(name) + ZSTR_LEN(name) - *result;
174 return 1;
175 }
176
177 return 0;
178 }
179 /* }}} */
180
181 struct reserved_class_name {
182 const char *name;
183 size_t len;
184 };
185 static const struct reserved_class_name reserved_class_names[] = {
186 {ZEND_STRL("bool")},
187 {ZEND_STRL("false")},
188 {ZEND_STRL("float")},
189 {ZEND_STRL("int")},
190 {ZEND_STRL("null")},
191 {ZEND_STRL("parent")},
192 {ZEND_STRL("self")},
193 {ZEND_STRL("static")},
194 {ZEND_STRL("string")},
195 {ZEND_STRL("true")},
196 {ZEND_STRL("void")},
197 {ZEND_STRL("never")},
198 {ZEND_STRL("iterable")},
199 {ZEND_STRL("object")},
200 {ZEND_STRL("mixed")},
201 {NULL, 0}
202 };
203
zend_is_reserved_class_name(const zend_string * name)204 static bool zend_is_reserved_class_name(const zend_string *name) /* {{{ */
205 {
206 const struct reserved_class_name *reserved = reserved_class_names;
207
208 const char *uqname = ZSTR_VAL(name);
209 size_t uqname_len = ZSTR_LEN(name);
210 zend_get_unqualified_name(name, &uqname, &uqname_len);
211
212 for (; reserved->name; ++reserved) {
213 if (uqname_len == reserved->len
214 && zend_binary_strcasecmp(uqname, uqname_len, reserved->name, reserved->len) == 0
215 ) {
216 return 1;
217 }
218 }
219
220 return 0;
221 }
222 /* }}} */
223
zend_assert_valid_class_name(const zend_string * name)224 void zend_assert_valid_class_name(const zend_string *name) /* {{{ */
225 {
226 if (zend_is_reserved_class_name(name)) {
227 zend_error_noreturn(E_COMPILE_ERROR,
228 "Cannot use '%s' as class name as it is reserved", ZSTR_VAL(name));
229 }
230 }
231 /* }}} */
232
233 typedef struct _builtin_type_info {
234 const char* name;
235 const size_t name_len;
236 const uint8_t type;
237 } builtin_type_info;
238
239 static const builtin_type_info builtin_types[] = {
240 {ZEND_STRL("null"), IS_NULL},
241 {ZEND_STRL("true"), IS_TRUE},
242 {ZEND_STRL("false"), IS_FALSE},
243 {ZEND_STRL("int"), IS_LONG},
244 {ZEND_STRL("float"), IS_DOUBLE},
245 {ZEND_STRL("string"), IS_STRING},
246 {ZEND_STRL("bool"), _IS_BOOL},
247 {ZEND_STRL("void"), IS_VOID},
248 {ZEND_STRL("never"), IS_NEVER},
249 {ZEND_STRL("iterable"), IS_ITERABLE},
250 {ZEND_STRL("object"), IS_OBJECT},
251 {ZEND_STRL("mixed"), IS_MIXED},
252 {NULL, 0, IS_UNDEF}
253 };
254
255 typedef struct {
256 const char *name;
257 size_t name_len;
258 const char *correct_name;
259 } confusable_type_info;
260
261 static const confusable_type_info confusable_types[] = {
262 {ZEND_STRL("boolean"), "bool"},
263 {ZEND_STRL("integer"), "int"},
264 {ZEND_STRL("double"), "float"},
265 {ZEND_STRL("resource"), NULL},
266 {NULL, 0, NULL},
267 };
268
zend_lookup_builtin_type_by_name(const zend_string * name)269 static zend_always_inline uint8_t zend_lookup_builtin_type_by_name(const zend_string *name) /* {{{ */
270 {
271 const builtin_type_info *info = &builtin_types[0];
272
273 for (; info->name; ++info) {
274 if (ZSTR_LEN(name) == info->name_len
275 && zend_binary_strcasecmp(ZSTR_VAL(name), ZSTR_LEN(name), info->name, info->name_len) == 0
276 ) {
277 return info->type;
278 }
279 }
280
281 return 0;
282 }
283 /* }}} */
284
zend_is_confusable_type(const zend_string * name,const char ** correct_name)285 static zend_always_inline bool zend_is_confusable_type(const zend_string *name, const char **correct_name) /* {{{ */
286 {
287 const confusable_type_info *info = confusable_types;
288
289 /* Intentionally using case-sensitive comparison here, because "integer" is likely intended
290 * as a scalar type, while "Integer" is likely a class type. */
291 for (; info->name; ++info) {
292 if (zend_string_equals_cstr(name, info->name, info->name_len)) {
293 *correct_name = info->correct_name;
294 return 1;
295 }
296 }
297
298 return 0;
299 }
300 /* }}} */
301
zend_is_not_imported(zend_string * name)302 static bool zend_is_not_imported(zend_string *name) {
303 /* Assuming "name" is unqualified here. */
304 return !FC(imports) || zend_hash_find_ptr_lc(FC(imports), name) == NULL;
305 }
306
zend_oparray_context_begin(zend_oparray_context * prev_context)307 void zend_oparray_context_begin(zend_oparray_context *prev_context) /* {{{ */
308 {
309 *prev_context = CG(context);
310 CG(context).opcodes_size = INITIAL_OP_ARRAY_SIZE;
311 CG(context).vars_size = 0;
312 CG(context).literals_size = 0;
313 CG(context).fast_call_var = -1;
314 CG(context).try_catch_offset = -1;
315 CG(context).current_brk_cont = -1;
316 CG(context).last_brk_cont = 0;
317 CG(context).brk_cont_array = NULL;
318 CG(context).labels = NULL;
319 }
320 /* }}} */
321
zend_oparray_context_end(zend_oparray_context * prev_context)322 void zend_oparray_context_end(zend_oparray_context *prev_context) /* {{{ */
323 {
324 if (CG(context).brk_cont_array) {
325 efree(CG(context).brk_cont_array);
326 CG(context).brk_cont_array = NULL;
327 }
328 if (CG(context).labels) {
329 zend_hash_destroy(CG(context).labels);
330 FREE_HASHTABLE(CG(context).labels);
331 CG(context).labels = NULL;
332 }
333 CG(context) = *prev_context;
334 }
335 /* }}} */
336
zend_reset_import_tables(void)337 static void zend_reset_import_tables(void) /* {{{ */
338 {
339 if (FC(imports)) {
340 zend_hash_destroy(FC(imports));
341 efree(FC(imports));
342 FC(imports) = NULL;
343 }
344
345 if (FC(imports_function)) {
346 zend_hash_destroy(FC(imports_function));
347 efree(FC(imports_function));
348 FC(imports_function) = NULL;
349 }
350
351 if (FC(imports_const)) {
352 zend_hash_destroy(FC(imports_const));
353 efree(FC(imports_const));
354 FC(imports_const) = NULL;
355 }
356 }
357 /* }}} */
358
zend_end_namespace(void)359 static void zend_end_namespace(void) /* {{{ */ {
360 FC(in_namespace) = 0;
361 zend_reset_import_tables();
362 if (FC(current_namespace)) {
363 zend_string_release_ex(FC(current_namespace), 0);
364 FC(current_namespace) = NULL;
365 }
366 }
367 /* }}} */
368
zend_file_context_begin(zend_file_context * prev_context)369 void zend_file_context_begin(zend_file_context *prev_context) /* {{{ */
370 {
371 *prev_context = CG(file_context);
372 FC(imports) = NULL;
373 FC(imports_function) = NULL;
374 FC(imports_const) = NULL;
375 FC(current_namespace) = NULL;
376 FC(in_namespace) = 0;
377 FC(has_bracketed_namespaces) = 0;
378 FC(declarables).ticks = 0;
379 zend_hash_init(&FC(seen_symbols), 8, NULL, NULL, 0);
380 }
381 /* }}} */
382
zend_file_context_end(zend_file_context * prev_context)383 void zend_file_context_end(zend_file_context *prev_context) /* {{{ */
384 {
385 zend_end_namespace();
386 zend_hash_destroy(&FC(seen_symbols));
387 CG(file_context) = *prev_context;
388 }
389 /* }}} */
390
zend_init_compiler_data_structures(void)391 void zend_init_compiler_data_structures(void) /* {{{ */
392 {
393 zend_stack_init(&CG(loop_var_stack), sizeof(zend_loop_var));
394 zend_stack_init(&CG(delayed_oplines_stack), sizeof(zend_op));
395 zend_stack_init(&CG(short_circuiting_opnums), sizeof(uint32_t));
396 CG(active_class_entry) = NULL;
397 CG(in_compilation) = 0;
398 CG(skip_shebang) = 0;
399
400 CG(encoding_declared) = 0;
401 CG(memoized_exprs) = NULL;
402 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
403 }
404 /* }}} */
405
zend_register_seen_symbol(zend_string * name,uint32_t kind)406 static void zend_register_seen_symbol(zend_string *name, uint32_t kind) {
407 zval *zv = zend_hash_find(&FC(seen_symbols), name);
408 if (zv) {
409 Z_LVAL_P(zv) |= kind;
410 } else {
411 zval tmp;
412 ZVAL_LONG(&tmp, kind);
413 zend_hash_add_new(&FC(seen_symbols), name, &tmp);
414 }
415 }
416
zend_have_seen_symbol(zend_string * name,uint32_t kind)417 static bool zend_have_seen_symbol(zend_string *name, uint32_t kind) {
418 zval *zv = zend_hash_find(&FC(seen_symbols), name);
419 return zv && (Z_LVAL_P(zv) & kind) != 0;
420 }
421
init_compiler(void)422 void init_compiler(void) /* {{{ */
423 {
424 CG(arena) = zend_arena_create(64 * 1024);
425 CG(active_op_array) = NULL;
426 memset(&CG(context), 0, sizeof(CG(context)));
427 zend_init_compiler_data_structures();
428 zend_init_rsrc_list();
429 zend_stream_init();
430 CG(unclean_shutdown) = 0;
431
432 CG(delayed_variance_obligations) = NULL;
433 CG(delayed_autoloads) = NULL;
434 CG(unlinked_uses) = NULL;
435 CG(current_linking_class) = NULL;
436 }
437 /* }}} */
438
shutdown_compiler(void)439 void shutdown_compiler(void) /* {{{ */
440 {
441 /* Reset filename before destroying the arena, as file cache may use arena allocated strings. */
442 zend_restore_compiled_filename(NULL);
443
444 zend_stack_destroy(&CG(loop_var_stack));
445 zend_stack_destroy(&CG(delayed_oplines_stack));
446 zend_stack_destroy(&CG(short_circuiting_opnums));
447
448 if (CG(delayed_variance_obligations)) {
449 zend_hash_destroy(CG(delayed_variance_obligations));
450 FREE_HASHTABLE(CG(delayed_variance_obligations));
451 CG(delayed_variance_obligations) = NULL;
452 }
453 if (CG(delayed_autoloads)) {
454 zend_hash_destroy(CG(delayed_autoloads));
455 FREE_HASHTABLE(CG(delayed_autoloads));
456 CG(delayed_autoloads) = NULL;
457 }
458 if (CG(unlinked_uses)) {
459 zend_hash_destroy(CG(unlinked_uses));
460 FREE_HASHTABLE(CG(unlinked_uses));
461 CG(unlinked_uses) = NULL;
462 }
463 CG(current_linking_class) = NULL;
464 }
465 /* }}} */
466
zend_set_compiled_filename(zend_string * new_compiled_filename)467 ZEND_API zend_string *zend_set_compiled_filename(zend_string *new_compiled_filename) /* {{{ */
468 {
469 CG(compiled_filename) = zend_string_copy(new_compiled_filename);
470 return new_compiled_filename;
471 }
472 /* }}} */
473
zend_restore_compiled_filename(zend_string * original_compiled_filename)474 ZEND_API void zend_restore_compiled_filename(zend_string *original_compiled_filename) /* {{{ */
475 {
476 if (CG(compiled_filename)) {
477 zend_string_release(CG(compiled_filename));
478 CG(compiled_filename) = NULL;
479 }
480 CG(compiled_filename) = original_compiled_filename;
481 }
482 /* }}} */
483
zend_get_compiled_filename(void)484 ZEND_API zend_string *zend_get_compiled_filename(void) /* {{{ */
485 {
486 return CG(compiled_filename);
487 }
488 /* }}} */
489
zend_get_compiled_lineno(void)490 ZEND_API int zend_get_compiled_lineno(void) /* {{{ */
491 {
492 return CG(zend_lineno);
493 }
494 /* }}} */
495
zend_is_compiling(void)496 ZEND_API bool zend_is_compiling(void) /* {{{ */
497 {
498 return CG(in_compilation);
499 }
500 /* }}} */
501
get_temporary_variable(void)502 static zend_always_inline uint32_t get_temporary_variable(void) /* {{{ */
503 {
504 return (uint32_t)CG(active_op_array)->T++;
505 }
506 /* }}} */
507
lookup_cv(zend_string * name)508 static int lookup_cv(zend_string *name) /* {{{ */{
509 zend_op_array *op_array = CG(active_op_array);
510 int i = 0;
511 zend_ulong hash_value = zend_string_hash_val(name);
512
513 while (i < op_array->last_var) {
514 if (ZSTR_H(op_array->vars[i]) == hash_value
515 && zend_string_equals(op_array->vars[i], name)) {
516 return EX_NUM_TO_VAR(i);
517 }
518 i++;
519 }
520 i = op_array->last_var;
521 op_array->last_var++;
522 if (op_array->last_var > CG(context).vars_size) {
523 CG(context).vars_size += 16; /* FIXME */
524 op_array->vars = erealloc(op_array->vars, CG(context).vars_size * sizeof(zend_string*));
525 }
526
527 op_array->vars[i] = zend_string_copy(name);
528 return EX_NUM_TO_VAR(i);
529 }
530 /* }}} */
531
zval_make_interned_string(zval * zv)532 zend_string *zval_make_interned_string(zval *zv)
533 {
534 ZEND_ASSERT(Z_TYPE_P(zv) == IS_STRING);
535 Z_STR_P(zv) = zend_new_interned_string(Z_STR_P(zv));
536 if (ZSTR_IS_INTERNED(Z_STR_P(zv))) {
537 Z_TYPE_FLAGS_P(zv) = 0;
538 }
539 return Z_STR_P(zv);
540 }
541
542 /* Common part of zend_add_literal and zend_append_individual_literal */
zend_insert_literal(zend_op_array * op_array,zval * zv,int literal_position)543 static inline void zend_insert_literal(zend_op_array *op_array, zval *zv, int literal_position) /* {{{ */
544 {
545 zval *lit = CT_CONSTANT_EX(op_array, literal_position);
546 if (Z_TYPE_P(zv) == IS_STRING) {
547 zval_make_interned_string(zv);
548 }
549 ZVAL_COPY_VALUE(lit, zv);
550 Z_EXTRA_P(lit) = 0;
551 }
552 /* }}} */
553
554 /* Is used while compiling a function, using the context to keep track
555 of an approximate size to avoid to relocate to often.
556 Literals are truncated to actual size in the second compiler pass (pass_two()). */
zend_add_literal(zval * zv)557 static int zend_add_literal(zval *zv) /* {{{ */
558 {
559 zend_op_array *op_array = CG(active_op_array);
560 int i = op_array->last_literal;
561 op_array->last_literal++;
562 if (i >= CG(context).literals_size) {
563 while (i >= CG(context).literals_size) {
564 CG(context).literals_size += 16; /* FIXME */
565 }
566 op_array->literals = (zval*)erealloc(op_array->literals, CG(context).literals_size * sizeof(zval));
567 }
568 zend_insert_literal(op_array, zv, i);
569 return i;
570 }
571 /* }}} */
572
zend_add_literal_string(zend_string ** str)573 static inline int zend_add_literal_string(zend_string **str) /* {{{ */
574 {
575 int ret;
576 zval zv;
577 ZVAL_STR(&zv, *str);
578 ret = zend_add_literal(&zv);
579 *str = Z_STR(zv);
580 return ret;
581 }
582 /* }}} */
583
zend_add_func_name_literal(zend_string * name)584 static int zend_add_func_name_literal(zend_string *name) /* {{{ */
585 {
586 /* Original name */
587 int ret = zend_add_literal_string(&name);
588
589 /* Lowercased name */
590 zend_string *lc_name = zend_string_tolower(name);
591 zend_add_literal_string(&lc_name);
592
593 return ret;
594 }
595 /* }}} */
596
zend_add_ns_func_name_literal(zend_string * name)597 static int zend_add_ns_func_name_literal(zend_string *name) /* {{{ */
598 {
599 const char *unqualified_name;
600 size_t unqualified_name_len;
601
602 /* Original name */
603 int ret = zend_add_literal_string(&name);
604
605 /* Lowercased name */
606 zend_string *lc_name = zend_string_tolower(name);
607 zend_add_literal_string(&lc_name);
608
609 /* Lowercased unqualified name */
610 if (zend_get_unqualified_name(name, &unqualified_name, &unqualified_name_len)) {
611 lc_name = zend_string_alloc(unqualified_name_len, 0);
612 zend_str_tolower_copy(ZSTR_VAL(lc_name), unqualified_name, unqualified_name_len);
613 zend_add_literal_string(&lc_name);
614 }
615
616 return ret;
617 }
618 /* }}} */
619
zend_add_class_name_literal(zend_string * name)620 static int zend_add_class_name_literal(zend_string *name) /* {{{ */
621 {
622 /* Original name */
623 int ret = zend_add_literal_string(&name);
624
625 /* Lowercased name */
626 zend_string *lc_name = zend_string_tolower(name);
627 zend_add_literal_string(&lc_name);
628
629 return ret;
630 }
631 /* }}} */
632
zend_add_const_name_literal(zend_string * name,bool unqualified)633 static int zend_add_const_name_literal(zend_string *name, bool unqualified) /* {{{ */
634 {
635 zend_string *tmp_name;
636
637 int ret = zend_add_literal_string(&name);
638
639 size_t ns_len = 0, after_ns_len = ZSTR_LEN(name);
640 const char *after_ns = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
641 if (after_ns) {
642 after_ns += 1;
643 ns_len = after_ns - ZSTR_VAL(name) - 1;
644 after_ns_len = ZSTR_LEN(name) - ns_len - 1;
645
646 /* lowercased namespace name & original constant name */
647 tmp_name = zend_string_init(ZSTR_VAL(name), ZSTR_LEN(name), 0);
648 zend_str_tolower(ZSTR_VAL(tmp_name), ns_len);
649 zend_add_literal_string(&tmp_name);
650
651 if (!unqualified) {
652 return ret;
653 }
654 } else {
655 after_ns = ZSTR_VAL(name);
656 }
657
658 /* original unqualified constant name */
659 tmp_name = zend_string_init(after_ns, after_ns_len, 0);
660 zend_add_literal_string(&tmp_name);
661
662 return ret;
663 }
664 /* }}} */
665
666 #define LITERAL_STR(op, str) do { \
667 zval _c; \
668 ZVAL_STR(&_c, str); \
669 op.constant = zend_add_literal(&_c); \
670 } while (0)
671
zend_stop_lexing(void)672 void zend_stop_lexing(void)
673 {
674 if (LANG_SCNG(on_event)) {
675 LANG_SCNG(on_event)(ON_STOP, END, 0, NULL, 0, LANG_SCNG(on_event_context));
676 }
677
678 LANG_SCNG(yy_cursor) = LANG_SCNG(yy_limit);
679 }
680
zend_begin_loop(uint8_t free_opcode,const znode * loop_var,bool is_switch)681 static inline void zend_begin_loop(
682 uint8_t free_opcode, const znode *loop_var, bool is_switch) /* {{{ */
683 {
684 zend_brk_cont_element *brk_cont_element;
685 int parent = CG(context).current_brk_cont;
686 zend_loop_var info = {0};
687
688 CG(context).current_brk_cont = CG(context).last_brk_cont;
689 brk_cont_element = get_next_brk_cont_element();
690 brk_cont_element->parent = parent;
691 brk_cont_element->is_switch = is_switch;
692
693 if (loop_var && (loop_var->op_type & (IS_VAR|IS_TMP_VAR))) {
694 uint32_t start = get_next_op_number();
695
696 info.opcode = free_opcode;
697 info.var_type = loop_var->op_type;
698 info.var_num = loop_var->u.op.var;
699 brk_cont_element->start = start;
700 } else {
701 info.opcode = ZEND_NOP;
702 /* The start field is used to free temporary variables in case of exceptions.
703 * We won't try to free something of we don't have loop variable. */
704 brk_cont_element->start = -1;
705 }
706
707 zend_stack_push(&CG(loop_var_stack), &info);
708 }
709 /* }}} */
710
zend_end_loop(int cont_addr,const znode * var_node)711 static inline void zend_end_loop(int cont_addr, const znode *var_node) /* {{{ */
712 {
713 uint32_t end = get_next_op_number();
714 zend_brk_cont_element *brk_cont_element
715 = &CG(context).brk_cont_array[CG(context).current_brk_cont];
716 brk_cont_element->cont = cont_addr;
717 brk_cont_element->brk = end;
718 CG(context).current_brk_cont = brk_cont_element->parent;
719
720 zend_stack_del_top(&CG(loop_var_stack));
721 }
722 /* }}} */
723
zend_do_free(znode * op1)724 static void zend_do_free(znode *op1) /* {{{ */
725 {
726 if (op1->op_type == IS_TMP_VAR) {
727 zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
728
729 while (opline->opcode == ZEND_END_SILENCE ||
730 opline->opcode == ZEND_OP_DATA) {
731 opline--;
732 }
733
734 if (opline->result_type == IS_TMP_VAR && opline->result.var == op1->u.op.var) {
735 switch (opline->opcode) {
736 case ZEND_BOOL:
737 case ZEND_BOOL_NOT:
738 /* boolean results don't have to be freed */
739 return;
740 case ZEND_POST_INC_STATIC_PROP:
741 case ZEND_POST_DEC_STATIC_PROP:
742 case ZEND_POST_INC_OBJ:
743 case ZEND_POST_DEC_OBJ:
744 case ZEND_POST_INC:
745 case ZEND_POST_DEC:
746 /* convert $i++ to ++$i */
747 opline->opcode -= 2;
748 SET_UNUSED(opline->result);
749 return;
750 case ZEND_ASSIGN:
751 case ZEND_ASSIGN_DIM:
752 case ZEND_ASSIGN_OBJ:
753 case ZEND_ASSIGN_STATIC_PROP:
754 case ZEND_ASSIGN_OP:
755 case ZEND_ASSIGN_DIM_OP:
756 case ZEND_ASSIGN_OBJ_OP:
757 case ZEND_ASSIGN_STATIC_PROP_OP:
758 case ZEND_PRE_INC_STATIC_PROP:
759 case ZEND_PRE_DEC_STATIC_PROP:
760 case ZEND_PRE_INC_OBJ:
761 case ZEND_PRE_DEC_OBJ:
762 case ZEND_PRE_INC:
763 case ZEND_PRE_DEC:
764 SET_UNUSED(opline->result);
765 return;
766 }
767 }
768
769 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
770 } else if (op1->op_type == IS_VAR) {
771 zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
772 while (opline->opcode == ZEND_END_SILENCE ||
773 opline->opcode == ZEND_EXT_FCALL_END ||
774 opline->opcode == ZEND_OP_DATA) {
775 opline--;
776 }
777 if (opline->result_type == IS_VAR
778 && opline->result.var == op1->u.op.var) {
779 if (opline->opcode == ZEND_FETCH_THIS) {
780 opline->opcode = ZEND_NOP;
781 }
782 SET_UNUSED(opline->result);
783 } else {
784 while (opline >= CG(active_op_array)->opcodes) {
785 if ((opline->opcode == ZEND_FETCH_LIST_R ||
786 opline->opcode == ZEND_FETCH_LIST_W) &&
787 opline->op1_type == IS_VAR &&
788 opline->op1.var == op1->u.op.var) {
789 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
790 return;
791 }
792 if (opline->result_type == IS_VAR
793 && opline->result.var == op1->u.op.var) {
794 if (opline->opcode == ZEND_NEW) {
795 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
796 }
797 break;
798 }
799 opline--;
800 }
801 }
802 } else if (op1->op_type == IS_CONST) {
803 /* Destroy value without using GC: When opcache moves arrays into SHM it will
804 * free the zend_array structure, so references to it from outside the op array
805 * become invalid. GC would cause such a reference in the root buffer. */
806 zval_ptr_dtor_nogc(&op1->u.constant);
807 }
808 }
809 /* }}} */
810
811
zend_modifier_token_to_string(uint32_t token)812 static char *zend_modifier_token_to_string(uint32_t token)
813 {
814 switch (token) {
815 case T_PUBLIC:
816 return "public";
817 case T_PROTECTED:
818 return "protected";
819 case T_PRIVATE:
820 return "private";
821 case T_STATIC:
822 return "static";
823 case T_FINAL:
824 return "final";
825 case T_READONLY:
826 return "readonly";
827 case T_ABSTRACT:
828 return "abstract";
829 EMPTY_SWITCH_DEFAULT_CASE()
830 }
831 }
832
zend_modifier_token_to_flag(zend_modifier_target target,uint32_t token)833 uint32_t zend_modifier_token_to_flag(zend_modifier_target target, uint32_t token)
834 {
835 switch (token) {
836 case T_PUBLIC:
837 return ZEND_ACC_PUBLIC;
838 case T_PROTECTED:
839 return ZEND_ACC_PROTECTED;
840 case T_PRIVATE:
841 return ZEND_ACC_PRIVATE;
842 case T_READONLY:
843 if (target == ZEND_MODIFIER_TARGET_PROPERTY || target == ZEND_MODIFIER_TARGET_CPP) {
844 return ZEND_ACC_READONLY;
845 }
846 break;
847 case T_ABSTRACT:
848 if (target == ZEND_MODIFIER_TARGET_METHOD) {
849 return ZEND_ACC_ABSTRACT;
850 }
851 break;
852 case T_FINAL:
853 if (target == ZEND_MODIFIER_TARGET_METHOD || target == ZEND_MODIFIER_TARGET_CONSTANT) {
854 return ZEND_ACC_FINAL;
855 }
856 break;
857 case T_STATIC:
858 if (target == ZEND_MODIFIER_TARGET_PROPERTY || target == ZEND_MODIFIER_TARGET_METHOD) {
859 return ZEND_ACC_STATIC;
860 }
861 break;
862 }
863
864 char *member;
865 if (target == ZEND_MODIFIER_TARGET_PROPERTY) {
866 member = "property";
867 } else if (target == ZEND_MODIFIER_TARGET_METHOD) {
868 member = "method";
869 } else if (target == ZEND_MODIFIER_TARGET_CONSTANT) {
870 member = "class constant";
871 } else if (target == ZEND_MODIFIER_TARGET_CPP) {
872 member = "parameter";
873 } else {
874 ZEND_UNREACHABLE();
875 }
876
877 zend_throw_exception_ex(zend_ce_compile_error, 0,
878 "Cannot use the %s modifier on a %s", zend_modifier_token_to_string(token), member);
879 return 0;
880 }
881
zend_modifier_list_to_flags(zend_modifier_target target,zend_ast * modifiers)882 uint32_t zend_modifier_list_to_flags(zend_modifier_target target, zend_ast *modifiers)
883 {
884 uint32_t flags = 0;
885 zend_ast_list *modifier_list = zend_ast_get_list(modifiers);
886
887 for (uint32_t i = 0; i < modifier_list->children; i++) {
888 uint32_t new_flag = zend_modifier_token_to_flag(target, (uint32_t) Z_LVAL_P(zend_ast_get_zval(modifier_list->child[i])));
889 if (!new_flag) {
890 return 0;
891 }
892 flags = zend_add_member_modifier(flags, new_flag, target);
893 if (!flags) {
894 return 0;
895 }
896 }
897
898 return flags;
899 }
900
zend_add_class_modifier(uint32_t flags,uint32_t new_flag)901 uint32_t zend_add_class_modifier(uint32_t flags, uint32_t new_flag) /* {{{ */
902 {
903 uint32_t new_flags = flags | new_flag;
904 if ((flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flag & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) {
905 zend_throw_exception(zend_ce_compile_error,
906 "Multiple abstract modifiers are not allowed", 0);
907 return 0;
908 }
909 if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
910 zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
911 return 0;
912 }
913 if ((flags & ZEND_ACC_READONLY_CLASS) && (new_flag & ZEND_ACC_READONLY_CLASS)) {
914 zend_throw_exception(zend_ce_compile_error, "Multiple readonly modifiers are not allowed", 0);
915 return 0;
916 }
917 if ((new_flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flags & ZEND_ACC_FINAL)) {
918 zend_throw_exception(zend_ce_compile_error,
919 "Cannot use the final modifier on an abstract class", 0);
920 return 0;
921 }
922 return new_flags;
923 }
924 /* }}} */
925
zend_add_anonymous_class_modifier(uint32_t flags,uint32_t new_flag)926 uint32_t zend_add_anonymous_class_modifier(uint32_t flags, uint32_t new_flag)
927 {
928 uint32_t new_flags = flags | new_flag;
929 if (new_flag & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) {
930 zend_throw_exception(zend_ce_compile_error,
931 "Cannot use the abstract modifier on an anonymous class", 0);
932 return 0;
933 }
934 if (new_flag & ZEND_ACC_FINAL) {
935 zend_throw_exception(zend_ce_compile_error, "Cannot use the final modifier on an anonymous class", 0);
936 return 0;
937 }
938 if ((flags & ZEND_ACC_READONLY_CLASS) && (new_flag & ZEND_ACC_READONLY_CLASS)) {
939 zend_throw_exception(zend_ce_compile_error, "Multiple readonly modifiers are not allowed", 0);
940 return 0;
941 }
942 return new_flags;
943 }
944
zend_add_member_modifier(uint32_t flags,uint32_t new_flag,zend_modifier_target target)945 uint32_t zend_add_member_modifier(uint32_t flags, uint32_t new_flag, zend_modifier_target target) /* {{{ */
946 {
947 uint32_t new_flags = flags | new_flag;
948 if ((flags & ZEND_ACC_PPP_MASK) && (new_flag & ZEND_ACC_PPP_MASK)) {
949 zend_throw_exception(zend_ce_compile_error,
950 "Multiple access type modifiers are not allowed", 0);
951 return 0;
952 }
953 if ((flags & ZEND_ACC_ABSTRACT) && (new_flag & ZEND_ACC_ABSTRACT)) {
954 zend_throw_exception(zend_ce_compile_error, "Multiple abstract modifiers are not allowed", 0);
955 return 0;
956 }
957 if ((flags & ZEND_ACC_STATIC) && (new_flag & ZEND_ACC_STATIC)) {
958 zend_throw_exception(zend_ce_compile_error, "Multiple static modifiers are not allowed", 0);
959 return 0;
960 }
961 if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
962 zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
963 return 0;
964 }
965 if ((flags & ZEND_ACC_READONLY) && (new_flag & ZEND_ACC_READONLY)) {
966 zend_throw_exception(zend_ce_compile_error,
967 "Multiple readonly modifiers are not allowed", 0);
968 return 0;
969 }
970 if (target == ZEND_MODIFIER_TARGET_METHOD && (new_flags & ZEND_ACC_ABSTRACT) && (new_flags & ZEND_ACC_FINAL)) {
971 zend_throw_exception(zend_ce_compile_error,
972 "Cannot use the final modifier on an abstract method", 0);
973 return 0;
974 }
975 return new_flags;
976 }
977 /* }}} */
978
zend_create_member_string(zend_string * class_name,zend_string * member_name)979 ZEND_API zend_string *zend_create_member_string(zend_string *class_name, zend_string *member_name) {
980 return zend_string_concat3(
981 ZSTR_VAL(class_name), ZSTR_LEN(class_name),
982 "::", sizeof("::") - 1,
983 ZSTR_VAL(member_name), ZSTR_LEN(member_name));
984 }
985
zend_concat_names(char * name1,size_t name1_len,char * name2,size_t name2_len)986 static zend_string *zend_concat_names(char *name1, size_t name1_len, char *name2, size_t name2_len) {
987 return zend_string_concat3(name1, name1_len, "\\", 1, name2, name2_len);
988 }
989
zend_prefix_with_ns(zend_string * name)990 static zend_string *zend_prefix_with_ns(zend_string *name) {
991 if (FC(current_namespace)) {
992 zend_string *ns = FC(current_namespace);
993 return zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
994 } else {
995 return zend_string_copy(name);
996 }
997 }
998
zend_resolve_non_class_name(zend_string * name,uint32_t type,bool * is_fully_qualified,bool case_sensitive,HashTable * current_import_sub)999 static zend_string *zend_resolve_non_class_name(
1000 zend_string *name, uint32_t type, bool *is_fully_qualified,
1001 bool case_sensitive, HashTable *current_import_sub
1002 ) {
1003 char *compound;
1004 *is_fully_qualified = 0;
1005
1006 if (ZSTR_VAL(name)[0] == '\\') {
1007 /* Remove \ prefix (only relevant if this is a string rather than a label) */
1008 *is_fully_qualified = 1;
1009 return zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
1010 }
1011
1012 if (type == ZEND_NAME_FQ) {
1013 *is_fully_qualified = 1;
1014 return zend_string_copy(name);
1015 }
1016
1017 if (type == ZEND_NAME_RELATIVE) {
1018 *is_fully_qualified = 1;
1019 return zend_prefix_with_ns(name);
1020 }
1021
1022 if (current_import_sub) {
1023 /* If an unqualified name is a function/const alias, replace it. */
1024 zend_string *import_name;
1025 if (case_sensitive) {
1026 import_name = zend_hash_find_ptr(current_import_sub, name);
1027 } else {
1028 import_name = zend_hash_find_ptr_lc(current_import_sub, name);
1029 }
1030
1031 if (import_name) {
1032 *is_fully_qualified = 1;
1033 return zend_string_copy(import_name);
1034 }
1035 }
1036
1037 compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
1038 if (compound) {
1039 *is_fully_qualified = 1;
1040 }
1041
1042 if (compound && FC(imports)) {
1043 /* If the first part of a qualified name is an alias, substitute it. */
1044 size_t len = compound - ZSTR_VAL(name);
1045 zend_string *import_name = zend_hash_str_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
1046
1047 if (import_name) {
1048 return zend_concat_names(
1049 ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
1050 }
1051 }
1052
1053 return zend_prefix_with_ns(name);
1054 }
1055 /* }}} */
1056
zend_resolve_function_name(zend_string * name,uint32_t type,bool * is_fully_qualified)1057 static zend_string *zend_resolve_function_name(zend_string *name, uint32_t type, bool *is_fully_qualified)
1058 {
1059 return zend_resolve_non_class_name(
1060 name, type, is_fully_qualified, 0, FC(imports_function));
1061 }
1062
zend_resolve_const_name(zend_string * name,uint32_t type,bool * is_fully_qualified)1063 static zend_string *zend_resolve_const_name(zend_string *name, uint32_t type, bool *is_fully_qualified)
1064 {
1065 return zend_resolve_non_class_name(
1066 name, type, is_fully_qualified, 1, FC(imports_const));
1067 }
1068
zend_resolve_class_name(zend_string * name,uint32_t type)1069 static zend_string *zend_resolve_class_name(zend_string *name, uint32_t type) /* {{{ */
1070 {
1071 char *compound;
1072
1073 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type(name)) {
1074 if (type == ZEND_NAME_FQ) {
1075 zend_error_noreturn(E_COMPILE_ERROR,
1076 "'\\%s' is an invalid class name", ZSTR_VAL(name));
1077 }
1078 if (type == ZEND_NAME_RELATIVE) {
1079 zend_error_noreturn(E_COMPILE_ERROR,
1080 "'namespace\\%s' is an invalid class name", ZSTR_VAL(name));
1081 }
1082 ZEND_ASSERT(type == ZEND_NAME_NOT_FQ);
1083 return zend_string_copy(name);
1084 }
1085
1086 if (type == ZEND_NAME_RELATIVE) {
1087 return zend_prefix_with_ns(name);
1088 }
1089
1090 if (type == ZEND_NAME_FQ) {
1091 if (ZSTR_VAL(name)[0] == '\\') {
1092 /* Remove \ prefix (only relevant if this is a string rather than a label) */
1093 name = zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
1094 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type(name)) {
1095 zend_error_noreturn(E_COMPILE_ERROR,
1096 "'\\%s' is an invalid class name", ZSTR_VAL(name));
1097 }
1098 return name;
1099 }
1100
1101 return zend_string_copy(name);
1102 }
1103
1104 if (FC(imports)) {
1105 compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
1106 if (compound) {
1107 /* If the first part of a qualified name is an alias, substitute it. */
1108 size_t len = compound - ZSTR_VAL(name);
1109 zend_string *import_name =
1110 zend_hash_str_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
1111
1112 if (import_name) {
1113 return zend_concat_names(
1114 ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
1115 }
1116 } else {
1117 /* If an unqualified name is an alias, replace it. */
1118 zend_string *import_name
1119 = zend_hash_find_ptr_lc(FC(imports), name);
1120
1121 if (import_name) {
1122 return zend_string_copy(import_name);
1123 }
1124 }
1125 }
1126
1127 /* If not fully qualified and not an alias, prepend the current namespace */
1128 return zend_prefix_with_ns(name);
1129 }
1130 /* }}} */
1131
zend_resolve_class_name_ast(zend_ast * ast)1132 zend_string *zend_resolve_class_name_ast(zend_ast *ast) /* {{{ */
1133 {
1134 zval *class_name = zend_ast_get_zval(ast);
1135 if (Z_TYPE_P(class_name) != IS_STRING) {
1136 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
1137 }
1138 return zend_resolve_class_name(Z_STR_P(class_name), ast->attr);
1139 }
1140 /* }}} */
1141
label_ptr_dtor(zval * zv)1142 static void label_ptr_dtor(zval *zv) /* {{{ */
1143 {
1144 efree_size(Z_PTR_P(zv), sizeof(zend_label));
1145 }
1146 /* }}} */
1147
str_dtor(zval * zv)1148 static void str_dtor(zval *zv) /* {{{ */ {
1149 zend_string_release_ex(Z_STR_P(zv), 0);
1150 }
1151 /* }}} */
1152
1153 static bool zend_is_call(zend_ast *ast);
1154
zend_add_try_element(uint32_t try_op)1155 static uint32_t zend_add_try_element(uint32_t try_op) /* {{{ */
1156 {
1157 zend_op_array *op_array = CG(active_op_array);
1158 uint32_t try_catch_offset = op_array->last_try_catch++;
1159 zend_try_catch_element *elem;
1160
1161 op_array->try_catch_array = safe_erealloc(
1162 op_array->try_catch_array, sizeof(zend_try_catch_element), op_array->last_try_catch, 0);
1163
1164 elem = &op_array->try_catch_array[try_catch_offset];
1165 elem->try_op = try_op;
1166 elem->catch_op = 0;
1167 elem->finally_op = 0;
1168 elem->finally_end = 0;
1169
1170 return try_catch_offset;
1171 }
1172 /* }}} */
1173
function_add_ref(zend_function * function)1174 ZEND_API void function_add_ref(zend_function *function) /* {{{ */
1175 {
1176 if (function->type == ZEND_USER_FUNCTION) {
1177 zend_op_array *op_array = &function->op_array;
1178 if (op_array->refcount) {
1179 (*op_array->refcount)++;
1180 }
1181
1182 ZEND_MAP_PTR_INIT(op_array->run_time_cache, NULL);
1183 ZEND_MAP_PTR_INIT(op_array->static_variables_ptr, NULL);
1184 }
1185
1186 if (function->common.function_name) {
1187 zend_string_addref(function->common.function_name);
1188 }
1189 }
1190 /* }}} */
1191
do_bind_function_error(zend_string * lcname,zend_op_array * op_array,bool compile_time)1192 static zend_never_inline ZEND_COLD ZEND_NORETURN void do_bind_function_error(zend_string *lcname, zend_op_array *op_array, bool compile_time) /* {{{ */
1193 {
1194 zval *zv = zend_hash_find_known_hash(compile_time ? CG(function_table) : EG(function_table), lcname);
1195 int error_level = compile_time ? E_COMPILE_ERROR : E_ERROR;
1196 zend_function *old_function;
1197
1198 ZEND_ASSERT(zv != NULL);
1199 old_function = (zend_function*)Z_PTR_P(zv);
1200 if (old_function->type == ZEND_USER_FUNCTION
1201 && old_function->op_array.last > 0) {
1202 zend_error_noreturn(error_level, "Cannot redeclare %s() (previously declared in %s:%d)",
1203 op_array ? ZSTR_VAL(op_array->function_name) : ZSTR_VAL(old_function->common.function_name),
1204 ZSTR_VAL(old_function->op_array.filename),
1205 old_function->op_array.opcodes[0].lineno);
1206 } else {
1207 zend_error_noreturn(error_level, "Cannot redeclare %s()",
1208 op_array ? ZSTR_VAL(op_array->function_name) : ZSTR_VAL(old_function->common.function_name));
1209 }
1210 }
1211
do_bind_function(zend_function * func,zval * lcname)1212 ZEND_API zend_result do_bind_function(zend_function *func, zval *lcname) /* {{{ */
1213 {
1214 zend_function *added_func = zend_hash_add_ptr(EG(function_table), Z_STR_P(lcname), func);
1215 if (UNEXPECTED(!added_func)) {
1216 do_bind_function_error(Z_STR_P(lcname), &func->op_array, 0);
1217 return FAILURE;
1218 }
1219
1220 if (func->op_array.refcount) {
1221 ++*func->op_array.refcount;
1222 }
1223 if (func->common.function_name) {
1224 zend_string_addref(func->common.function_name);
1225 }
1226 zend_observer_function_declared_notify(&func->op_array, Z_STR_P(lcname));
1227 return SUCCESS;
1228 }
1229 /* }}} */
1230
zend_bind_class_in_slot(zval * class_table_slot,zval * lcname,zend_string * lc_parent_name)1231 ZEND_API zend_class_entry *zend_bind_class_in_slot(
1232 zval *class_table_slot, zval *lcname, zend_string *lc_parent_name)
1233 {
1234 zend_class_entry *ce = Z_PTR_P(class_table_slot);
1235 bool is_preloaded =
1236 (ce->ce_flags & ZEND_ACC_PRELOADED) && !(CG(compiler_options) & ZEND_COMPILE_PRELOAD);
1237 bool success;
1238 if (EXPECTED(!is_preloaded)) {
1239 success = zend_hash_set_bucket_key(EG(class_table), (Bucket*) class_table_slot, Z_STR_P(lcname)) != NULL;
1240 } else {
1241 /* If preloading is used, don't replace the existing bucket, add a new one. */
1242 success = zend_hash_add_ptr(EG(class_table), Z_STR_P(lcname), ce) != NULL;
1243 }
1244 if (UNEXPECTED(!success)) {
1245 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1246 return NULL;
1247 }
1248
1249 if (ce->ce_flags & ZEND_ACC_LINKED) {
1250 zend_observer_class_linked_notify(ce, Z_STR_P(lcname));
1251 return ce;
1252 }
1253
1254 ce = zend_do_link_class(ce, lc_parent_name, Z_STR_P(lcname));
1255 if (ce) {
1256 ZEND_ASSERT(!EG(exception));
1257 zend_observer_class_linked_notify(ce, Z_STR_P(lcname));
1258 return ce;
1259 }
1260
1261 if (!is_preloaded) {
1262 /* Reload bucket pointer, the hash table may have been reallocated */
1263 zval *zv = zend_hash_find(EG(class_table), Z_STR_P(lcname));
1264 zend_hash_set_bucket_key(EG(class_table), (Bucket *) zv, Z_STR_P(lcname + 1));
1265 } else {
1266 zend_hash_del(EG(class_table), Z_STR_P(lcname));
1267 }
1268 return NULL;
1269 }
1270
do_bind_class(zval * lcname,zend_string * lc_parent_name)1271 ZEND_API zend_result do_bind_class(zval *lcname, zend_string *lc_parent_name) /* {{{ */
1272 {
1273 zend_class_entry *ce;
1274 zval *rtd_key, *zv;
1275
1276 rtd_key = lcname + 1;
1277
1278 zv = zend_hash_find_known_hash(EG(class_table), Z_STR_P(rtd_key));
1279
1280 if (UNEXPECTED(!zv)) {
1281 ce = zend_hash_find_ptr(EG(class_table), Z_STR_P(lcname));
1282 ZEND_ASSERT(ce);
1283 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1284 return FAILURE;
1285 }
1286
1287 /* Register the derived class */
1288 return zend_bind_class_in_slot(zv, lcname, lc_parent_name) ? SUCCESS : FAILURE;
1289 }
1290 /* }}} */
1291
add_type_string(zend_string * type,zend_string * new_type,bool is_intersection)1292 static zend_string *add_type_string(zend_string *type, zend_string *new_type, bool is_intersection) {
1293 zend_string *result;
1294 if (type == NULL) {
1295 return zend_string_copy(new_type);
1296 }
1297
1298 if (is_intersection) {
1299 result = zend_string_concat3(ZSTR_VAL(type), ZSTR_LEN(type),
1300 "&", 1, ZSTR_VAL(new_type), ZSTR_LEN(new_type));
1301 zend_string_release(type);
1302 } else {
1303 result = zend_string_concat3(
1304 ZSTR_VAL(type), ZSTR_LEN(type), "|", 1, ZSTR_VAL(new_type), ZSTR_LEN(new_type));
1305 zend_string_release(type);
1306 }
1307 return result;
1308 }
1309
resolve_class_name(zend_string * name,zend_class_entry * scope)1310 static zend_string *resolve_class_name(zend_string *name, zend_class_entry *scope) {
1311 if (scope) {
1312 if (zend_string_equals_literal_ci(name, "self")) {
1313 name = scope->name;
1314 } else if (zend_string_equals_literal_ci(name, "parent") && scope->parent) {
1315 name = scope->parent->name;
1316 }
1317 }
1318
1319 /* The resolved name for anonymous classes contains null bytes. Cut off everything after the
1320 * null byte here, to avoid larger parts of the type being omitted by printing code later. */
1321 size_t len = strlen(ZSTR_VAL(name));
1322 if (len != ZSTR_LEN(name)) {
1323 ZEND_ASSERT(scope && "This should only happen with resolved types");
1324 return zend_string_init(ZSTR_VAL(name), len, 0);
1325 }
1326 return zend_string_copy(name);
1327 }
1328
add_intersection_type(zend_string * str,zend_type_list * intersection_type_list,zend_class_entry * scope,bool is_bracketed)1329 static zend_string *add_intersection_type(zend_string *str,
1330 zend_type_list *intersection_type_list, zend_class_entry *scope,
1331 bool is_bracketed)
1332 {
1333 zend_type *single_type;
1334 zend_string *intersection_str = NULL;
1335
1336 ZEND_TYPE_LIST_FOREACH(intersection_type_list, single_type) {
1337 ZEND_ASSERT(!ZEND_TYPE_HAS_LIST(*single_type));
1338 ZEND_ASSERT(ZEND_TYPE_HAS_NAME(*single_type));
1339 zend_string *name = ZEND_TYPE_NAME(*single_type);
1340 zend_string *resolved = resolve_class_name(name, scope);
1341 intersection_str = add_type_string(intersection_str, resolved, /* is_intersection */ true);
1342 zend_string_release(resolved);
1343 } ZEND_TYPE_LIST_FOREACH_END();
1344
1345 ZEND_ASSERT(intersection_str);
1346
1347 if (is_bracketed) {
1348 zend_string *result = zend_string_concat3("(", 1, ZSTR_VAL(intersection_str), ZSTR_LEN(intersection_str), ")", 1);
1349 zend_string_release(intersection_str);
1350 intersection_str = result;
1351 }
1352 str = add_type_string(str, intersection_str, /* is_intersection */ false);
1353 zend_string_release(intersection_str);
1354 return str;
1355 }
1356
zend_type_to_string_resolved(zend_type type,zend_class_entry * scope)1357 zend_string *zend_type_to_string_resolved(zend_type type, zend_class_entry *scope) {
1358 zend_string *str = NULL;
1359
1360 /* Pure intersection type */
1361 if (ZEND_TYPE_IS_INTERSECTION(type)) {
1362 ZEND_ASSERT(!ZEND_TYPE_IS_UNION(type));
1363 str = add_intersection_type(str, ZEND_TYPE_LIST(type), scope, /* is_bracketed */ false);
1364 } else if (ZEND_TYPE_HAS_LIST(type)) {
1365 /* A union type might not be a list */
1366 zend_type *list_type;
1367 ZEND_TYPE_LIST_FOREACH(ZEND_TYPE_LIST(type), list_type) {
1368 if (ZEND_TYPE_IS_INTERSECTION(*list_type)) {
1369 str = add_intersection_type(str, ZEND_TYPE_LIST(*list_type), scope, /* is_bracketed */ true);
1370 continue;
1371 }
1372 ZEND_ASSERT(!ZEND_TYPE_HAS_LIST(*list_type));
1373 ZEND_ASSERT(ZEND_TYPE_HAS_NAME(*list_type));
1374 zend_string *name = ZEND_TYPE_NAME(*list_type);
1375 zend_string *resolved = resolve_class_name(name, scope);
1376 str = add_type_string(str, resolved, /* is_intersection */ false);
1377 zend_string_release(resolved);
1378 } ZEND_TYPE_LIST_FOREACH_END();
1379 } else if (ZEND_TYPE_HAS_NAME(type)) {
1380 str = resolve_class_name(ZEND_TYPE_NAME(type), scope);
1381 }
1382
1383 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
1384
1385 if (type_mask == MAY_BE_ANY) {
1386 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_MIXED), /* is_intersection */ false);
1387
1388 return str;
1389 }
1390 if (type_mask & MAY_BE_STATIC) {
1391 zend_string *name = ZSTR_KNOWN(ZEND_STR_STATIC);
1392 // During compilation of eval'd code the called scope refers to the scope calling the eval
1393 if (scope && !zend_is_compiling()) {
1394 zend_class_entry *called_scope = zend_get_called_scope(EG(current_execute_data));
1395 if (called_scope) {
1396 name = called_scope->name;
1397 }
1398 }
1399 str = add_type_string(str, name, /* is_intersection */ false);
1400 }
1401 if (type_mask & MAY_BE_CALLABLE) {
1402 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_CALLABLE), /* is_intersection */ false);
1403 }
1404 if (type_mask & MAY_BE_OBJECT) {
1405 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_OBJECT), /* is_intersection */ false);
1406 }
1407 if (type_mask & MAY_BE_ARRAY) {
1408 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_ARRAY), /* is_intersection */ false);
1409 }
1410 if (type_mask & MAY_BE_STRING) {
1411 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_STRING), /* is_intersection */ false);
1412 }
1413 if (type_mask & MAY_BE_LONG) {
1414 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_INT), /* is_intersection */ false);
1415 }
1416 if (type_mask & MAY_BE_DOUBLE) {
1417 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_FLOAT), /* is_intersection */ false);
1418 }
1419 if ((type_mask & MAY_BE_BOOL) == MAY_BE_BOOL) {
1420 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_BOOL), /* is_intersection */ false);
1421 } else if (type_mask & MAY_BE_FALSE) {
1422 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_FALSE), /* is_intersection */ false);
1423 } else if (type_mask & MAY_BE_TRUE) {
1424 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_TRUE), /* is_intersection */ false);
1425 }
1426 if (type_mask & MAY_BE_VOID) {
1427 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_VOID), /* is_intersection */ false);
1428 }
1429 if (type_mask & MAY_BE_NEVER) {
1430 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_NEVER), /* is_intersection */ false);
1431 }
1432
1433 if (type_mask & MAY_BE_NULL) {
1434 bool is_union = !str || memchr(ZSTR_VAL(str), '|', ZSTR_LEN(str)) != NULL;
1435 bool has_intersection = !str || memchr(ZSTR_VAL(str), '&', ZSTR_LEN(str)) != NULL;
1436 if (!is_union && !has_intersection) {
1437 zend_string *nullable_str = zend_string_concat2("?", 1, ZSTR_VAL(str), ZSTR_LEN(str));
1438 zend_string_release(str);
1439 return nullable_str;
1440 }
1441
1442 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_NULL_LOWERCASE), /* is_intersection */ false);
1443 }
1444 return str;
1445 }
1446
zend_type_to_string(zend_type type)1447 ZEND_API zend_string *zend_type_to_string(zend_type type) {
1448 return zend_type_to_string_resolved(type, NULL);
1449 }
1450
is_generator_compatible_class_type(zend_string * name)1451 static bool is_generator_compatible_class_type(zend_string *name) {
1452 return zend_string_equals_ci(name, ZSTR_KNOWN(ZEND_STR_TRAVERSABLE))
1453 || zend_string_equals_literal_ci(name, "Iterator")
1454 || zend_string_equals_literal_ci(name, "Generator");
1455 }
1456
zend_mark_function_as_generator(void)1457 static void zend_mark_function_as_generator(void) /* {{{ */
1458 {
1459 if (!CG(active_op_array)->function_name) {
1460 zend_error_noreturn(E_COMPILE_ERROR,
1461 "The \"yield\" expression can only be used inside a function");
1462 }
1463
1464 if (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
1465 zend_type return_type = CG(active_op_array)->arg_info[-1].type;
1466 bool valid_type = (ZEND_TYPE_FULL_MASK(return_type) & MAY_BE_OBJECT) != 0;
1467 if (!valid_type) {
1468 zend_type *single_type;
1469 ZEND_TYPE_FOREACH(return_type, single_type) {
1470 if (ZEND_TYPE_HAS_NAME(*single_type)
1471 && is_generator_compatible_class_type(ZEND_TYPE_NAME(*single_type))) {
1472 valid_type = 1;
1473 break;
1474 }
1475 } ZEND_TYPE_FOREACH_END();
1476 }
1477
1478 if (!valid_type) {
1479 zend_string *str = zend_type_to_string(return_type);
1480 zend_error_noreturn(E_COMPILE_ERROR,
1481 "Generator return type must be a supertype of Generator, %s given",
1482 ZSTR_VAL(str));
1483 }
1484 }
1485
1486 CG(active_op_array)->fn_flags |= ZEND_ACC_GENERATOR;
1487 }
1488 /* }}} */
1489
zend_mangle_property_name(const char * src1,size_t src1_length,const char * src2,size_t src2_length,bool internal)1490 ZEND_API zend_string *zend_mangle_property_name(const char *src1, size_t src1_length, const char *src2, size_t src2_length, bool internal) /* {{{ */
1491 {
1492 size_t prop_name_length = 1 + src1_length + 1 + src2_length;
1493 zend_string *prop_name = zend_string_alloc(prop_name_length, internal);
1494
1495 ZSTR_VAL(prop_name)[0] = '\0';
1496 memcpy(ZSTR_VAL(prop_name) + 1, src1, src1_length+1);
1497 memcpy(ZSTR_VAL(prop_name) + 1 + src1_length + 1, src2, src2_length+1);
1498 return prop_name;
1499 }
1500 /* }}} */
1501
zend_unmangle_property_name_ex(const zend_string * name,const char ** class_name,const char ** prop_name,size_t * prop_len)1502 ZEND_API zend_result zend_unmangle_property_name_ex(const zend_string *name, const char **class_name, const char **prop_name, size_t *prop_len) /* {{{ */
1503 {
1504 size_t class_name_len;
1505 size_t anonclass_src_len;
1506
1507 *class_name = NULL;
1508
1509 if (!ZSTR_LEN(name) || ZSTR_VAL(name)[0] != '\0') {
1510 *prop_name = ZSTR_VAL(name);
1511 if (prop_len) {
1512 *prop_len = ZSTR_LEN(name);
1513 }
1514 return SUCCESS;
1515 }
1516 if (ZSTR_LEN(name) < 3 || ZSTR_VAL(name)[1] == '\0') {
1517 zend_error(E_NOTICE, "Illegal member variable name");
1518 *prop_name = ZSTR_VAL(name);
1519 if (prop_len) {
1520 *prop_len = ZSTR_LEN(name);
1521 }
1522 return FAILURE;
1523 }
1524
1525 class_name_len = zend_strnlen(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 2);
1526 if (class_name_len >= ZSTR_LEN(name) - 2 || ZSTR_VAL(name)[class_name_len + 1] != '\0') {
1527 zend_error(E_NOTICE, "Corrupt member variable name");
1528 *prop_name = ZSTR_VAL(name);
1529 if (prop_len) {
1530 *prop_len = ZSTR_LEN(name);
1531 }
1532 return FAILURE;
1533 }
1534
1535 *class_name = ZSTR_VAL(name) + 1;
1536 anonclass_src_len = zend_strnlen(*class_name + class_name_len + 1, ZSTR_LEN(name) - class_name_len - 2);
1537 if (class_name_len + anonclass_src_len + 2 != ZSTR_LEN(name)) {
1538 class_name_len += anonclass_src_len + 1;
1539 }
1540 *prop_name = ZSTR_VAL(name) + class_name_len + 2;
1541 if (prop_len) {
1542 *prop_len = ZSTR_LEN(name) - class_name_len - 2;
1543 }
1544 return SUCCESS;
1545 }
1546 /* }}} */
1547
array_is_const_ex(zend_array * array,uint32_t * max_checks)1548 static bool array_is_const_ex(zend_array *array, uint32_t *max_checks)
1549 {
1550 if (zend_hash_num_elements(array) > *max_checks) {
1551 return false;
1552 }
1553 *max_checks -= zend_hash_num_elements(array);
1554
1555 zval *element;
1556 ZEND_HASH_FOREACH_VAL(array, element) {
1557 if (Z_TYPE_P(element) < IS_ARRAY) {
1558 continue;
1559 } else if (Z_TYPE_P(element) == IS_ARRAY) {
1560 if (!array_is_const_ex(array, max_checks)) {
1561 return false;
1562 }
1563 } else {
1564 return false;
1565 }
1566 } ZEND_HASH_FOREACH_END();
1567
1568 return true;
1569 }
1570
array_is_const(zend_array * array)1571 static bool array_is_const(zend_array *array)
1572 {
1573 uint32_t max_checks = 50;
1574 return array_is_const_ex(array, &max_checks);
1575 }
1576
can_ct_eval_const(zend_constant * c)1577 static bool can_ct_eval_const(zend_constant *c) {
1578 if (ZEND_CONSTANT_FLAGS(c) & CONST_DEPRECATED) {
1579 return 0;
1580 }
1581 if ((ZEND_CONSTANT_FLAGS(c) & CONST_PERSISTENT)
1582 && !(CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION)
1583 && !((ZEND_CONSTANT_FLAGS(c) & CONST_NO_FILE_CACHE)
1584 && (CG(compiler_options) & ZEND_COMPILE_WITH_FILE_CACHE))) {
1585 return 1;
1586 }
1587 if (Z_TYPE(c->value) < IS_ARRAY
1588 && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1589 return 1;
1590 } else if (Z_TYPE(c->value) == IS_ARRAY
1591 && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)
1592 && array_is_const(Z_ARR(c->value))) {
1593 return 1;
1594 }
1595 return 0;
1596 }
1597
zend_try_ct_eval_const(zval * zv,zend_string * name,bool is_fully_qualified)1598 static bool zend_try_ct_eval_const(zval *zv, zend_string *name, bool is_fully_qualified) /* {{{ */
1599 {
1600 /* Substitute true, false and null (including unqualified usage in namespaces)
1601 * before looking up the possibly namespaced name. */
1602 const char *lookup_name = ZSTR_VAL(name);
1603 size_t lookup_len = ZSTR_LEN(name);
1604
1605 if (!is_fully_qualified) {
1606 zend_get_unqualified_name(name, &lookup_name, &lookup_len);
1607 }
1608
1609 zend_constant *c;
1610 if ((c = zend_get_special_const(lookup_name, lookup_len))) {
1611 ZVAL_COPY_VALUE(zv, &c->value);
1612 return 1;
1613 }
1614 c = zend_hash_find_ptr(EG(zend_constants), name);
1615 if (c && can_ct_eval_const(c)) {
1616 ZVAL_COPY_OR_DUP(zv, &c->value);
1617 return 1;
1618 }
1619 return 0;
1620 }
1621 /* }}} */
1622
zend_is_scope_known(void)1623 static inline bool zend_is_scope_known(void) /* {{{ */
1624 {
1625 if (!CG(active_op_array)) {
1626 /* This can only happen when evaluating a default value string. */
1627 return 0;
1628 }
1629
1630 if (CG(active_op_array)->fn_flags & ZEND_ACC_CLOSURE) {
1631 /* Closures can be rebound to a different scope */
1632 return 0;
1633 }
1634
1635 if (!CG(active_class_entry)) {
1636 /* The scope is known if we're in a free function (no scope), but not if we're in
1637 * a file/eval (which inherits including/eval'ing scope). */
1638 return CG(active_op_array)->function_name != NULL;
1639 }
1640
1641 /* For traits self etc refers to the using class, not the trait itself */
1642 return (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) == 0;
1643 }
1644 /* }}} */
1645
class_name_refers_to_active_ce(zend_string * class_name,uint32_t fetch_type)1646 static inline bool class_name_refers_to_active_ce(zend_string *class_name, uint32_t fetch_type) /* {{{ */
1647 {
1648 if (!CG(active_class_entry)) {
1649 return 0;
1650 }
1651 if (fetch_type == ZEND_FETCH_CLASS_SELF && zend_is_scope_known()) {
1652 return 1;
1653 }
1654 return fetch_type == ZEND_FETCH_CLASS_DEFAULT
1655 && zend_string_equals_ci(class_name, CG(active_class_entry)->name);
1656 }
1657 /* }}} */
1658
zend_get_class_fetch_type(const zend_string * name)1659 uint32_t zend_get_class_fetch_type(const zend_string *name) /* {{{ */
1660 {
1661 if (zend_string_equals_literal_ci(name, "self")) {
1662 return ZEND_FETCH_CLASS_SELF;
1663 } else if (zend_string_equals_literal_ci(name, "parent")) {
1664 return ZEND_FETCH_CLASS_PARENT;
1665 } else if (zend_string_equals_ci(name, ZSTR_KNOWN(ZEND_STR_STATIC))) {
1666 return ZEND_FETCH_CLASS_STATIC;
1667 } else {
1668 return ZEND_FETCH_CLASS_DEFAULT;
1669 }
1670 }
1671 /* }}} */
1672
zend_get_class_fetch_type_ast(zend_ast * name_ast)1673 static uint32_t zend_get_class_fetch_type_ast(zend_ast *name_ast) /* {{{ */
1674 {
1675 /* Fully qualified names are always default refs */
1676 if (name_ast->attr == ZEND_NAME_FQ) {
1677 return ZEND_FETCH_CLASS_DEFAULT;
1678 }
1679
1680 return zend_get_class_fetch_type(zend_ast_get_str(name_ast));
1681 }
1682 /* }}} */
1683
zend_resolve_const_class_name_reference(zend_ast * ast,const char * type)1684 static zend_string *zend_resolve_const_class_name_reference(zend_ast *ast, const char *type)
1685 {
1686 zend_string *class_name = zend_ast_get_str(ast);
1687 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type_ast(ast)) {
1688 zend_error_noreturn(E_COMPILE_ERROR,
1689 "Cannot use '%s' as %s, as it is reserved",
1690 ZSTR_VAL(class_name), type);
1691 }
1692 return zend_resolve_class_name(class_name, ast->attr);
1693 }
1694
zend_ensure_valid_class_fetch_type(uint32_t fetch_type)1695 static void zend_ensure_valid_class_fetch_type(uint32_t fetch_type) /* {{{ */
1696 {
1697 if (fetch_type != ZEND_FETCH_CLASS_DEFAULT && zend_is_scope_known()) {
1698 zend_class_entry *ce = CG(active_class_entry);
1699 if (!ce) {
1700 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"%s\" when no class scope is active",
1701 fetch_type == ZEND_FETCH_CLASS_SELF ? "self" :
1702 fetch_type == ZEND_FETCH_CLASS_PARENT ? "parent" : "static");
1703 } else if (fetch_type == ZEND_FETCH_CLASS_PARENT && !ce->parent_name) {
1704 zend_error_noreturn(E_COMPILE_ERROR,
1705 "Cannot use \"parent\" when current class scope has no parent");
1706 }
1707 }
1708 }
1709 /* }}} */
1710
zend_try_compile_const_expr_resolve_class_name(zval * zv,zend_ast * class_ast)1711 static bool zend_try_compile_const_expr_resolve_class_name(zval *zv, zend_ast *class_ast) /* {{{ */
1712 {
1713 uint32_t fetch_type;
1714 zval *class_name;
1715
1716 if (class_ast->kind != ZEND_AST_ZVAL) {
1717 return 0;
1718 }
1719
1720 class_name = zend_ast_get_zval(class_ast);
1721
1722 if (Z_TYPE_P(class_name) != IS_STRING) {
1723 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
1724 }
1725
1726 fetch_type = zend_get_class_fetch_type(Z_STR_P(class_name));
1727 zend_ensure_valid_class_fetch_type(fetch_type);
1728
1729 switch (fetch_type) {
1730 case ZEND_FETCH_CLASS_SELF:
1731 if (CG(active_class_entry) && zend_is_scope_known()) {
1732 ZVAL_STR_COPY(zv, CG(active_class_entry)->name);
1733 return 1;
1734 }
1735 return 0;
1736 case ZEND_FETCH_CLASS_PARENT:
1737 if (CG(active_class_entry) && CG(active_class_entry)->parent_name
1738 && zend_is_scope_known()) {
1739 ZVAL_STR_COPY(zv, CG(active_class_entry)->parent_name);
1740 return 1;
1741 }
1742 return 0;
1743 case ZEND_FETCH_CLASS_STATIC:
1744 return 0;
1745 case ZEND_FETCH_CLASS_DEFAULT:
1746 ZVAL_STR(zv, zend_resolve_class_name_ast(class_ast));
1747 return 1;
1748 EMPTY_SWITCH_DEFAULT_CASE()
1749 }
1750 }
1751 /* }}} */
1752
1753 /* We don't use zend_verify_const_access because we need to deal with unlinked classes. */
zend_verify_ct_const_access(zend_class_constant * c,zend_class_entry * scope)1754 static bool zend_verify_ct_const_access(zend_class_constant *c, zend_class_entry *scope)
1755 {
1756 if (ZEND_CLASS_CONST_FLAGS(c) & ZEND_ACC_DEPRECATED) {
1757 return 0;
1758 } else if (c->ce->ce_flags & ZEND_ACC_TRAIT) {
1759 /* This condition is only met on directly accessing trait constants,
1760 * because the ce is replaced to the class entry of the composing class
1761 * on binding. */
1762 return 0;
1763 } else if (ZEND_CLASS_CONST_FLAGS(c) & ZEND_ACC_PUBLIC) {
1764 return 1;
1765 } else if (ZEND_CLASS_CONST_FLAGS(c) & ZEND_ACC_PRIVATE) {
1766 return c->ce == scope;
1767 } else {
1768 zend_class_entry *ce = c->ce;
1769 while (1) {
1770 if (ce == scope) {
1771 return 1;
1772 }
1773 if (!ce->parent) {
1774 break;
1775 }
1776 if (ce->ce_flags & ZEND_ACC_RESOLVED_PARENT) {
1777 ce = ce->parent;
1778 } else {
1779 ce = zend_hash_find_ptr_lc(CG(class_table), ce->parent_name);
1780 if (!ce) {
1781 break;
1782 }
1783 }
1784 }
1785 /* Reverse case cannot be true during compilation */
1786 return 0;
1787 }
1788 }
1789
zend_try_ct_eval_class_const(zval * zv,zend_string * class_name,zend_string * name)1790 static bool zend_try_ct_eval_class_const(zval *zv, zend_string *class_name, zend_string *name) /* {{{ */
1791 {
1792 uint32_t fetch_type = zend_get_class_fetch_type(class_name);
1793 zend_class_constant *cc;
1794 zval *c;
1795
1796 if (class_name_refers_to_active_ce(class_name, fetch_type)) {
1797 cc = zend_hash_find_ptr(&CG(active_class_entry)->constants_table, name);
1798 } else if (fetch_type == ZEND_FETCH_CLASS_DEFAULT && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1799 zend_class_entry *ce = zend_hash_find_ptr_lc(CG(class_table), class_name);
1800 if (ce) {
1801 cc = zend_hash_find_ptr(&ce->constants_table, name);
1802 } else {
1803 return 0;
1804 }
1805 } else {
1806 return 0;
1807 }
1808
1809 if (CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION) {
1810 return 0;
1811 }
1812
1813 if (!cc || !zend_verify_ct_const_access(cc, CG(active_class_entry))) {
1814 return 0;
1815 }
1816
1817 c = &cc->value;
1818
1819 /* Substitute case-sensitive (or lowercase) persistent class constants */
1820 if (Z_TYPE_P(c) < IS_ARRAY) {
1821 ZVAL_COPY_OR_DUP(zv, c);
1822 return 1;
1823 } else if (Z_TYPE_P(c) == IS_ARRAY && array_is_const(Z_ARR_P(c))) {
1824 ZVAL_COPY_OR_DUP(zv, c);
1825 return 1;
1826 }
1827
1828 return 0;
1829 }
1830 /* }}} */
1831
zend_add_to_list(void * result,void * item)1832 static void zend_add_to_list(void *result, void *item) /* {{{ */
1833 {
1834 void** list = *(void**)result;
1835 size_t n = 0;
1836
1837 if (list) {
1838 while (list[n]) {
1839 n++;
1840 }
1841 }
1842
1843 list = erealloc(list, sizeof(void*) * (n+2));
1844
1845 list[n] = item;
1846 list[n+1] = NULL;
1847
1848 *(void**)result = list;
1849 }
1850 /* }}} */
1851
zend_do_extended_stmt(void)1852 static void zend_do_extended_stmt(void) /* {{{ */
1853 {
1854 zend_op *opline;
1855
1856 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_STMT)) {
1857 return;
1858 }
1859
1860 opline = get_next_op();
1861
1862 opline->opcode = ZEND_EXT_STMT;
1863 }
1864 /* }}} */
1865
zend_do_extended_fcall_begin(void)1866 static void zend_do_extended_fcall_begin(void) /* {{{ */
1867 {
1868 zend_op *opline;
1869
1870 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_FCALL)) {
1871 return;
1872 }
1873
1874 opline = get_next_op();
1875
1876 opline->opcode = ZEND_EXT_FCALL_BEGIN;
1877 }
1878 /* }}} */
1879
zend_do_extended_fcall_end(void)1880 static void zend_do_extended_fcall_end(void) /* {{{ */
1881 {
1882 zend_op *opline;
1883
1884 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_FCALL)) {
1885 return;
1886 }
1887
1888 opline = get_next_op();
1889
1890 opline->opcode = ZEND_EXT_FCALL_END;
1891 }
1892 /* }}} */
1893
zend_is_auto_global_str(const char * name,size_t len)1894 ZEND_API bool zend_is_auto_global_str(const char *name, size_t len) /* {{{ */ {
1895 zend_auto_global *auto_global;
1896
1897 if ((auto_global = zend_hash_str_find_ptr(CG(auto_globals), name, len)) != NULL) {
1898 if (auto_global->armed) {
1899 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1900 }
1901 return 1;
1902 }
1903 return 0;
1904 }
1905 /* }}} */
1906
zend_is_auto_global(zend_string * name)1907 ZEND_API bool zend_is_auto_global(zend_string *name) /* {{{ */
1908 {
1909 zend_auto_global *auto_global;
1910
1911 if ((auto_global = zend_hash_find_ptr(CG(auto_globals), name)) != NULL) {
1912 if (auto_global->armed) {
1913 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1914 }
1915 return 1;
1916 }
1917 return 0;
1918 }
1919 /* }}} */
1920
zend_register_auto_global(zend_string * name,bool jit,zend_auto_global_callback auto_global_callback)1921 ZEND_API zend_result zend_register_auto_global(zend_string *name, bool jit, zend_auto_global_callback auto_global_callback) /* {{{ */
1922 {
1923 zend_auto_global auto_global;
1924 zend_result retval;
1925
1926 auto_global.name = name;
1927 auto_global.auto_global_callback = auto_global_callback;
1928 auto_global.jit = jit;
1929
1930 retval = zend_hash_add_mem(CG(auto_globals), auto_global.name, &auto_global, sizeof(zend_auto_global)) != NULL ? SUCCESS : FAILURE;
1931
1932 return retval;
1933 }
1934 /* }}} */
1935
zend_activate_auto_globals(void)1936 ZEND_API void zend_activate_auto_globals(void) /* {{{ */
1937 {
1938 zend_auto_global *auto_global;
1939
1940 ZEND_HASH_MAP_FOREACH_PTR(CG(auto_globals), auto_global) {
1941 if (auto_global->jit) {
1942 auto_global->armed = 1;
1943 } else if (auto_global->auto_global_callback) {
1944 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1945 } else {
1946 auto_global->armed = 0;
1947 }
1948 } ZEND_HASH_FOREACH_END();
1949 }
1950 /* }}} */
1951
zendlex(zend_parser_stack_elem * elem)1952 int ZEND_FASTCALL zendlex(zend_parser_stack_elem *elem) /* {{{ */
1953 {
1954 zval zv;
1955 int ret;
1956
1957 if (CG(increment_lineno)) {
1958 CG(zend_lineno)++;
1959 CG(increment_lineno) = 0;
1960 }
1961
1962 ret = lex_scan(&zv, elem);
1963 ZEND_ASSERT(!EG(exception) || ret == T_ERROR);
1964 return ret;
1965
1966 }
1967 /* }}} */
1968
zend_initialize_class_data(zend_class_entry * ce,bool nullify_handlers)1969 ZEND_API void zend_initialize_class_data(zend_class_entry *ce, bool nullify_handlers) /* {{{ */
1970 {
1971 bool persistent_hashes = ce->type == ZEND_INTERNAL_CLASS;
1972
1973 ce->refcount = 1;
1974 ce->ce_flags = ZEND_ACC_CONSTANTS_UPDATED;
1975
1976 if (CG(compiler_options) & ZEND_COMPILE_GUARDS) {
1977 ce->ce_flags |= ZEND_ACC_USE_GUARDS;
1978 }
1979
1980 ce->default_properties_table = NULL;
1981 ce->default_static_members_table = NULL;
1982 zend_hash_init(&ce->properties_info, 8, NULL, NULL, persistent_hashes);
1983 zend_hash_init(&ce->constants_table, 8, NULL, NULL, persistent_hashes);
1984 zend_hash_init(&ce->function_table, 8, NULL, ZEND_FUNCTION_DTOR, persistent_hashes);
1985
1986 if (ce->type == ZEND_USER_CLASS) {
1987 ce->info.user.doc_comment = NULL;
1988 }
1989 ZEND_MAP_PTR_INIT(ce->static_members_table, NULL);
1990 ZEND_MAP_PTR_INIT(ce->mutable_data, NULL);
1991
1992 ce->default_object_handlers = &std_object_handlers;
1993 ce->default_properties_count = 0;
1994 ce->default_static_members_count = 0;
1995 ce->properties_info_table = NULL;
1996 ce->attributes = NULL;
1997 ce->enum_backing_type = IS_UNDEF;
1998 ce->backed_enum_table = NULL;
1999
2000 if (nullify_handlers) {
2001 ce->constructor = NULL;
2002 ce->destructor = NULL;
2003 ce->clone = NULL;
2004 ce->__get = NULL;
2005 ce->__set = NULL;
2006 ce->__unset = NULL;
2007 ce->__isset = NULL;
2008 ce->__call = NULL;
2009 ce->__callstatic = NULL;
2010 ce->__tostring = NULL;
2011 ce->__serialize = NULL;
2012 ce->__unserialize = NULL;
2013 ce->__debugInfo = NULL;
2014 ce->create_object = NULL;
2015 ce->get_iterator = NULL;
2016 ce->iterator_funcs_ptr = NULL;
2017 ce->arrayaccess_funcs_ptr = NULL;
2018 ce->get_static_method = NULL;
2019 ce->parent = NULL;
2020 ce->parent_name = NULL;
2021 ce->num_interfaces = 0;
2022 ce->interfaces = NULL;
2023 ce->num_traits = 0;
2024 ce->trait_names = NULL;
2025 ce->trait_aliases = NULL;
2026 ce->trait_precedences = NULL;
2027 ce->serialize = NULL;
2028 ce->unserialize = NULL;
2029 if (ce->type == ZEND_INTERNAL_CLASS) {
2030 ce->info.internal.module = NULL;
2031 ce->info.internal.builtin_functions = NULL;
2032 }
2033 }
2034 }
2035 /* }}} */
2036
zend_get_compiled_variable_name(const zend_op_array * op_array,uint32_t var)2037 ZEND_API zend_string *zend_get_compiled_variable_name(const zend_op_array *op_array, uint32_t var) /* {{{ */
2038 {
2039 return op_array->vars[EX_VAR_TO_NUM(var)];
2040 }
2041 /* }}} */
2042
zend_ast_append_str(zend_ast * left_ast,zend_ast * right_ast)2043 zend_ast *zend_ast_append_str(zend_ast *left_ast, zend_ast *right_ast) /* {{{ */
2044 {
2045 zval *left_zv = zend_ast_get_zval(left_ast);
2046 zend_string *left = Z_STR_P(left_zv);
2047 zend_string *right = zend_ast_get_str(right_ast);
2048
2049 zend_string *result;
2050 size_t left_len = ZSTR_LEN(left);
2051 size_t len = left_len + ZSTR_LEN(right) + 1; /* left\right */
2052
2053 result = zend_string_extend(left, len, 0);
2054 ZSTR_VAL(result)[left_len] = '\\';
2055 memcpy(&ZSTR_VAL(result)[left_len + 1], ZSTR_VAL(right), ZSTR_LEN(right));
2056 ZSTR_VAL(result)[len] = '\0';
2057 zend_string_release_ex(right, 0);
2058
2059 ZVAL_STR(left_zv, result);
2060 return left_ast;
2061 }
2062 /* }}} */
2063
zend_negate_num_string(zend_ast * ast)2064 zend_ast *zend_negate_num_string(zend_ast *ast) /* {{{ */
2065 {
2066 zval *zv = zend_ast_get_zval(ast);
2067 if (Z_TYPE_P(zv) == IS_LONG) {
2068 if (Z_LVAL_P(zv) == 0) {
2069 ZVAL_NEW_STR(zv, ZSTR_INIT_LITERAL("-0", 0));
2070 } else {
2071 ZEND_ASSERT(Z_LVAL_P(zv) > 0);
2072 Z_LVAL_P(zv) *= -1;
2073 }
2074 } else if (Z_TYPE_P(zv) == IS_STRING) {
2075 size_t orig_len = Z_STRLEN_P(zv);
2076 Z_STR_P(zv) = zend_string_extend(Z_STR_P(zv), orig_len + 1, 0);
2077 memmove(Z_STRVAL_P(zv) + 1, Z_STRVAL_P(zv), orig_len + 1);
2078 Z_STRVAL_P(zv)[0] = '-';
2079 } else {
2080 ZEND_UNREACHABLE();
2081 }
2082 return ast;
2083 }
2084 /* }}} */
2085
zend_verify_namespace(void)2086 static void zend_verify_namespace(void) /* {{{ */
2087 {
2088 if (FC(has_bracketed_namespaces) && !FC(in_namespace)) {
2089 zend_error_noreturn(E_COMPILE_ERROR, "No code may exist outside of namespace {}");
2090 }
2091 }
2092 /* }}} */
2093
2094 /* {{{ zend_dirname
2095 Returns directory name component of path */
zend_dirname(char * path,size_t len)2096 ZEND_API size_t zend_dirname(char *path, size_t len)
2097 {
2098 char *end = path + len - 1;
2099 unsigned int len_adjust = 0;
2100
2101 #ifdef ZEND_WIN32
2102 /* Note that on Win32 CWD is per drive (heritage from CP/M).
2103 * This means dirname("c:foo") maps to "c:." or "c:" - which means CWD on C: drive.
2104 */
2105 if ((2 <= len) && isalpha((int)((unsigned char *)path)[0]) && (':' == path[1])) {
2106 /* Skip over the drive spec (if any) so as not to change */
2107 path += 2;
2108 len_adjust += 2;
2109 if (2 == len) {
2110 /* Return "c:" on Win32 for dirname("c:").
2111 * It would be more consistent to return "c:."
2112 * but that would require making the string *longer*.
2113 */
2114 return len;
2115 }
2116 }
2117 #endif
2118
2119 if (len == 0) {
2120 /* Illegal use of this function */
2121 return 0;
2122 }
2123
2124 /* Strip trailing slashes */
2125 while (end >= path && IS_SLASH_P(end)) {
2126 end--;
2127 }
2128 if (end < path) {
2129 /* The path only contained slashes */
2130 path[0] = DEFAULT_SLASH;
2131 path[1] = '\0';
2132 return 1 + len_adjust;
2133 }
2134
2135 /* Strip filename */
2136 while (end >= path && !IS_SLASH_P(end)) {
2137 end--;
2138 }
2139 if (end < path) {
2140 /* No slash found, therefore return '.' */
2141 path[0] = '.';
2142 path[1] = '\0';
2143 return 1 + len_adjust;
2144 }
2145
2146 /* Strip slashes which came before the file name */
2147 while (end >= path && IS_SLASH_P(end)) {
2148 end--;
2149 }
2150 if (end < path) {
2151 path[0] = DEFAULT_SLASH;
2152 path[1] = '\0';
2153 return 1 + len_adjust;
2154 }
2155 *(end+1) = '\0';
2156
2157 return (size_t)(end + 1 - path) + len_adjust;
2158 }
2159 /* }}} */
2160
zend_adjust_for_fetch_type(zend_op * opline,znode * result,uint32_t type)2161 static void zend_adjust_for_fetch_type(zend_op *opline, znode *result, uint32_t type) /* {{{ */
2162 {
2163 uint_fast8_t factor = (opline->opcode == ZEND_FETCH_STATIC_PROP_R) ? 1 : 3;
2164
2165 switch (type) {
2166 case BP_VAR_R:
2167 opline->result_type = IS_TMP_VAR;
2168 result->op_type = IS_TMP_VAR;
2169 return;
2170 case BP_VAR_W:
2171 opline->opcode += 1 * factor;
2172 return;
2173 case BP_VAR_RW:
2174 opline->opcode += 2 * factor;
2175 return;
2176 case BP_VAR_IS:
2177 opline->result_type = IS_TMP_VAR;
2178 result->op_type = IS_TMP_VAR;
2179 opline->opcode += 3 * factor;
2180 return;
2181 case BP_VAR_FUNC_ARG:
2182 opline->opcode += 4 * factor;
2183 return;
2184 case BP_VAR_UNSET:
2185 opline->opcode += 5 * factor;
2186 return;
2187 EMPTY_SWITCH_DEFAULT_CASE()
2188 }
2189 }
2190 /* }}} */
2191
zend_make_var_result(znode * result,zend_op * opline)2192 static inline void zend_make_var_result(znode *result, zend_op *opline) /* {{{ */
2193 {
2194 opline->result_type = IS_VAR;
2195 opline->result.var = get_temporary_variable();
2196 GET_NODE(result, opline->result);
2197 }
2198 /* }}} */
2199
zend_make_tmp_result(znode * result,zend_op * opline)2200 static inline void zend_make_tmp_result(znode *result, zend_op *opline) /* {{{ */
2201 {
2202 opline->result_type = IS_TMP_VAR;
2203 opline->result.var = get_temporary_variable();
2204 GET_NODE(result, opline->result);
2205 }
2206 /* }}} */
2207
zend_emit_op(znode * result,uint8_t opcode,znode * op1,znode * op2)2208 static zend_op *zend_emit_op(znode *result, uint8_t opcode, znode *op1, znode *op2) /* {{{ */
2209 {
2210 zend_op *opline = get_next_op();
2211 opline->opcode = opcode;
2212
2213 if (op1 != NULL) {
2214 SET_NODE(opline->op1, op1);
2215 }
2216
2217 if (op2 != NULL) {
2218 SET_NODE(opline->op2, op2);
2219 }
2220
2221 if (result) {
2222 zend_make_var_result(result, opline);
2223 }
2224 return opline;
2225 }
2226 /* }}} */
2227
zend_emit_op_tmp(znode * result,uint8_t opcode,znode * op1,znode * op2)2228 static zend_op *zend_emit_op_tmp(znode *result, uint8_t opcode, znode *op1, znode *op2) /* {{{ */
2229 {
2230 zend_op *opline = get_next_op();
2231 opline->opcode = opcode;
2232
2233 if (op1 != NULL) {
2234 SET_NODE(opline->op1, op1);
2235 }
2236
2237 if (op2 != NULL) {
2238 SET_NODE(opline->op2, op2);
2239 }
2240
2241 if (result) {
2242 zend_make_tmp_result(result, opline);
2243 }
2244
2245 return opline;
2246 }
2247 /* }}} */
2248
zend_emit_tick(void)2249 static void zend_emit_tick(void) /* {{{ */
2250 {
2251 zend_op *opline;
2252
2253 /* This prevents a double TICK generated by the parser statement of "declare()" */
2254 if (CG(active_op_array)->last && CG(active_op_array)->opcodes[CG(active_op_array)->last - 1].opcode == ZEND_TICKS) {
2255 return;
2256 }
2257
2258 opline = get_next_op();
2259
2260 opline->opcode = ZEND_TICKS;
2261 opline->extended_value = FC(declarables).ticks;
2262 }
2263 /* }}} */
2264
zend_emit_op_data(znode * value)2265 static inline zend_op *zend_emit_op_data(znode *value) /* {{{ */
2266 {
2267 return zend_emit_op(NULL, ZEND_OP_DATA, value, NULL);
2268 }
2269 /* }}} */
2270
zend_emit_jump(uint32_t opnum_target)2271 static inline uint32_t zend_emit_jump(uint32_t opnum_target) /* {{{ */
2272 {
2273 uint32_t opnum = get_next_op_number();
2274 zend_op *opline = zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
2275 opline->op1.opline_num = opnum_target;
2276 return opnum;
2277 }
2278 /* }}} */
2279
zend_is_smart_branch(const zend_op * opline)2280 ZEND_API bool zend_is_smart_branch(const zend_op *opline) /* {{{ */
2281 {
2282 switch (opline->opcode) {
2283 case ZEND_IS_IDENTICAL:
2284 case ZEND_IS_NOT_IDENTICAL:
2285 case ZEND_IS_EQUAL:
2286 case ZEND_IS_NOT_EQUAL:
2287 case ZEND_IS_SMALLER:
2288 case ZEND_IS_SMALLER_OR_EQUAL:
2289 case ZEND_CASE:
2290 case ZEND_CASE_STRICT:
2291 case ZEND_ISSET_ISEMPTY_CV:
2292 case ZEND_ISSET_ISEMPTY_VAR:
2293 case ZEND_ISSET_ISEMPTY_DIM_OBJ:
2294 case ZEND_ISSET_ISEMPTY_PROP_OBJ:
2295 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
2296 case ZEND_INSTANCEOF:
2297 case ZEND_TYPE_CHECK:
2298 case ZEND_DEFINED:
2299 case ZEND_IN_ARRAY:
2300 case ZEND_ARRAY_KEY_EXISTS:
2301 return 1;
2302 default:
2303 return 0;
2304 }
2305 }
2306 /* }}} */
2307
zend_emit_cond_jump(uint8_t opcode,znode * cond,uint32_t opnum_target)2308 static inline uint32_t zend_emit_cond_jump(uint8_t opcode, znode *cond, uint32_t opnum_target) /* {{{ */
2309 {
2310 uint32_t opnum = get_next_op_number();
2311 zend_op *opline;
2312
2313 if (cond->op_type == IS_TMP_VAR && opnum > 0) {
2314 opline = CG(active_op_array)->opcodes + opnum - 1;
2315 if (opline->result_type == IS_TMP_VAR
2316 && opline->result.var == cond->u.op.var
2317 && zend_is_smart_branch(opline)) {
2318 if (opcode == ZEND_JMPZ) {
2319 opline->result_type = IS_TMP_VAR | IS_SMART_BRANCH_JMPZ;
2320 } else {
2321 ZEND_ASSERT(opcode == ZEND_JMPNZ);
2322 opline->result_type = IS_TMP_VAR | IS_SMART_BRANCH_JMPNZ;
2323 }
2324 }
2325 }
2326 opline = zend_emit_op(NULL, opcode, cond, NULL);
2327 opline->op2.opline_num = opnum_target;
2328 return opnum;
2329 }
2330 /* }}} */
2331
zend_update_jump_target(uint32_t opnum_jump,uint32_t opnum_target)2332 static inline void zend_update_jump_target(uint32_t opnum_jump, uint32_t opnum_target) /* {{{ */
2333 {
2334 zend_op *opline = &CG(active_op_array)->opcodes[opnum_jump];
2335 switch (opline->opcode) {
2336 case ZEND_JMP:
2337 opline->op1.opline_num = opnum_target;
2338 break;
2339 case ZEND_JMPZ:
2340 case ZEND_JMPNZ:
2341 case ZEND_JMPZ_EX:
2342 case ZEND_JMPNZ_EX:
2343 case ZEND_JMP_SET:
2344 case ZEND_COALESCE:
2345 case ZEND_JMP_NULL:
2346 case ZEND_BIND_INIT_STATIC_OR_JMP:
2347 opline->op2.opline_num = opnum_target;
2348 break;
2349 EMPTY_SWITCH_DEFAULT_CASE()
2350 }
2351 }
2352 /* }}} */
2353
zend_update_jump_target_to_next(uint32_t opnum_jump)2354 static inline void zend_update_jump_target_to_next(uint32_t opnum_jump) /* {{{ */
2355 {
2356 zend_update_jump_target(opnum_jump, get_next_op_number());
2357 }
2358 /* }}} */
2359
zend_delayed_emit_op(znode * result,uint8_t opcode,znode * op1,znode * op2)2360 static inline zend_op *zend_delayed_emit_op(znode *result, uint8_t opcode, znode *op1, znode *op2) /* {{{ */
2361 {
2362 zend_op tmp_opline;
2363
2364 init_op(&tmp_opline);
2365
2366 tmp_opline.opcode = opcode;
2367 if (op1 != NULL) {
2368 SET_NODE(tmp_opline.op1, op1);
2369 }
2370 if (op2 != NULL) {
2371 SET_NODE(tmp_opline.op2, op2);
2372 }
2373 if (result) {
2374 zend_make_var_result(result, &tmp_opline);
2375 }
2376
2377 zend_stack_push(&CG(delayed_oplines_stack), &tmp_opline);
2378 return zend_stack_top(&CG(delayed_oplines_stack));
2379 }
2380 /* }}} */
2381
zend_delayed_compile_begin(void)2382 static inline uint32_t zend_delayed_compile_begin(void) /* {{{ */
2383 {
2384 return zend_stack_count(&CG(delayed_oplines_stack));
2385 }
2386 /* }}} */
2387
zend_delayed_compile_end(uint32_t offset)2388 static zend_op *zend_delayed_compile_end(uint32_t offset) /* {{{ */
2389 {
2390 zend_op *opline = NULL, *oplines = zend_stack_base(&CG(delayed_oplines_stack));
2391 uint32_t i, count = zend_stack_count(&CG(delayed_oplines_stack));
2392
2393 ZEND_ASSERT(count >= offset);
2394 for (i = offset; i < count; ++i) {
2395 if (EXPECTED(oplines[i].opcode != ZEND_NOP)) {
2396 opline = get_next_op();
2397 memcpy(opline, &oplines[i], sizeof(zend_op));
2398 } else {
2399 opline = CG(active_op_array)->opcodes + oplines[i].extended_value;
2400 }
2401 }
2402
2403 CG(delayed_oplines_stack).top = offset;
2404 return opline;
2405 }
2406 /* }}} */
2407
zend_ast_kind_is_short_circuited(zend_ast_kind ast_kind)2408 static bool zend_ast_kind_is_short_circuited(zend_ast_kind ast_kind)
2409 {
2410 switch (ast_kind) {
2411 case ZEND_AST_DIM:
2412 case ZEND_AST_PROP:
2413 case ZEND_AST_NULLSAFE_PROP:
2414 case ZEND_AST_STATIC_PROP:
2415 case ZEND_AST_METHOD_CALL:
2416 case ZEND_AST_NULLSAFE_METHOD_CALL:
2417 case ZEND_AST_STATIC_CALL:
2418 return 1;
2419 default:
2420 return 0;
2421 }
2422 }
2423
zend_ast_is_short_circuited(const zend_ast * ast)2424 static bool zend_ast_is_short_circuited(const zend_ast *ast)
2425 {
2426 switch (ast->kind) {
2427 case ZEND_AST_DIM:
2428 case ZEND_AST_PROP:
2429 case ZEND_AST_STATIC_PROP:
2430 case ZEND_AST_METHOD_CALL:
2431 case ZEND_AST_STATIC_CALL:
2432 return zend_ast_is_short_circuited(ast->child[0]);
2433 case ZEND_AST_NULLSAFE_PROP:
2434 case ZEND_AST_NULLSAFE_METHOD_CALL:
2435 return 1;
2436 default:
2437 return 0;
2438 }
2439 }
2440
zend_assert_not_short_circuited(const zend_ast * ast)2441 static void zend_assert_not_short_circuited(const zend_ast *ast)
2442 {
2443 if (zend_ast_is_short_circuited(ast)) {
2444 zend_error_noreturn(E_COMPILE_ERROR, "Cannot take reference of a nullsafe chain");
2445 }
2446 }
2447
2448 /* Mark nodes that are an inner part of a short-circuiting chain.
2449 * We should not perform a "commit" on them, as it will be performed by the outer-most node.
2450 * We do this to avoid passing down an argument in various compile functions. */
2451
2452 #define ZEND_SHORT_CIRCUITING_INNER 0x8000
2453
zend_short_circuiting_mark_inner(zend_ast * ast)2454 static void zend_short_circuiting_mark_inner(zend_ast *ast) {
2455 if (zend_ast_kind_is_short_circuited(ast->kind)) {
2456 ast->attr |= ZEND_SHORT_CIRCUITING_INNER;
2457 }
2458 }
2459
zend_short_circuiting_checkpoint(void)2460 static uint32_t zend_short_circuiting_checkpoint(void)
2461 {
2462 return zend_stack_count(&CG(short_circuiting_opnums));
2463 }
2464
zend_short_circuiting_commit(uint32_t checkpoint,znode * result,zend_ast * ast)2465 static void zend_short_circuiting_commit(uint32_t checkpoint, znode *result, zend_ast *ast)
2466 {
2467 bool is_short_circuited = zend_ast_kind_is_short_circuited(ast->kind)
2468 || ast->kind == ZEND_AST_ISSET || ast->kind == ZEND_AST_EMPTY;
2469 if (!is_short_circuited) {
2470 ZEND_ASSERT(zend_stack_count(&CG(short_circuiting_opnums)) == checkpoint
2471 && "Short circuiting stack should be empty");
2472 return;
2473 }
2474
2475 if (ast->attr & ZEND_SHORT_CIRCUITING_INNER) {
2476 /* Outer-most node will commit. */
2477 return;
2478 }
2479
2480 while (zend_stack_count(&CG(short_circuiting_opnums)) != checkpoint) {
2481 uint32_t opnum = *(uint32_t *) zend_stack_top(&CG(short_circuiting_opnums));
2482 zend_op *opline = &CG(active_op_array)->opcodes[opnum];
2483 opline->op2.opline_num = get_next_op_number();
2484 SET_NODE(opline->result, result);
2485 opline->extended_value |=
2486 ast->kind == ZEND_AST_ISSET ? ZEND_SHORT_CIRCUITING_CHAIN_ISSET :
2487 ast->kind == ZEND_AST_EMPTY ? ZEND_SHORT_CIRCUITING_CHAIN_EMPTY :
2488 ZEND_SHORT_CIRCUITING_CHAIN_EXPR;
2489 zend_stack_del_top(&CG(short_circuiting_opnums));
2490 }
2491 }
2492
zend_emit_jmp_null(znode * obj_node,uint32_t bp_type)2493 static void zend_emit_jmp_null(znode *obj_node, uint32_t bp_type)
2494 {
2495 uint32_t jmp_null_opnum = get_next_op_number();
2496 zend_op *opline = zend_emit_op(NULL, ZEND_JMP_NULL, obj_node, NULL);
2497 if (opline->op1_type == IS_CONST) {
2498 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
2499 }
2500 if (bp_type == BP_VAR_IS) {
2501 opline->extended_value |= ZEND_JMP_NULL_BP_VAR_IS;
2502 }
2503 zend_stack_push(&CG(short_circuiting_opnums), &jmp_null_opnum);
2504 }
2505
zend_compile_memoized_expr(znode * result,zend_ast * expr)2506 static void zend_compile_memoized_expr(znode *result, zend_ast *expr) /* {{{ */
2507 {
2508 const zend_memoize_mode memoize_mode = CG(memoize_mode);
2509 if (memoize_mode == ZEND_MEMOIZE_COMPILE) {
2510 znode memoized_result;
2511
2512 /* Go through normal compilation */
2513 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
2514 zend_compile_expr(result, expr);
2515 CG(memoize_mode) = ZEND_MEMOIZE_COMPILE;
2516
2517 if (result->op_type == IS_VAR) {
2518 zend_emit_op(&memoized_result, ZEND_COPY_TMP, result, NULL);
2519 } else if (result->op_type == IS_TMP_VAR) {
2520 zend_emit_op_tmp(&memoized_result, ZEND_COPY_TMP, result, NULL);
2521 } else {
2522 if (result->op_type == IS_CONST) {
2523 Z_TRY_ADDREF(result->u.constant);
2524 }
2525 memoized_result = *result;
2526 }
2527
2528 zend_hash_index_update_mem(
2529 CG(memoized_exprs), (uintptr_t) expr, &memoized_result, sizeof(znode));
2530 } else if (memoize_mode == ZEND_MEMOIZE_FETCH) {
2531 znode *memoized_result = zend_hash_index_find_ptr(CG(memoized_exprs), (uintptr_t) expr);
2532 *result = *memoized_result;
2533 if (result->op_type == IS_CONST) {
2534 Z_TRY_ADDREF(result->u.constant);
2535 }
2536 } else {
2537 ZEND_UNREACHABLE();
2538 }
2539 }
2540 /* }}} */
2541
2542 /* Remember to update type_num_classes() in compact_literals.c when changing this function */
zend_type_get_num_classes(zend_type type)2543 static size_t zend_type_get_num_classes(zend_type type) {
2544 if (!ZEND_TYPE_IS_COMPLEX(type)) {
2545 return 0;
2546 }
2547 if (ZEND_TYPE_HAS_LIST(type)) {
2548 /* Intersection types cannot have nested list types */
2549 if (ZEND_TYPE_IS_INTERSECTION(type)) {
2550 return ZEND_TYPE_LIST(type)->num_types;
2551 }
2552 ZEND_ASSERT(ZEND_TYPE_IS_UNION(type));
2553 size_t count = 0;
2554 zend_type *list_type;
2555
2556 ZEND_TYPE_LIST_FOREACH(ZEND_TYPE_LIST(type), list_type) {
2557 if (ZEND_TYPE_IS_INTERSECTION(*list_type)) {
2558 count += ZEND_TYPE_LIST(*list_type)->num_types;
2559 } else {
2560 ZEND_ASSERT(!ZEND_TYPE_HAS_LIST(*list_type));
2561 count += 1;
2562 }
2563 } ZEND_TYPE_LIST_FOREACH_END();
2564 return count;
2565 }
2566 return 1;
2567 }
2568
zend_emit_return_type_check(znode * expr,zend_arg_info * return_info,bool implicit)2569 static void zend_emit_return_type_check(
2570 znode *expr, zend_arg_info *return_info, bool implicit) /* {{{ */
2571 {
2572 zend_type type = return_info->type;
2573 if (ZEND_TYPE_IS_SET(type)) {
2574 zend_op *opline;
2575
2576 /* `return ...;` is illegal in a void function (but `return;` isn't) */
2577 if (ZEND_TYPE_CONTAINS_CODE(type, IS_VOID)) {
2578 if (expr) {
2579 if (expr->op_type == IS_CONST && Z_TYPE(expr->u.constant) == IS_NULL) {
2580 zend_error_noreturn(E_COMPILE_ERROR,
2581 "A void function must not return a value "
2582 "(did you mean \"return;\" instead of \"return null;\"?)");
2583 } else {
2584 zend_error_noreturn(E_COMPILE_ERROR, "A void function must not return a value");
2585 }
2586 }
2587 /* we don't need run-time check */
2588 return;
2589 }
2590
2591 /* `return` is illegal in a never-returning function */
2592 if (ZEND_TYPE_CONTAINS_CODE(type, IS_NEVER)) {
2593 /* Implicit case handled separately using VERIFY_NEVER_TYPE opcode. */
2594 ZEND_ASSERT(!implicit);
2595 zend_error_noreturn(E_COMPILE_ERROR, "A never-returning function must not return");
2596 return;
2597 }
2598
2599 if (!expr && !implicit) {
2600 if (ZEND_TYPE_ALLOW_NULL(type)) {
2601 zend_error_noreturn(E_COMPILE_ERROR,
2602 "A function with return type must return a value "
2603 "(did you mean \"return null;\" instead of \"return;\"?)");
2604 } else {
2605 zend_error_noreturn(E_COMPILE_ERROR,
2606 "A function with return type must return a value");
2607 }
2608 }
2609
2610 if (expr && ZEND_TYPE_PURE_MASK(type) == MAY_BE_ANY) {
2611 /* we don't need run-time check for mixed return type */
2612 return;
2613 }
2614
2615 if (expr && expr->op_type == IS_CONST && ZEND_TYPE_CONTAINS_CODE(type, Z_TYPE(expr->u.constant))) {
2616 /* we don't need run-time check */
2617 return;
2618 }
2619
2620 opline = zend_emit_op(NULL, ZEND_VERIFY_RETURN_TYPE, expr, NULL);
2621 if (expr && expr->op_type == IS_CONST) {
2622 opline->result_type = expr->op_type = IS_TMP_VAR;
2623 opline->result.var = expr->u.op.var = get_temporary_variable();
2624 }
2625
2626 opline->op2.num = zend_alloc_cache_slots(zend_type_get_num_classes(return_info->type));
2627 }
2628 }
2629 /* }}} */
2630
zend_emit_final_return(bool return_one)2631 void zend_emit_final_return(bool return_one) /* {{{ */
2632 {
2633 znode zn;
2634 zend_op *ret;
2635 bool returns_reference = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
2636
2637 if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE)
2638 && !(CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR)) {
2639 zend_arg_info *return_info = CG(active_op_array)->arg_info - 1;
2640
2641 if (ZEND_TYPE_CONTAINS_CODE(return_info->type, IS_NEVER)) {
2642 zend_emit_op(NULL, ZEND_VERIFY_NEVER_TYPE, NULL, NULL);
2643 return;
2644 }
2645
2646 zend_emit_return_type_check(NULL, return_info, 1);
2647 }
2648
2649 zn.op_type = IS_CONST;
2650 if (return_one) {
2651 ZVAL_LONG(&zn.u.constant, 1);
2652 } else {
2653 ZVAL_NULL(&zn.u.constant);
2654 }
2655
2656 ret = zend_emit_op(NULL, returns_reference ? ZEND_RETURN_BY_REF : ZEND_RETURN, &zn, NULL);
2657 ret->extended_value = -1;
2658 }
2659 /* }}} */
2660
zend_is_variable(zend_ast * ast)2661 static inline bool zend_is_variable(zend_ast *ast) /* {{{ */
2662 {
2663 return ast->kind == ZEND_AST_VAR
2664 || ast->kind == ZEND_AST_DIM
2665 || ast->kind == ZEND_AST_PROP
2666 || ast->kind == ZEND_AST_NULLSAFE_PROP
2667 || ast->kind == ZEND_AST_STATIC_PROP;
2668 }
2669 /* }}} */
2670
zend_is_call(zend_ast * ast)2671 static inline bool zend_is_call(zend_ast *ast) /* {{{ */
2672 {
2673 return ast->kind == ZEND_AST_CALL
2674 || ast->kind == ZEND_AST_METHOD_CALL
2675 || ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL
2676 || ast->kind == ZEND_AST_STATIC_CALL;
2677 }
2678 /* }}} */
2679
zend_is_variable_or_call(zend_ast * ast)2680 static inline bool zend_is_variable_or_call(zend_ast *ast) /* {{{ */
2681 {
2682 return zend_is_variable(ast) || zend_is_call(ast);
2683 }
2684 /* }}} */
2685
zend_is_unticked_stmt(zend_ast * ast)2686 static inline bool zend_is_unticked_stmt(zend_ast *ast) /* {{{ */
2687 {
2688 return ast->kind == ZEND_AST_STMT_LIST || ast->kind == ZEND_AST_LABEL
2689 || ast->kind == ZEND_AST_PROP_DECL || ast->kind == ZEND_AST_CLASS_CONST_GROUP
2690 || ast->kind == ZEND_AST_USE_TRAIT || ast->kind == ZEND_AST_METHOD;
2691 }
2692 /* }}} */
2693
zend_can_write_to_variable(zend_ast * ast)2694 static inline bool zend_can_write_to_variable(zend_ast *ast) /* {{{ */
2695 {
2696 while (
2697 ast->kind == ZEND_AST_DIM
2698 || ast->kind == ZEND_AST_PROP
2699 ) {
2700 ast = ast->child[0];
2701 }
2702
2703 return zend_is_variable_or_call(ast) && !zend_ast_is_short_circuited(ast);
2704 }
2705 /* }}} */
2706
zend_is_const_default_class_ref(zend_ast * name_ast)2707 static inline bool zend_is_const_default_class_ref(zend_ast *name_ast) /* {{{ */
2708 {
2709 if (name_ast->kind != ZEND_AST_ZVAL) {
2710 return 0;
2711 }
2712
2713 return ZEND_FETCH_CLASS_DEFAULT == zend_get_class_fetch_type_ast(name_ast);
2714 }
2715 /* }}} */
2716
zend_handle_numeric_op(znode * node)2717 static inline void zend_handle_numeric_op(znode *node) /* {{{ */
2718 {
2719 if (node->op_type == IS_CONST && Z_TYPE(node->u.constant) == IS_STRING) {
2720 zend_ulong index;
2721
2722 if (ZEND_HANDLE_NUMERIC(Z_STR(node->u.constant), index)) {
2723 zval_ptr_dtor(&node->u.constant);
2724 ZVAL_LONG(&node->u.constant, index);
2725 }
2726 }
2727 }
2728 /* }}} */
2729
zend_handle_numeric_dim(zend_op * opline,znode * dim_node)2730 static inline void zend_handle_numeric_dim(zend_op *opline, znode *dim_node) /* {{{ */
2731 {
2732 if (Z_TYPE(dim_node->u.constant) == IS_STRING) {
2733 zend_ulong index;
2734
2735 if (ZEND_HANDLE_NUMERIC(Z_STR(dim_node->u.constant), index)) {
2736 /* For numeric indexes we also keep the original value to use by ArrayAccess
2737 * See bug #63217
2738 */
2739 int c = zend_add_literal(&dim_node->u.constant);
2740 ZEND_ASSERT(opline->op2.constant + 1 == c);
2741 ZVAL_LONG(CT_CONSTANT(opline->op2), index);
2742 Z_EXTRA_P(CT_CONSTANT(opline->op2)) = ZEND_EXTRA_VALUE;
2743 return;
2744 }
2745 }
2746 }
2747 /* }}} */
2748
zend_set_class_name_op1(zend_op * opline,znode * class_node)2749 static inline void zend_set_class_name_op1(zend_op *opline, znode *class_node) /* {{{ */
2750 {
2751 if (class_node->op_type == IS_CONST) {
2752 opline->op1_type = IS_CONST;
2753 opline->op1.constant = zend_add_class_name_literal(
2754 Z_STR(class_node->u.constant));
2755 } else {
2756 SET_NODE(opline->op1, class_node);
2757 }
2758 }
2759 /* }}} */
2760
zend_compile_class_ref(znode * result,zend_ast * name_ast,uint32_t fetch_flags)2761 static void zend_compile_class_ref(znode *result, zend_ast *name_ast, uint32_t fetch_flags) /* {{{ */
2762 {
2763 uint32_t fetch_type;
2764
2765 if (name_ast->kind != ZEND_AST_ZVAL) {
2766 znode name_node;
2767
2768 zend_compile_expr(&name_node, name_ast);
2769
2770 if (name_node.op_type == IS_CONST) {
2771 zend_string *name;
2772
2773 if (Z_TYPE(name_node.u.constant) != IS_STRING) {
2774 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
2775 }
2776
2777 name = Z_STR(name_node.u.constant);
2778 fetch_type = zend_get_class_fetch_type(name);
2779
2780 if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
2781 result->op_type = IS_CONST;
2782 ZVAL_STR(&result->u.constant, zend_resolve_class_name(name, ZEND_NAME_FQ));
2783 } else {
2784 zend_ensure_valid_class_fetch_type(fetch_type);
2785 result->op_type = IS_UNUSED;
2786 result->u.op.num = fetch_type | fetch_flags;
2787 }
2788
2789 zend_string_release_ex(name, 0);
2790 } else {
2791 zend_op *opline = zend_emit_op(result, ZEND_FETCH_CLASS, NULL, &name_node);
2792 opline->op1.num = ZEND_FETCH_CLASS_DEFAULT | fetch_flags;
2793 }
2794 return;
2795 }
2796
2797 /* Fully qualified names are always default refs */
2798 if (name_ast->attr == ZEND_NAME_FQ) {
2799 result->op_type = IS_CONST;
2800 ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2801 return;
2802 }
2803
2804 fetch_type = zend_get_class_fetch_type(zend_ast_get_str(name_ast));
2805 if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
2806 result->op_type = IS_CONST;
2807 ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2808 } else {
2809 zend_ensure_valid_class_fetch_type(fetch_type);
2810 result->op_type = IS_UNUSED;
2811 result->u.op.num = fetch_type | fetch_flags;
2812 }
2813 }
2814 /* }}} */
2815
zend_try_compile_cv(znode * result,zend_ast * ast)2816 static zend_result zend_try_compile_cv(znode *result, zend_ast *ast) /* {{{ */
2817 {
2818 zend_ast *name_ast = ast->child[0];
2819 if (name_ast->kind == ZEND_AST_ZVAL) {
2820 zval *zv = zend_ast_get_zval(name_ast);
2821 zend_string *name;
2822
2823 if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
2824 name = zval_make_interned_string(zv);
2825 } else {
2826 name = zend_new_interned_string(zval_get_string_func(zv));
2827 }
2828
2829 if (zend_is_auto_global(name)) {
2830 return FAILURE;
2831 }
2832
2833 result->op_type = IS_CV;
2834 result->u.op.var = lookup_cv(name);
2835
2836 if (UNEXPECTED(Z_TYPE_P(zv) != IS_STRING)) {
2837 zend_string_release_ex(name, 0);
2838 }
2839
2840 return SUCCESS;
2841 }
2842
2843 return FAILURE;
2844 }
2845 /* }}} */
2846
zend_compile_simple_var_no_cv(znode * result,zend_ast * ast,uint32_t type,bool delayed)2847 static zend_op *zend_compile_simple_var_no_cv(znode *result, zend_ast *ast, uint32_t type, bool delayed) /* {{{ */
2848 {
2849 zend_ast *name_ast = ast->child[0];
2850 znode name_node;
2851 zend_op *opline;
2852
2853 zend_compile_expr(&name_node, name_ast);
2854 if (name_node.op_type == IS_CONST) {
2855 convert_to_string(&name_node.u.constant);
2856 }
2857
2858 if (delayed) {
2859 opline = zend_delayed_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2860 } else {
2861 opline = zend_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2862 }
2863
2864 if (name_node.op_type == IS_CONST &&
2865 zend_is_auto_global(Z_STR(name_node.u.constant))) {
2866
2867 opline->extended_value = ZEND_FETCH_GLOBAL;
2868 } else {
2869 opline->extended_value = ZEND_FETCH_LOCAL;
2870 }
2871
2872 zend_adjust_for_fetch_type(opline, result, type);
2873 return opline;
2874 }
2875 /* }}} */
2876
is_this_fetch(zend_ast * ast)2877 static bool is_this_fetch(zend_ast *ast) /* {{{ */
2878 {
2879 if (ast->kind == ZEND_AST_VAR && ast->child[0]->kind == ZEND_AST_ZVAL) {
2880 zval *name = zend_ast_get_zval(ast->child[0]);
2881 return Z_TYPE_P(name) == IS_STRING && zend_string_equals(Z_STR_P(name), ZSTR_KNOWN(ZEND_STR_THIS));
2882 }
2883
2884 return 0;
2885 }
2886 /* }}} */
2887
is_globals_fetch(const zend_ast * ast)2888 static bool is_globals_fetch(const zend_ast *ast)
2889 {
2890 if (ast->kind == ZEND_AST_VAR && ast->child[0]->kind == ZEND_AST_ZVAL) {
2891 zval *name = zend_ast_get_zval(ast->child[0]);
2892 return Z_TYPE_P(name) == IS_STRING && zend_string_equals_literal(Z_STR_P(name), "GLOBALS");
2893 }
2894
2895 return 0;
2896 }
2897
is_global_var_fetch(zend_ast * ast)2898 static bool is_global_var_fetch(zend_ast *ast)
2899 {
2900 return ast->kind == ZEND_AST_DIM && is_globals_fetch(ast->child[0]);
2901 }
2902
this_guaranteed_exists(void)2903 static bool this_guaranteed_exists(void) /* {{{ */
2904 {
2905 zend_op_array *op_array = CG(active_op_array);
2906 /* Instance methods always have a $this.
2907 * This also includes closures that have a scope and use $this. */
2908 return op_array->scope != NULL
2909 && (op_array->fn_flags & ZEND_ACC_STATIC) == 0;
2910 }
2911 /* }}} */
2912
zend_compile_simple_var(znode * result,zend_ast * ast,uint32_t type,bool delayed)2913 static zend_op *zend_compile_simple_var(znode *result, zend_ast *ast, uint32_t type, bool delayed) /* {{{ */
2914 {
2915 if (is_this_fetch(ast)) {
2916 zend_op *opline = zend_emit_op(result, ZEND_FETCH_THIS, NULL, NULL);
2917 if ((type == BP_VAR_R) || (type == BP_VAR_IS)) {
2918 opline->result_type = IS_TMP_VAR;
2919 result->op_type = IS_TMP_VAR;
2920 }
2921 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
2922 return opline;
2923 } else if (is_globals_fetch(ast)) {
2924 zend_op *opline = zend_emit_op(result, ZEND_FETCH_GLOBALS, NULL, NULL);
2925 if (type == BP_VAR_R || type == BP_VAR_IS) {
2926 opline->result_type = IS_TMP_VAR;
2927 result->op_type = IS_TMP_VAR;
2928 }
2929 return opline;
2930 } else if (zend_try_compile_cv(result, ast) == FAILURE) {
2931 return zend_compile_simple_var_no_cv(result, ast, type, delayed);
2932 }
2933 return NULL;
2934 }
2935 /* }}} */
2936
zend_separate_if_call_and_write(znode * node,zend_ast * ast,uint32_t type)2937 static void zend_separate_if_call_and_write(znode *node, zend_ast *ast, uint32_t type) /* {{{ */
2938 {
2939 if (type != BP_VAR_R
2940 && type != BP_VAR_IS
2941 /* Whether a FUNC_ARG is R may only be determined at runtime. */
2942 && type != BP_VAR_FUNC_ARG
2943 && zend_is_call(ast)) {
2944 if (node->op_type == IS_VAR) {
2945 zend_op *opline = zend_emit_op(NULL, ZEND_SEPARATE, node, NULL);
2946 opline->result_type = IS_VAR;
2947 opline->result.var = opline->op1.var;
2948 } else {
2949 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
2950 }
2951 }
2952 }
2953 /* }}} */
2954
zend_emit_assign_znode(zend_ast * var_ast,znode * value_node)2955 static inline void zend_emit_assign_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
2956 {
2957 znode dummy_node;
2958 zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN, var_ast,
2959 zend_ast_create_znode(value_node));
2960 zend_compile_expr(&dummy_node, assign_ast);
2961 zend_do_free(&dummy_node);
2962 }
2963 /* }}} */
2964
zend_delayed_compile_dim(znode * result,zend_ast * ast,uint32_t type,bool by_ref)2965 static zend_op *zend_delayed_compile_dim(znode *result, zend_ast *ast, uint32_t type, bool by_ref)
2966 {
2967 if (ast->attr == ZEND_DIM_ALTERNATIVE_SYNTAX) {
2968 zend_error(E_COMPILE_ERROR, "Array and string offset access syntax with curly braces is no longer supported");
2969 }
2970 zend_ast *var_ast = ast->child[0];
2971 zend_ast *dim_ast = ast->child[1];
2972 zend_op *opline;
2973
2974 znode var_node, dim_node;
2975
2976 if (is_globals_fetch(var_ast)) {
2977 if (dim_ast == NULL) {
2978 zend_error_noreturn(E_COMPILE_ERROR, "Cannot append to $GLOBALS");
2979 }
2980
2981 zend_compile_expr(&dim_node, dim_ast);
2982 if (dim_node.op_type == IS_CONST) {
2983 convert_to_string(&dim_node.u.constant);
2984 }
2985
2986 opline = zend_delayed_emit_op(result, ZEND_FETCH_R, &dim_node, NULL);
2987 opline->extended_value = ZEND_FETCH_GLOBAL;
2988 zend_adjust_for_fetch_type(opline, result, type);
2989 return opline;
2990 } else {
2991 zend_short_circuiting_mark_inner(var_ast);
2992 opline = zend_delayed_compile_var(&var_node, var_ast, type, 0);
2993 if (opline) {
2994 if (type == BP_VAR_W && (opline->opcode == ZEND_FETCH_STATIC_PROP_W || opline->opcode == ZEND_FETCH_OBJ_W)) {
2995 opline->extended_value |= ZEND_FETCH_DIM_WRITE;
2996 } else if (opline->opcode == ZEND_FETCH_DIM_W
2997 || opline->opcode == ZEND_FETCH_DIM_RW
2998 || opline->opcode == ZEND_FETCH_DIM_FUNC_ARG
2999 || opline->opcode == ZEND_FETCH_DIM_UNSET) {
3000 opline->extended_value = ZEND_FETCH_DIM_DIM;
3001 }
3002 }
3003 }
3004
3005 zend_separate_if_call_and_write(&var_node, var_ast, type);
3006
3007 if (dim_ast == NULL) {
3008 if (type == BP_VAR_R || type == BP_VAR_IS) {
3009 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
3010 }
3011 if (type == BP_VAR_UNSET) {
3012 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for unsetting");
3013 }
3014 dim_node.op_type = IS_UNUSED;
3015 } else {
3016 zend_compile_expr(&dim_node, dim_ast);
3017 }
3018
3019 opline = zend_delayed_emit_op(result, ZEND_FETCH_DIM_R, &var_node, &dim_node);
3020 zend_adjust_for_fetch_type(opline, result, type);
3021 if (by_ref) {
3022 opline->extended_value = ZEND_FETCH_DIM_REF;
3023 }
3024
3025 if (dim_node.op_type == IS_CONST) {
3026 zend_handle_numeric_dim(opline, &dim_node);
3027 }
3028 return opline;
3029 }
3030
zend_compile_dim(znode * result,zend_ast * ast,uint32_t type,bool by_ref)3031 static zend_op *zend_compile_dim(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
3032 {
3033 uint32_t offset = zend_delayed_compile_begin();
3034 zend_delayed_compile_dim(result, ast, type, by_ref);
3035 return zend_delayed_compile_end(offset);
3036 }
3037 /* }}} */
3038
zend_delayed_compile_prop(znode * result,zend_ast * ast,uint32_t type)3039 static zend_op *zend_delayed_compile_prop(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
3040 {
3041 zend_ast *obj_ast = ast->child[0];
3042 zend_ast *prop_ast = ast->child[1];
3043
3044 znode obj_node, prop_node;
3045 zend_op *opline;
3046 bool nullsafe = ast->kind == ZEND_AST_NULLSAFE_PROP;
3047
3048 if (is_this_fetch(obj_ast)) {
3049 if (this_guaranteed_exists()) {
3050 obj_node.op_type = IS_UNUSED;
3051 } else {
3052 zend_emit_op(&obj_node, ZEND_FETCH_THIS, NULL, NULL);
3053 }
3054 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
3055
3056 /* We will throw if $this doesn't exist, so there's no need to emit a JMP_NULL
3057 * check for a nullsafe access. */
3058 } else {
3059 zend_short_circuiting_mark_inner(obj_ast);
3060 opline = zend_delayed_compile_var(&obj_node, obj_ast, type, 0);
3061 if (opline && (opline->opcode == ZEND_FETCH_DIM_W
3062 || opline->opcode == ZEND_FETCH_DIM_RW
3063 || opline->opcode == ZEND_FETCH_DIM_FUNC_ARG
3064 || opline->opcode == ZEND_FETCH_DIM_UNSET)) {
3065 opline->extended_value = ZEND_FETCH_DIM_OBJ;
3066 }
3067
3068 zend_separate_if_call_and_write(&obj_node, obj_ast, type);
3069 if (nullsafe) {
3070 if (obj_node.op_type == IS_TMP_VAR) {
3071 /* Flush delayed oplines */
3072 zend_op *opline = NULL, *oplines = zend_stack_base(&CG(delayed_oplines_stack));
3073 uint32_t var = obj_node.u.op.var;
3074 uint32_t count = zend_stack_count(&CG(delayed_oplines_stack));
3075 uint32_t i = count;
3076
3077 while (i > 0 && oplines[i-1].result_type == IS_TMP_VAR && oplines[i-1].result.var == var) {
3078 i--;
3079 if (oplines[i].op1_type == IS_TMP_VAR) {
3080 var = oplines[i].op1.var;
3081 } else {
3082 break;
3083 }
3084 }
3085 for (; i < count; ++i) {
3086 if (oplines[i].opcode != ZEND_NOP) {
3087 opline = get_next_op();
3088 memcpy(opline, &oplines[i], sizeof(zend_op));
3089 oplines[i].opcode = ZEND_NOP;
3090 oplines[i].extended_value = opline - CG(active_op_array)->opcodes;
3091 }
3092 }
3093 }
3094 zend_emit_jmp_null(&obj_node, type);
3095 }
3096 }
3097
3098 zend_compile_expr(&prop_node, prop_ast);
3099
3100 opline = zend_delayed_emit_op(result, ZEND_FETCH_OBJ_R, &obj_node, &prop_node);
3101 if (opline->op2_type == IS_CONST) {
3102 convert_to_string(CT_CONSTANT(opline->op2));
3103 zend_string_hash_val(Z_STR_P(CT_CONSTANT(opline->op2)));
3104 opline->extended_value = zend_alloc_cache_slots(3);
3105 }
3106
3107 zend_adjust_for_fetch_type(opline, result, type);
3108
3109 return opline;
3110 }
3111 /* }}} */
3112
zend_compile_prop(znode * result,zend_ast * ast,uint32_t type,bool by_ref)3113 static zend_op *zend_compile_prop(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
3114 {
3115 uint32_t offset = zend_delayed_compile_begin();
3116 zend_op *opline = zend_delayed_compile_prop(result, ast, type);
3117 if (by_ref) { /* shared with cache_slot */
3118 opline->extended_value |= ZEND_FETCH_REF;
3119 }
3120 return zend_delayed_compile_end(offset);
3121 }
3122 /* }}} */
3123
zend_compile_static_prop(znode * result,zend_ast * ast,uint32_t type,bool by_ref,bool delayed)3124 static zend_op *zend_compile_static_prop(znode *result, zend_ast *ast, uint32_t type, bool by_ref, bool delayed) /* {{{ */
3125 {
3126 zend_ast *class_ast = ast->child[0];
3127 zend_ast *prop_ast = ast->child[1];
3128
3129 znode class_node, prop_node;
3130 zend_op *opline;
3131
3132 zend_short_circuiting_mark_inner(class_ast);
3133 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
3134
3135 zend_compile_expr(&prop_node, prop_ast);
3136
3137 if (delayed) {
3138 opline = zend_delayed_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
3139 } else {
3140 opline = zend_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
3141 }
3142 if (opline->op1_type == IS_CONST) {
3143 convert_to_string(CT_CONSTANT(opline->op1));
3144 opline->extended_value = zend_alloc_cache_slots(3);
3145 }
3146 if (class_node.op_type == IS_CONST) {
3147 opline->op2_type = IS_CONST;
3148 opline->op2.constant = zend_add_class_name_literal(
3149 Z_STR(class_node.u.constant));
3150 if (opline->op1_type != IS_CONST) {
3151 opline->extended_value = zend_alloc_cache_slot();
3152 }
3153 } else {
3154 SET_NODE(opline->op2, &class_node);
3155 }
3156
3157 if (by_ref && (type == BP_VAR_W || type == BP_VAR_FUNC_ARG)) { /* shared with cache_slot */
3158 opline->extended_value |= ZEND_FETCH_REF;
3159 }
3160
3161 zend_adjust_for_fetch_type(opline, result, type);
3162 return opline;
3163 }
3164 /* }}} */
3165
zend_verify_list_assign_target(zend_ast * var_ast,zend_ast_attr array_style)3166 static void zend_verify_list_assign_target(zend_ast *var_ast, zend_ast_attr array_style) /* {{{ */ {
3167 if (var_ast->kind == ZEND_AST_ARRAY) {
3168 if (var_ast->attr == ZEND_ARRAY_SYNTAX_LONG) {
3169 zend_error_noreturn(E_COMPILE_ERROR, "Cannot assign to array(), use [] instead");
3170 }
3171 if (array_style != var_ast->attr) {
3172 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix [] and list()");
3173 }
3174 } else if (!zend_can_write_to_variable(var_ast)) {
3175 zend_error_noreturn(E_COMPILE_ERROR, "Assignments can only happen to writable values");
3176 }
3177 }
3178 /* }}} */
3179
3180 static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node);
3181
3182 /* Propagate refs used on leaf elements to the surrounding list() structures. */
zend_propagate_list_refs(zend_ast * ast)3183 static bool zend_propagate_list_refs(zend_ast *ast) { /* {{{ */
3184 zend_ast_list *list = zend_ast_get_list(ast);
3185 bool has_refs = 0;
3186 uint32_t i;
3187
3188 for (i = 0; i < list->children; ++i) {
3189 zend_ast *elem_ast = list->child[i];
3190
3191 if (elem_ast) {
3192 zend_ast *var_ast = elem_ast->child[0];
3193 if (var_ast->kind == ZEND_AST_ARRAY) {
3194 elem_ast->attr = zend_propagate_list_refs(var_ast);
3195 }
3196 has_refs |= elem_ast->attr;
3197 }
3198 }
3199
3200 return has_refs;
3201 }
3202 /* }}} */
3203
list_is_keyed(zend_ast_list * list)3204 static bool list_is_keyed(zend_ast_list *list)
3205 {
3206 for (uint32_t i = 0; i < list->children; i++) {
3207 zend_ast *child = list->child[i];
3208 if (child) {
3209 return child->kind == ZEND_AST_ARRAY_ELEM && child->child[1] != NULL;
3210 }
3211 }
3212 return false;
3213 }
3214
zend_compile_list_assign(znode * result,zend_ast * ast,znode * expr_node,zend_ast_attr array_style)3215 static void zend_compile_list_assign(
3216 znode *result, zend_ast *ast, znode *expr_node, zend_ast_attr array_style) /* {{{ */
3217 {
3218 zend_ast_list *list = zend_ast_get_list(ast);
3219 uint32_t i;
3220 bool has_elems = 0;
3221 bool is_keyed = list_is_keyed(list);
3222
3223 if (list->children && expr_node->op_type == IS_CONST && Z_TYPE(expr_node->u.constant) == IS_STRING) {
3224 zval_make_interned_string(&expr_node->u.constant);
3225 }
3226
3227 for (i = 0; i < list->children; ++i) {
3228 zend_ast *elem_ast = list->child[i];
3229 zend_ast *var_ast, *key_ast;
3230 znode fetch_result, dim_node;
3231 zend_op *opline;
3232
3233 if (elem_ast == NULL) {
3234 if (is_keyed) {
3235 zend_error(E_COMPILE_ERROR,
3236 "Cannot use empty array entries in keyed array assignment");
3237 } else {
3238 continue;
3239 }
3240 }
3241
3242 if (elem_ast->kind == ZEND_AST_UNPACK) {
3243 zend_error(E_COMPILE_ERROR,
3244 "Spread operator is not supported in assignments");
3245 }
3246
3247 var_ast = elem_ast->child[0];
3248 key_ast = elem_ast->child[1];
3249 has_elems = 1;
3250
3251 if (is_keyed) {
3252 if (key_ast == NULL) {
3253 zend_error(E_COMPILE_ERROR,
3254 "Cannot mix keyed and unkeyed array entries in assignments");
3255 }
3256
3257 zend_compile_expr(&dim_node, key_ast);
3258 } else {
3259 if (key_ast != NULL) {
3260 zend_error(E_COMPILE_ERROR,
3261 "Cannot mix keyed and unkeyed array entries in assignments");
3262 }
3263
3264 dim_node.op_type = IS_CONST;
3265 ZVAL_LONG(&dim_node.u.constant, i);
3266 }
3267
3268 if (expr_node->op_type == IS_CONST) {
3269 Z_TRY_ADDREF(expr_node->u.constant);
3270 }
3271
3272 zend_verify_list_assign_target(var_ast, array_style);
3273
3274 opline = zend_emit_op(&fetch_result,
3275 elem_ast->attr ? (expr_node->op_type == IS_CV ? ZEND_FETCH_DIM_W : ZEND_FETCH_LIST_W) : ZEND_FETCH_LIST_R, expr_node, &dim_node);
3276
3277 if (dim_node.op_type == IS_CONST) {
3278 zend_handle_numeric_dim(opline, &dim_node);
3279 }
3280
3281 if (elem_ast->attr) {
3282 zend_emit_op(&fetch_result, ZEND_MAKE_REF, &fetch_result, NULL);
3283 }
3284 if (var_ast->kind == ZEND_AST_ARRAY) {
3285 zend_compile_list_assign(NULL, var_ast, &fetch_result, var_ast->attr);
3286 } else if (elem_ast->attr) {
3287 zend_emit_assign_ref_znode(var_ast, &fetch_result);
3288 } else {
3289 zend_emit_assign_znode(var_ast, &fetch_result);
3290 }
3291 }
3292
3293 if (has_elems == 0) {
3294 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use empty list");
3295 }
3296
3297 if (result) {
3298 *result = *expr_node;
3299 } else {
3300 zend_do_free(expr_node);
3301 }
3302 }
3303 /* }}} */
3304
zend_ensure_writable_variable(const zend_ast * ast)3305 static void zend_ensure_writable_variable(const zend_ast *ast) /* {{{ */
3306 {
3307 if (ast->kind == ZEND_AST_CALL) {
3308 zend_error_noreturn(E_COMPILE_ERROR, "Can't use function return value in write context");
3309 }
3310 if (
3311 ast->kind == ZEND_AST_METHOD_CALL
3312 || ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL
3313 || ast->kind == ZEND_AST_STATIC_CALL
3314 ) {
3315 zend_error_noreturn(E_COMPILE_ERROR, "Can't use method return value in write context");
3316 }
3317 if (zend_ast_is_short_circuited(ast)) {
3318 zend_error_noreturn(E_COMPILE_ERROR, "Can't use nullsafe operator in write context");
3319 }
3320 if (is_globals_fetch(ast)) {
3321 zend_error_noreturn(E_COMPILE_ERROR,
3322 "$GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax");
3323 }
3324 }
3325 /* }}} */
3326
3327 /* Detects $a... = $a pattern */
zend_is_assign_to_self(zend_ast * var_ast,zend_ast * expr_ast)3328 static bool zend_is_assign_to_self(zend_ast *var_ast, zend_ast *expr_ast) /* {{{ */
3329 {
3330 if (expr_ast->kind != ZEND_AST_VAR || expr_ast->child[0]->kind != ZEND_AST_ZVAL) {
3331 return 0;
3332 }
3333
3334 while (zend_is_variable(var_ast) && var_ast->kind != ZEND_AST_VAR) {
3335 var_ast = var_ast->child[0];
3336 }
3337
3338 if (var_ast->kind != ZEND_AST_VAR || var_ast->child[0]->kind != ZEND_AST_ZVAL) {
3339 return 0;
3340 }
3341
3342 {
3343 zend_string *name1 = zval_get_string(zend_ast_get_zval(var_ast->child[0]));
3344 zend_string *name2 = zval_get_string(zend_ast_get_zval(expr_ast->child[0]));
3345 bool result = zend_string_equals(name1, name2);
3346 zend_string_release_ex(name1, 0);
3347 zend_string_release_ex(name2, 0);
3348 return result;
3349 }
3350 }
3351 /* }}} */
3352
zend_compile_expr_with_potential_assign_to_self(znode * expr_node,zend_ast * expr_ast,zend_ast * var_ast)3353 static void zend_compile_expr_with_potential_assign_to_self(
3354 znode *expr_node, zend_ast *expr_ast, zend_ast *var_ast) {
3355 if (zend_is_assign_to_self(var_ast, expr_ast) && !is_this_fetch(expr_ast)) {
3356 /* $a[0] = $a should evaluate the right $a first */
3357 znode cv_node;
3358
3359 if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3360 zend_compile_simple_var_no_cv(expr_node, expr_ast, BP_VAR_R, 0);
3361 } else {
3362 zend_emit_op_tmp(expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3363 }
3364 } else {
3365 zend_compile_expr(expr_node, expr_ast);
3366 }
3367 }
3368
zend_compile_assign(znode * result,zend_ast * ast)3369 static void zend_compile_assign(znode *result, zend_ast *ast) /* {{{ */
3370 {
3371 zend_ast *var_ast = ast->child[0];
3372 zend_ast *expr_ast = ast->child[1];
3373
3374 znode var_node, expr_node;
3375 zend_op *opline;
3376 uint32_t offset;
3377 if (is_this_fetch(var_ast)) {
3378 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3379 }
3380
3381 zend_ensure_writable_variable(var_ast);
3382
3383 /* Treat $GLOBALS['x'] assignment like assignment to variable. */
3384 zend_ast_kind kind = is_global_var_fetch(var_ast) ? ZEND_AST_VAR : var_ast->kind;
3385 switch (kind) {
3386 case ZEND_AST_VAR:
3387 offset = zend_delayed_compile_begin();
3388 zend_delayed_compile_var(&var_node, var_ast, BP_VAR_W, 0);
3389 zend_compile_expr(&expr_node, expr_ast);
3390 zend_delayed_compile_end(offset);
3391 CG(zend_lineno) = zend_ast_get_lineno(var_ast);
3392 zend_emit_op_tmp(result, ZEND_ASSIGN, &var_node, &expr_node);
3393 return;
3394 case ZEND_AST_STATIC_PROP:
3395 offset = zend_delayed_compile_begin();
3396 zend_delayed_compile_var(result, var_ast, BP_VAR_W, 0);
3397 zend_compile_expr(&expr_node, expr_ast);
3398
3399 opline = zend_delayed_compile_end(offset);
3400 opline->opcode = ZEND_ASSIGN_STATIC_PROP;
3401 opline->result_type = IS_TMP_VAR;
3402 result->op_type = IS_TMP_VAR;
3403
3404 zend_emit_op_data(&expr_node);
3405 return;
3406 case ZEND_AST_DIM:
3407 offset = zend_delayed_compile_begin();
3408 zend_delayed_compile_dim(result, var_ast, BP_VAR_W, /* by_ref */ false);
3409 zend_compile_expr_with_potential_assign_to_self(&expr_node, expr_ast, var_ast);
3410
3411 opline = zend_delayed_compile_end(offset);
3412 opline->opcode = ZEND_ASSIGN_DIM;
3413 opline->result_type = IS_TMP_VAR;
3414 result->op_type = IS_TMP_VAR;
3415
3416 opline = zend_emit_op_data(&expr_node);
3417 return;
3418 case ZEND_AST_PROP:
3419 case ZEND_AST_NULLSAFE_PROP:
3420 offset = zend_delayed_compile_begin();
3421 zend_delayed_compile_prop(result, var_ast, BP_VAR_W);
3422 zend_compile_expr(&expr_node, expr_ast);
3423
3424 opline = zend_delayed_compile_end(offset);
3425 opline->opcode = ZEND_ASSIGN_OBJ;
3426 opline->result_type = IS_TMP_VAR;
3427 result->op_type = IS_TMP_VAR;
3428
3429 zend_emit_op_data(&expr_node);
3430 return;
3431 case ZEND_AST_ARRAY:
3432 if (zend_propagate_list_refs(var_ast)) {
3433 if (!zend_is_variable_or_call(expr_ast)) {
3434 zend_error_noreturn(E_COMPILE_ERROR,
3435 "Cannot assign reference to non referenceable value");
3436 } else {
3437 zend_assert_not_short_circuited(expr_ast);
3438 }
3439
3440 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
3441 /* MAKE_REF is usually not necessary for CVs. However, if there are
3442 * self-assignments, this forces the RHS to evaluate first. */
3443 zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
3444 } else {
3445 if (expr_ast->kind == ZEND_AST_VAR) {
3446 /* list($a, $b) = $a should evaluate the right $a first */
3447 znode cv_node;
3448
3449 if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3450 zend_compile_simple_var_no_cv(&expr_node, expr_ast, BP_VAR_R, 0);
3451 } else {
3452 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3453 }
3454 } else {
3455 zend_compile_expr(&expr_node, expr_ast);
3456 }
3457 }
3458
3459 zend_compile_list_assign(result, var_ast, &expr_node, var_ast->attr);
3460 return;
3461 EMPTY_SWITCH_DEFAULT_CASE();
3462 }
3463 }
3464 /* }}} */
3465
zend_compile_assign_ref(znode * result,zend_ast * ast)3466 static void zend_compile_assign_ref(znode *result, zend_ast *ast) /* {{{ */
3467 {
3468 zend_ast *target_ast = ast->child[0];
3469 zend_ast *source_ast = ast->child[1];
3470
3471 znode target_node, source_node;
3472 zend_op *opline;
3473 uint32_t offset, flags;
3474
3475 if (is_this_fetch(target_ast)) {
3476 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3477 }
3478 zend_ensure_writable_variable(target_ast);
3479 zend_assert_not_short_circuited(source_ast);
3480 if (is_globals_fetch(source_ast)) {
3481 zend_error_noreturn(E_COMPILE_ERROR, "Cannot acquire reference to $GLOBALS");
3482 }
3483
3484 offset = zend_delayed_compile_begin();
3485 zend_delayed_compile_var(&target_node, target_ast, BP_VAR_W, 1);
3486 zend_compile_var(&source_node, source_ast, BP_VAR_W, 1);
3487
3488 if ((target_ast->kind != ZEND_AST_VAR
3489 || target_ast->child[0]->kind != ZEND_AST_ZVAL)
3490 && source_ast->kind != ZEND_AST_ZNODE
3491 && source_node.op_type != IS_CV) {
3492 /* Both LHS and RHS expressions may modify the same data structure,
3493 * and the modification during RHS evaluation may dangle the pointer
3494 * to the result of the LHS evaluation.
3495 * Use MAKE_REF instruction to replace direct pointer with REFERENCE.
3496 * See: Bug #71539
3497 */
3498 zend_emit_op(&source_node, ZEND_MAKE_REF, &source_node, NULL);
3499 }
3500
3501 opline = zend_delayed_compile_end(offset);
3502
3503 if (source_node.op_type != IS_VAR && zend_is_call(source_ast)) {
3504 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
3505 }
3506
3507 flags = zend_is_call(source_ast) ? ZEND_RETURNS_FUNCTION : 0;
3508
3509 if (opline && opline->opcode == ZEND_FETCH_OBJ_W) {
3510 opline->opcode = ZEND_ASSIGN_OBJ_REF;
3511 opline->extended_value &= ~ZEND_FETCH_REF;
3512 opline->extended_value |= flags;
3513 zend_emit_op_data(&source_node);
3514 *result = target_node;
3515 } else if (opline && opline->opcode == ZEND_FETCH_STATIC_PROP_W) {
3516 opline->opcode = ZEND_ASSIGN_STATIC_PROP_REF;
3517 opline->extended_value &= ~ZEND_FETCH_REF;
3518 opline->extended_value |= flags;
3519 zend_emit_op_data(&source_node);
3520 *result = target_node;
3521 } else {
3522 opline = zend_emit_op(result, ZEND_ASSIGN_REF, &target_node, &source_node);
3523 opline->extended_value = flags;
3524 }
3525 }
3526 /* }}} */
3527
zend_emit_assign_ref_znode(zend_ast * var_ast,znode * value_node)3528 static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
3529 {
3530 znode dummy_node;
3531 zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN_REF, var_ast,
3532 zend_ast_create_znode(value_node));
3533 zend_compile_expr(&dummy_node, assign_ast);
3534 zend_do_free(&dummy_node);
3535 }
3536 /* }}} */
3537
zend_compile_compound_assign(znode * result,zend_ast * ast)3538 static void zend_compile_compound_assign(znode *result, zend_ast *ast) /* {{{ */
3539 {
3540 zend_ast *var_ast = ast->child[0];
3541 zend_ast *expr_ast = ast->child[1];
3542 uint32_t opcode = ast->attr;
3543
3544 znode var_node, expr_node;
3545 zend_op *opline;
3546 uint32_t offset, cache_slot;
3547
3548 zend_ensure_writable_variable(var_ast);
3549
3550 /* Treat $GLOBALS['x'] assignment like assignment to variable. */
3551 zend_ast_kind kind = is_global_var_fetch(var_ast) ? ZEND_AST_VAR : var_ast->kind;
3552 switch (kind) {
3553 case ZEND_AST_VAR:
3554 offset = zend_delayed_compile_begin();
3555 zend_delayed_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
3556 zend_compile_expr(&expr_node, expr_ast);
3557 zend_delayed_compile_end(offset);
3558 opline = zend_emit_op_tmp(result, ZEND_ASSIGN_OP, &var_node, &expr_node);
3559 opline->extended_value = opcode;
3560 return;
3561 case ZEND_AST_STATIC_PROP:
3562 offset = zend_delayed_compile_begin();
3563 zend_delayed_compile_var(result, var_ast, BP_VAR_RW, 0);
3564 zend_compile_expr(&expr_node, expr_ast);
3565
3566 opline = zend_delayed_compile_end(offset);
3567 cache_slot = opline->extended_value;
3568 opline->opcode = ZEND_ASSIGN_STATIC_PROP_OP;
3569 opline->extended_value = opcode;
3570 opline->result_type = IS_TMP_VAR;
3571 result->op_type = IS_TMP_VAR;
3572
3573 opline = zend_emit_op_data(&expr_node);
3574 opline->extended_value = cache_slot;
3575 return;
3576 case ZEND_AST_DIM:
3577 offset = zend_delayed_compile_begin();
3578 zend_delayed_compile_dim(result, var_ast, BP_VAR_RW, /* by_ref */ false);
3579 zend_compile_expr_with_potential_assign_to_self(&expr_node, expr_ast, var_ast);
3580
3581 opline = zend_delayed_compile_end(offset);
3582 opline->opcode = ZEND_ASSIGN_DIM_OP;
3583 opline->extended_value = opcode;
3584 opline->result_type = IS_TMP_VAR;
3585 result->op_type = IS_TMP_VAR;
3586
3587 zend_emit_op_data(&expr_node);
3588 return;
3589 case ZEND_AST_PROP:
3590 case ZEND_AST_NULLSAFE_PROP:
3591 offset = zend_delayed_compile_begin();
3592 zend_delayed_compile_prop(result, var_ast, BP_VAR_RW);
3593 zend_compile_expr(&expr_node, expr_ast);
3594
3595 opline = zend_delayed_compile_end(offset);
3596 cache_slot = opline->extended_value;
3597 opline->opcode = ZEND_ASSIGN_OBJ_OP;
3598 opline->extended_value = opcode;
3599 opline->result_type = IS_TMP_VAR;
3600 result->op_type = IS_TMP_VAR;
3601
3602 opline = zend_emit_op_data(&expr_node);
3603 opline->extended_value = cache_slot;
3604 return;
3605 EMPTY_SWITCH_DEFAULT_CASE()
3606 }
3607 }
3608 /* }}} */
3609
zend_get_arg_num(zend_function * fn,zend_string * arg_name)3610 static uint32_t zend_get_arg_num(zend_function *fn, zend_string *arg_name) {
3611 // TODO: Caching?
3612 if (fn->type == ZEND_USER_FUNCTION) {
3613 for (uint32_t i = 0; i < fn->common.num_args; i++) {
3614 zend_arg_info *arg_info = &fn->op_array.arg_info[i];
3615 if (zend_string_equals(arg_info->name, arg_name)) {
3616 return i + 1;
3617 }
3618 }
3619 } else {
3620 for (uint32_t i = 0; i < fn->common.num_args; i++) {
3621 zend_internal_arg_info *arg_info = &fn->internal_function.arg_info[i];
3622 size_t len = strlen(arg_info->name);
3623 if (zend_string_equals_cstr(arg_name, arg_info->name, len)) {
3624 return i + 1;
3625 }
3626 }
3627 }
3628
3629 /* Either an invalid argument name, or collected into a variadic argument. */
3630 return (uint32_t) -1;
3631 }
3632
zend_compile_args(zend_ast * ast,zend_function * fbc,bool * may_have_extra_named_args)3633 static uint32_t zend_compile_args(
3634 zend_ast *ast, zend_function *fbc, bool *may_have_extra_named_args) /* {{{ */
3635 {
3636 zend_ast_list *args = zend_ast_get_list(ast);
3637 uint32_t i;
3638 bool uses_arg_unpack = 0;
3639 uint32_t arg_count = 0; /* number of arguments not including unpacks */
3640
3641 /* Whether named arguments are used syntactically, to enforce language level limitations.
3642 * May not actually use named argument passing. */
3643 bool uses_named_args = 0;
3644 /* Whether there may be any undef arguments due to the use of named arguments. */
3645 bool may_have_undef = 0;
3646 /* Whether there may be any extra named arguments collected into a variadic. */
3647 *may_have_extra_named_args = 0;
3648
3649 for (i = 0; i < args->children; ++i) {
3650 zend_ast *arg = args->child[i];
3651 zend_string *arg_name = NULL;
3652 uint32_t arg_num = i + 1;
3653
3654 znode arg_node;
3655 zend_op *opline;
3656 uint8_t opcode;
3657
3658 if (arg->kind == ZEND_AST_UNPACK) {
3659 if (uses_named_args) {
3660 zend_error_noreturn(E_COMPILE_ERROR,
3661 "Cannot use argument unpacking after named arguments");
3662 }
3663
3664 uses_arg_unpack = 1;
3665 fbc = NULL;
3666
3667 zend_compile_expr(&arg_node, arg->child[0]);
3668 opline = zend_emit_op(NULL, ZEND_SEND_UNPACK, &arg_node, NULL);
3669 opline->op2.num = arg_count;
3670 opline->result.var = EX_NUM_TO_VAR(arg_count - 1);
3671
3672 /* Unpack may contain named arguments. */
3673 may_have_undef = 1;
3674 if (!fbc || (fbc->common.fn_flags & ZEND_ACC_VARIADIC)) {
3675 *may_have_extra_named_args = 1;
3676 }
3677 continue;
3678 }
3679
3680 if (arg->kind == ZEND_AST_NAMED_ARG) {
3681 uses_named_args = 1;
3682 arg_name = zval_make_interned_string(zend_ast_get_zval(arg->child[0]));
3683 arg = arg->child[1];
3684
3685 if (fbc && !uses_arg_unpack) {
3686 arg_num = zend_get_arg_num(fbc, arg_name);
3687 if (arg_num == arg_count + 1 && !may_have_undef) {
3688 /* Using named arguments, but passing in order. */
3689 arg_name = NULL;
3690 arg_count++;
3691 } else {
3692 // TODO: We could track which arguments were passed, even if out of order.
3693 may_have_undef = 1;
3694 if (arg_num == (uint32_t) -1 && (fbc->common.fn_flags & ZEND_ACC_VARIADIC)) {
3695 *may_have_extra_named_args = 1;
3696 }
3697 }
3698 } else {
3699 arg_num = (uint32_t) -1;
3700 may_have_undef = 1;
3701 *may_have_extra_named_args = 1;
3702 }
3703 } else {
3704 if (uses_arg_unpack) {
3705 zend_error_noreturn(E_COMPILE_ERROR,
3706 "Cannot use positional argument after argument unpacking");
3707 }
3708
3709 if (uses_named_args) {
3710 zend_error_noreturn(E_COMPILE_ERROR,
3711 "Cannot use positional argument after named argument");
3712 }
3713
3714 arg_count++;
3715 }
3716
3717 /* Treat passing of $GLOBALS the same as passing a call.
3718 * This will error at runtime if the argument is by-ref. */
3719 if (zend_is_call(arg) || is_globals_fetch(arg)) {
3720 zend_compile_var(&arg_node, arg, BP_VAR_R, 0);
3721 if (arg_node.op_type & (IS_CONST|IS_TMP_VAR)) {
3722 /* Function call was converted into builtin instruction */
3723 if (!fbc || ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3724 opcode = ZEND_SEND_VAL_EX;
3725 } else {
3726 opcode = ZEND_SEND_VAL;
3727 }
3728 } else {
3729 if (fbc && arg_num != (uint32_t) -1) {
3730 if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3731 opcode = ZEND_SEND_VAR_NO_REF;
3732 } else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3733 /* For IS_VAR operands, SEND_VAL will pass through the operand without
3734 * dereferencing, so it will use a by-ref pass if the call returned by-ref
3735 * and a by-value pass if it returned by-value. */
3736 opcode = ZEND_SEND_VAL;
3737 } else {
3738 opcode = ZEND_SEND_VAR;
3739 }
3740 } else {
3741 opcode = ZEND_SEND_VAR_NO_REF_EX;
3742 }
3743 }
3744 } else if (zend_is_variable(arg) && !zend_ast_is_short_circuited(arg)) {
3745 if (fbc && arg_num != (uint32_t) -1) {
3746 if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3747 zend_compile_var(&arg_node, arg, BP_VAR_W, 1);
3748 opcode = ZEND_SEND_REF;
3749 } else {
3750 zend_compile_var(&arg_node, arg, BP_VAR_R, 0);
3751 opcode = (arg_node.op_type == IS_TMP_VAR) ? ZEND_SEND_VAL : ZEND_SEND_VAR;
3752 }
3753 } else {
3754 do {
3755 if (arg->kind == ZEND_AST_VAR) {
3756 CG(zend_lineno) = zend_ast_get_lineno(ast);
3757 if (is_this_fetch(arg)) {
3758 zend_emit_op(&arg_node, ZEND_FETCH_THIS, NULL, NULL);
3759 opcode = ZEND_SEND_VAR_EX;
3760 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
3761 break;
3762 } else if (zend_try_compile_cv(&arg_node, arg) == SUCCESS) {
3763 opcode = ZEND_SEND_VAR_EX;
3764 break;
3765 }
3766 }
3767 opline = zend_emit_op(NULL, ZEND_CHECK_FUNC_ARG, NULL, NULL);
3768 if (arg_name) {
3769 opline->op2_type = IS_CONST;
3770 zend_string_addref(arg_name);
3771 opline->op2.constant = zend_add_literal_string(&arg_name);
3772 opline->result.num = zend_alloc_cache_slots(2);
3773 } else {
3774 opline->op2.num = arg_num;
3775 }
3776 zend_compile_var(&arg_node, arg, BP_VAR_FUNC_ARG, 1);
3777 opcode = ZEND_SEND_FUNC_ARG;
3778 } while (0);
3779 }
3780 } else {
3781 zend_compile_expr(&arg_node, arg);
3782 if (arg_node.op_type == IS_VAR) {
3783 /* pass ++$a or something similar */
3784 if (fbc && arg_num != (uint32_t) -1) {
3785 if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3786 opcode = ZEND_SEND_VAR_NO_REF;
3787 } else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3788 opcode = ZEND_SEND_VAL;
3789 } else {
3790 opcode = ZEND_SEND_VAR;
3791 }
3792 } else {
3793 opcode = ZEND_SEND_VAR_NO_REF_EX;
3794 }
3795 } else if (arg_node.op_type == IS_CV) {
3796 if (fbc && arg_num != (uint32_t) -1) {
3797 if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3798 opcode = ZEND_SEND_REF;
3799 } else {
3800 opcode = ZEND_SEND_VAR;
3801 }
3802 } else {
3803 opcode = ZEND_SEND_VAR_EX;
3804 }
3805 } else {
3806 /* Delay "Only variables can be passed by reference" error to execution */
3807 if (fbc && arg_num != (uint32_t) -1 && !ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3808 opcode = ZEND_SEND_VAL;
3809 } else {
3810 opcode = ZEND_SEND_VAL_EX;
3811 }
3812 }
3813 }
3814
3815 opline = zend_emit_op(NULL, opcode, &arg_node, NULL);
3816 if (arg_name) {
3817 opline->op2_type = IS_CONST;
3818 zend_string_addref(arg_name);
3819 opline->op2.constant = zend_add_literal_string(&arg_name);
3820 opline->result.num = zend_alloc_cache_slots(2);
3821 } else {
3822 opline->op2.opline_num = arg_num;
3823 opline->result.var = EX_NUM_TO_VAR(arg_num - 1);
3824 }
3825 }
3826
3827 if (may_have_undef) {
3828 zend_emit_op(NULL, ZEND_CHECK_UNDEF_ARGS, NULL, NULL);
3829 }
3830
3831 return arg_count;
3832 }
3833 /* }}} */
3834
zend_get_call_op(const zend_op * init_op,zend_function * fbc)3835 ZEND_API uint8_t zend_get_call_op(const zend_op *init_op, zend_function *fbc) /* {{{ */
3836 {
3837 if (fbc) {
3838 ZEND_ASSERT(!(fbc->common.fn_flags & ZEND_ACC_CALL_VIA_TRAMPOLINE));
3839 if (fbc->type == ZEND_INTERNAL_FUNCTION && !(CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS)) {
3840 if (init_op->opcode == ZEND_INIT_FCALL && !zend_execute_internal) {
3841 if (!(fbc->common.fn_flags & ZEND_ACC_DEPRECATED)) {
3842 return ZEND_DO_ICALL;
3843 } else {
3844 return ZEND_DO_FCALL_BY_NAME;
3845 }
3846 }
3847 } else if (!(CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS)){
3848 if (zend_execute_ex == execute_ex) {
3849 return ZEND_DO_UCALL;
3850 }
3851 }
3852 } else if (zend_execute_ex == execute_ex &&
3853 !zend_execute_internal &&
3854 (init_op->opcode == ZEND_INIT_FCALL_BY_NAME ||
3855 init_op->opcode == ZEND_INIT_NS_FCALL_BY_NAME)) {
3856 return ZEND_DO_FCALL_BY_NAME;
3857 }
3858 return ZEND_DO_FCALL;
3859 }
3860 /* }}} */
3861
zend_compile_call_common(znode * result,zend_ast * args_ast,zend_function * fbc,uint32_t lineno)3862 static bool zend_compile_call_common(znode *result, zend_ast *args_ast, zend_function *fbc, uint32_t lineno) /* {{{ */
3863 {
3864 zend_op *opline;
3865 uint32_t opnum_init = get_next_op_number() - 1;
3866
3867 if (args_ast->kind == ZEND_AST_CALLABLE_CONVERT) {
3868 opline = &CG(active_op_array)->opcodes[opnum_init];
3869 opline->extended_value = 0;
3870
3871 if (opline->opcode == ZEND_NEW) {
3872 zend_error_noreturn(E_COMPILE_ERROR, "Cannot create Closure for new expression");
3873 }
3874
3875 if (opline->opcode == ZEND_INIT_FCALL) {
3876 opline->op1.num = zend_vm_calc_used_stack(0, fbc);
3877 }
3878
3879 zend_emit_op_tmp(result, ZEND_CALLABLE_CONVERT, NULL, NULL);
3880 return true;
3881 }
3882
3883 bool may_have_extra_named_args;
3884 uint32_t arg_count = zend_compile_args(args_ast, fbc, &may_have_extra_named_args);
3885
3886 zend_do_extended_fcall_begin();
3887
3888 opline = &CG(active_op_array)->opcodes[opnum_init];
3889 opline->extended_value = arg_count;
3890
3891 if (opline->opcode == ZEND_INIT_FCALL) {
3892 opline->op1.num = zend_vm_calc_used_stack(arg_count, fbc);
3893 }
3894
3895 opline = zend_emit_op(result, zend_get_call_op(opline, fbc), NULL, NULL);
3896 if (may_have_extra_named_args) {
3897 opline->extended_value = ZEND_FCALL_MAY_HAVE_EXTRA_NAMED_PARAMS;
3898 }
3899 opline->lineno = lineno;
3900 zend_do_extended_fcall_end();
3901 return false;
3902 }
3903 /* }}} */
3904
zend_compile_function_name(znode * name_node,zend_ast * name_ast)3905 static bool zend_compile_function_name(znode *name_node, zend_ast *name_ast) /* {{{ */
3906 {
3907 zend_string *orig_name = zend_ast_get_str(name_ast);
3908 bool is_fully_qualified;
3909
3910 name_node->op_type = IS_CONST;
3911 ZVAL_STR(&name_node->u.constant, zend_resolve_function_name(
3912 orig_name, name_ast->attr, &is_fully_qualified));
3913
3914 return !is_fully_qualified && FC(current_namespace);
3915 }
3916 /* }}} */
3917
zend_compile_ns_call(znode * result,znode * name_node,zend_ast * args_ast,uint32_t lineno)3918 static void zend_compile_ns_call(znode *result, znode *name_node, zend_ast *args_ast, uint32_t lineno) /* {{{ */
3919 {
3920 zend_op *opline = get_next_op();
3921 opline->opcode = ZEND_INIT_NS_FCALL_BY_NAME;
3922 opline->op2_type = IS_CONST;
3923 opline->op2.constant = zend_add_ns_func_name_literal(
3924 Z_STR(name_node->u.constant));
3925 opline->result.num = zend_alloc_cache_slot();
3926
3927 zend_compile_call_common(result, args_ast, NULL, lineno);
3928 }
3929 /* }}} */
3930
zend_compile_dynamic_call(znode * result,znode * name_node,zend_ast * args_ast,uint32_t lineno)3931 static void zend_compile_dynamic_call(znode *result, znode *name_node, zend_ast *args_ast, uint32_t lineno) /* {{{ */
3932 {
3933 if (name_node->op_type == IS_CONST && Z_TYPE(name_node->u.constant) == IS_STRING) {
3934 const char *colon;
3935 zend_string *str = Z_STR(name_node->u.constant);
3936 if ((colon = zend_memrchr(ZSTR_VAL(str), ':', ZSTR_LEN(str))) != NULL && colon > ZSTR_VAL(str) && *(colon - 1) == ':') {
3937 zend_string *class = zend_string_init(ZSTR_VAL(str), colon - ZSTR_VAL(str) - 1, 0);
3938 zend_string *method = zend_string_init(colon + 1, ZSTR_LEN(str) - (colon - ZSTR_VAL(str)) - 1, 0);
3939 zend_op *opline = get_next_op();
3940
3941 opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
3942 opline->op1_type = IS_CONST;
3943 opline->op1.constant = zend_add_class_name_literal(class);
3944 opline->op2_type = IS_CONST;
3945 opline->op2.constant = zend_add_func_name_literal(method);
3946 /* 2 slots, for class and method */
3947 opline->result.num = zend_alloc_cache_slots(2);
3948 zval_ptr_dtor(&name_node->u.constant);
3949 } else {
3950 zend_op *opline = get_next_op();
3951
3952 opline->opcode = ZEND_INIT_FCALL_BY_NAME;
3953 opline->op2_type = IS_CONST;
3954 opline->op2.constant = zend_add_func_name_literal(str);
3955 opline->result.num = zend_alloc_cache_slot();
3956 }
3957 } else {
3958 zend_emit_op(NULL, ZEND_INIT_DYNAMIC_CALL, NULL, name_node);
3959 }
3960
3961 zend_compile_call_common(result, args_ast, NULL, lineno);
3962 }
3963 /* }}} */
3964
zend_args_contain_unpack_or_named(zend_ast_list * args)3965 static inline bool zend_args_contain_unpack_or_named(zend_ast_list *args) /* {{{ */
3966 {
3967 uint32_t i;
3968 for (i = 0; i < args->children; ++i) {
3969 zend_ast *arg = args->child[i];
3970 if (arg->kind == ZEND_AST_UNPACK || arg->kind == ZEND_AST_NAMED_ARG) {
3971 return 1;
3972 }
3973 }
3974 return 0;
3975 }
3976 /* }}} */
3977
zend_compile_func_strlen(znode * result,zend_ast_list * args)3978 static zend_result zend_compile_func_strlen(znode *result, zend_ast_list *args) /* {{{ */
3979 {
3980 znode arg_node;
3981
3982 if (args->children != 1) {
3983 return FAILURE;
3984 }
3985
3986 zend_compile_expr(&arg_node, args->child[0]);
3987 if (arg_node.op_type == IS_CONST && Z_TYPE(arg_node.u.constant) == IS_STRING) {
3988 result->op_type = IS_CONST;
3989 ZVAL_LONG(&result->u.constant, Z_STRLEN(arg_node.u.constant));
3990 zval_ptr_dtor_str(&arg_node.u.constant);
3991 } else {
3992 zend_emit_op_tmp(result, ZEND_STRLEN, &arg_node, NULL);
3993 }
3994 return SUCCESS;
3995 }
3996 /* }}} */
3997
zend_compile_func_typecheck(znode * result,zend_ast_list * args,uint32_t type)3998 static zend_result zend_compile_func_typecheck(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
3999 {
4000 znode arg_node;
4001 zend_op *opline;
4002
4003 if (args->children != 1) {
4004 return FAILURE;
4005 }
4006
4007 zend_compile_expr(&arg_node, args->child[0]);
4008 opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
4009 if (type != _IS_BOOL) {
4010 opline->extended_value = (1 << type);
4011 } else {
4012 opline->extended_value = (1 << IS_FALSE) | (1 << IS_TRUE);
4013 }
4014 return SUCCESS;
4015 }
4016 /* }}} */
4017
zend_compile_func_is_scalar(znode * result,zend_ast_list * args)4018 static zend_result zend_compile_func_is_scalar(znode *result, zend_ast_list *args) /* {{{ */
4019 {
4020 znode arg_node;
4021 zend_op *opline;
4022
4023 if (args->children != 1) {
4024 return FAILURE;
4025 }
4026
4027 zend_compile_expr(&arg_node, args->child[0]);
4028 opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
4029 opline->extended_value = (1 << IS_FALSE | 1 << IS_TRUE | 1 << IS_DOUBLE | 1 << IS_LONG | 1 << IS_STRING);
4030 return SUCCESS;
4031 }
4032
zend_compile_func_cast(znode * result,zend_ast_list * args,uint32_t type)4033 static zend_result zend_compile_func_cast(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
4034 {
4035 znode arg_node;
4036 zend_op *opline;
4037
4038 if (args->children != 1) {
4039 return FAILURE;
4040 }
4041
4042 zend_compile_expr(&arg_node, args->child[0]);
4043 if (type == _IS_BOOL) {
4044 opline = zend_emit_op_tmp(result, ZEND_BOOL, &arg_node, NULL);
4045 } else {
4046 opline = zend_emit_op_tmp(result, ZEND_CAST, &arg_node, NULL);
4047 opline->extended_value = type;
4048 }
4049 return SUCCESS;
4050 }
4051 /* }}} */
4052
zend_compile_func_defined(znode * result,zend_ast_list * args)4053 static zend_result zend_compile_func_defined(znode *result, zend_ast_list *args) /* {{{ */
4054 {
4055 zend_string *name;
4056 zend_op *opline;
4057
4058 if (args->children != 1 || args->child[0]->kind != ZEND_AST_ZVAL) {
4059 return FAILURE;
4060 }
4061
4062 name = zval_get_string(zend_ast_get_zval(args->child[0]));
4063 if (zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name)) || zend_memrchr(ZSTR_VAL(name), ':', ZSTR_LEN(name))) {
4064 zend_string_release_ex(name, 0);
4065 return FAILURE;
4066 }
4067
4068 if (zend_try_ct_eval_const(&result->u.constant, name, 0)) {
4069 zend_string_release_ex(name, 0);
4070 zval_ptr_dtor(&result->u.constant);
4071 ZVAL_TRUE(&result->u.constant);
4072 result->op_type = IS_CONST;
4073 return SUCCESS;
4074 }
4075
4076 opline = zend_emit_op_tmp(result, ZEND_DEFINED, NULL, NULL);
4077 opline->op1_type = IS_CONST;
4078 LITERAL_STR(opline->op1, name);
4079 opline->extended_value = zend_alloc_cache_slot();
4080
4081 return SUCCESS;
4082 }
4083 /* }}} */
4084
zend_compile_func_chr(znode * result,zend_ast_list * args)4085 static zend_result zend_compile_func_chr(znode *result, zend_ast_list *args) /* {{{ */
4086 {
4087
4088 if (args->children == 1 &&
4089 args->child[0]->kind == ZEND_AST_ZVAL &&
4090 Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_LONG) {
4091
4092 zend_long c = Z_LVAL_P(zend_ast_get_zval(args->child[0])) & 0xff;
4093
4094 result->op_type = IS_CONST;
4095 ZVAL_CHAR(&result->u.constant, c);
4096 return SUCCESS;
4097 } else {
4098 return FAILURE;
4099 }
4100 }
4101 /* }}} */
4102
zend_compile_func_ord(znode * result,zend_ast_list * args)4103 static zend_result zend_compile_func_ord(znode *result, zend_ast_list *args) /* {{{ */
4104 {
4105 if (args->children == 1 &&
4106 args->child[0]->kind == ZEND_AST_ZVAL &&
4107 Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_STRING) {
4108
4109 result->op_type = IS_CONST;
4110 ZVAL_LONG(&result->u.constant, (unsigned char)Z_STRVAL_P(zend_ast_get_zval(args->child[0]))[0]);
4111 return SUCCESS;
4112 } else {
4113 return FAILURE;
4114 }
4115 }
4116 /* }}} */
4117
4118 /* We can only calculate the stack size for functions that have been fully compiled, otherwise
4119 * additional CV or TMP slots may still be added. This prevents the use of INIT_FCALL for
4120 * directly or indirectly recursive function calls. */
fbc_is_finalized(zend_function * fbc)4121 static bool fbc_is_finalized(zend_function *fbc) {
4122 return !ZEND_USER_CODE(fbc->type) || (fbc->common.fn_flags & ZEND_ACC_DONE_PASS_TWO);
4123 }
4124
zend_compile_ignore_class(zend_class_entry * ce,zend_string * filename)4125 static bool zend_compile_ignore_class(zend_class_entry *ce, zend_string *filename)
4126 {
4127 if (ce->type == ZEND_INTERNAL_CLASS) {
4128 return CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_CLASSES;
4129 } else {
4130 return (CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES)
4131 && ce->info.user.filename != filename;
4132 }
4133 }
4134
zend_compile_ignore_function(zend_function * fbc,zend_string * filename)4135 static bool zend_compile_ignore_function(zend_function *fbc, zend_string *filename)
4136 {
4137 if (fbc->type == ZEND_INTERNAL_FUNCTION) {
4138 return CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS;
4139 } else {
4140 return (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS)
4141 || ((CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES)
4142 && fbc->op_array.filename != filename);
4143 }
4144 }
4145
zend_try_compile_ct_bound_init_user_func(zend_ast * name_ast,uint32_t num_args)4146 static zend_result zend_try_compile_ct_bound_init_user_func(zend_ast *name_ast, uint32_t num_args) /* {{{ */
4147 {
4148 zend_string *name, *lcname;
4149 zend_function *fbc;
4150 zend_op *opline;
4151
4152 if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
4153 return FAILURE;
4154 }
4155
4156 name = zend_ast_get_str(name_ast);
4157 lcname = zend_string_tolower(name);
4158
4159 fbc = zend_hash_find_ptr(CG(function_table), lcname);
4160 if (!fbc
4161 || !fbc_is_finalized(fbc)
4162 || zend_compile_ignore_function(fbc, CG(active_op_array)->filename)) {
4163 zend_string_release_ex(lcname, 0);
4164 return FAILURE;
4165 }
4166
4167 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, NULL);
4168 opline->extended_value = num_args;
4169 opline->op1.num = zend_vm_calc_used_stack(num_args, fbc);
4170 opline->op2_type = IS_CONST;
4171 LITERAL_STR(opline->op2, lcname);
4172 opline->result.num = zend_alloc_cache_slot();
4173
4174 return SUCCESS;
4175 }
4176 /* }}} */
4177
zend_compile_init_user_func(zend_ast * name_ast,uint32_t num_args,zend_string * orig_func_name)4178 static void zend_compile_init_user_func(zend_ast *name_ast, uint32_t num_args, zend_string *orig_func_name) /* {{{ */
4179 {
4180 zend_op *opline;
4181 znode name_node;
4182
4183 if (zend_try_compile_ct_bound_init_user_func(name_ast, num_args) == SUCCESS) {
4184 return;
4185 }
4186
4187 zend_compile_expr(&name_node, name_ast);
4188
4189 opline = zend_emit_op(NULL, ZEND_INIT_USER_CALL, NULL, &name_node);
4190 opline->op1_type = IS_CONST;
4191 LITERAL_STR(opline->op1, zend_string_copy(orig_func_name));
4192 opline->extended_value = num_args;
4193 }
4194 /* }}} */
4195
4196 /* cufa = call_user_func_array */
zend_compile_func_cufa(znode * result,zend_ast_list * args,zend_string * lcname)4197 static zend_result zend_compile_func_cufa(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4198 {
4199 znode arg_node;
4200 zend_op *opline;
4201
4202 if (args->children != 2) {
4203 return FAILURE;
4204 }
4205
4206 zend_compile_init_user_func(args->child[0], 0, lcname);
4207 if (args->child[1]->kind == ZEND_AST_CALL
4208 && args->child[1]->child[0]->kind == ZEND_AST_ZVAL
4209 && Z_TYPE_P(zend_ast_get_zval(args->child[1]->child[0])) == IS_STRING
4210 && args->child[1]->child[1]->kind == ZEND_AST_ARG_LIST) {
4211 zend_string *orig_name = zend_ast_get_str(args->child[1]->child[0]);
4212 zend_ast_list *list = zend_ast_get_list(args->child[1]->child[1]);
4213 bool is_fully_qualified;
4214 zend_string *name = zend_resolve_function_name(orig_name, args->child[1]->child[0]->attr, &is_fully_qualified);
4215
4216 if (zend_string_equals_literal_ci(name, "array_slice")
4217 && !zend_args_contain_unpack_or_named(list)
4218 && list->children == 3
4219 && list->child[1]->kind == ZEND_AST_ZVAL) {
4220 zval *zv = zend_ast_get_zval(list->child[1]);
4221
4222 if (Z_TYPE_P(zv) == IS_LONG
4223 && Z_LVAL_P(zv) >= 0
4224 && Z_LVAL_P(zv) <= 0x7fffffff) {
4225 zend_op *opline;
4226 znode len_node;
4227
4228 zend_compile_expr(&arg_node, list->child[0]);
4229 zend_compile_expr(&len_node, list->child[2]);
4230 opline = zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, &len_node);
4231 opline->extended_value = Z_LVAL_P(zv);
4232 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
4233 zend_string_release_ex(name, 0);
4234 return SUCCESS;
4235 }
4236 }
4237 zend_string_release_ex(name, 0);
4238 }
4239 zend_compile_expr(&arg_node, args->child[1]);
4240 zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, NULL);
4241 zend_emit_op(NULL, ZEND_CHECK_UNDEF_ARGS, NULL, NULL);
4242 opline = zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
4243 opline->extended_value = ZEND_FCALL_MAY_HAVE_EXTRA_NAMED_PARAMS;
4244
4245 return SUCCESS;
4246 }
4247 /* }}} */
4248
4249 /* cuf = call_user_func */
zend_compile_func_cuf(znode * result,zend_ast_list * args,zend_string * lcname)4250 static zend_result zend_compile_func_cuf(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4251 {
4252 uint32_t i;
4253
4254 if (args->children < 1) {
4255 return FAILURE;
4256 }
4257
4258 zend_compile_init_user_func(args->child[0], args->children - 1, lcname);
4259 for (i = 1; i < args->children; ++i) {
4260 zend_ast *arg_ast = args->child[i];
4261 znode arg_node;
4262 zend_op *opline;
4263
4264 zend_compile_expr(&arg_node, arg_ast);
4265
4266 opline = zend_emit_op(NULL, ZEND_SEND_USER, &arg_node, NULL);
4267 opline->op2.num = i;
4268 opline->result.var = EX_NUM_TO_VAR(i - 1);
4269 }
4270 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
4271
4272 return SUCCESS;
4273 }
4274 /* }}} */
4275
zend_compile_assert(znode * result,zend_ast_list * args,zend_string * name,zend_function * fbc,uint32_t lineno)4276 static void zend_compile_assert(znode *result, zend_ast_list *args, zend_string *name, zend_function *fbc, uint32_t lineno) /* {{{ */
4277 {
4278 if (EG(assertions) >= 0) {
4279 znode name_node;
4280 zend_op *opline;
4281 uint32_t check_op_number = get_next_op_number();
4282
4283 zend_emit_op(NULL, ZEND_ASSERT_CHECK, NULL, NULL);
4284
4285 if (fbc && fbc_is_finalized(fbc)) {
4286 name_node.op_type = IS_CONST;
4287 ZVAL_STR_COPY(&name_node.u.constant, name);
4288
4289 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
4290 } else {
4291 opline = zend_emit_op(NULL, ZEND_INIT_NS_FCALL_BY_NAME, NULL, NULL);
4292 opline->op2_type = IS_CONST;
4293 opline->op2.constant = zend_add_ns_func_name_literal(name);
4294 }
4295 opline->result.num = zend_alloc_cache_slot();
4296
4297 if (args->children == 1) {
4298 /* add "assert(condition) as assertion message */
4299 zend_ast *arg = zend_ast_create_zval_from_str(
4300 zend_ast_export("assert(", args->child[0], ")"));
4301 if (args->child[0]->kind == ZEND_AST_NAMED_ARG) {
4302 /* If the original argument was named, add the new argument as named as well,
4303 * as mixing named and positional is not allowed. */
4304 zend_ast *name = zend_ast_create_zval_from_str(
4305 ZSTR_INIT_LITERAL("description", 0));
4306 arg = zend_ast_create(ZEND_AST_NAMED_ARG, name, arg);
4307 }
4308 zend_ast_list_add((zend_ast *) args, arg);
4309 }
4310
4311 zend_compile_call_common(result, (zend_ast*)args, fbc, lineno);
4312
4313 opline = &CG(active_op_array)->opcodes[check_op_number];
4314 opline->op2.opline_num = get_next_op_number();
4315 SET_NODE(opline->result, result);
4316 } else {
4317 if (!fbc) {
4318 zend_string_release_ex(name, 0);
4319 }
4320 result->op_type = IS_CONST;
4321 ZVAL_TRUE(&result->u.constant);
4322 }
4323 }
4324 /* }}} */
4325
zend_compile_func_in_array(znode * result,zend_ast_list * args)4326 static zend_result zend_compile_func_in_array(znode *result, zend_ast_list *args) /* {{{ */
4327 {
4328 bool strict = 0;
4329 znode array, needly;
4330 zend_op *opline;
4331
4332 if (args->children == 3) {
4333 if (args->child[2]->kind == ZEND_AST_ZVAL) {
4334 strict = zend_is_true(zend_ast_get_zval(args->child[2]));
4335 } else if (args->child[2]->kind == ZEND_AST_CONST) {
4336 zval value;
4337 zend_ast *name_ast = args->child[2]->child[0];
4338 bool is_fully_qualified;
4339 zend_string *resolved_name = zend_resolve_const_name(
4340 zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
4341
4342 if (!zend_try_ct_eval_const(&value, resolved_name, is_fully_qualified)) {
4343 zend_string_release_ex(resolved_name, 0);
4344 return FAILURE;
4345 }
4346
4347 zend_string_release_ex(resolved_name, 0);
4348 strict = zend_is_true(&value);
4349 zval_ptr_dtor(&value);
4350 } else {
4351 return FAILURE;
4352 }
4353 } else if (args->children != 2) {
4354 return FAILURE;
4355 }
4356
4357 if (args->child[1]->kind != ZEND_AST_ARRAY
4358 || !zend_try_ct_eval_array(&array.u.constant, args->child[1])) {
4359 return FAILURE;
4360 }
4361
4362 if (zend_hash_num_elements(Z_ARRVAL(array.u.constant)) > 0) {
4363 bool ok = 1;
4364 zval *val, tmp;
4365 HashTable *src = Z_ARRVAL(array.u.constant);
4366 HashTable *dst = zend_new_array(zend_hash_num_elements(src));
4367
4368 ZVAL_TRUE(&tmp);
4369
4370 if (strict) {
4371 ZEND_HASH_FOREACH_VAL(src, val) {
4372 if (Z_TYPE_P(val) == IS_STRING) {
4373 zend_hash_add(dst, Z_STR_P(val), &tmp);
4374 } else if (Z_TYPE_P(val) == IS_LONG) {
4375 zend_hash_index_add(dst, Z_LVAL_P(val), &tmp);
4376 } else {
4377 zend_array_destroy(dst);
4378 ok = 0;
4379 break;
4380 }
4381 } ZEND_HASH_FOREACH_END();
4382 } else {
4383 ZEND_HASH_FOREACH_VAL(src, val) {
4384 if (Z_TYPE_P(val) != IS_STRING
4385 || is_numeric_string(Z_STRVAL_P(val), Z_STRLEN_P(val), NULL, NULL, 0)) {
4386 zend_array_destroy(dst);
4387 ok = 0;
4388 break;
4389 }
4390 zend_hash_add(dst, Z_STR_P(val), &tmp);
4391 } ZEND_HASH_FOREACH_END();
4392 }
4393
4394 zend_array_destroy(src);
4395 if (!ok) {
4396 return FAILURE;
4397 }
4398 Z_ARRVAL(array.u.constant) = dst;
4399 }
4400 array.op_type = IS_CONST;
4401
4402 zend_compile_expr(&needly, args->child[0]);
4403
4404 opline = zend_emit_op_tmp(result, ZEND_IN_ARRAY, &needly, &array);
4405 opline->extended_value = strict;
4406
4407 return SUCCESS;
4408 }
4409 /* }}} */
4410
zend_compile_func_count(znode * result,zend_ast_list * args,zend_string * lcname)4411 static zend_result zend_compile_func_count(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4412 {
4413 znode arg_node;
4414 zend_op *opline;
4415
4416 if (args->children != 1) {
4417 return FAILURE;
4418 }
4419
4420 zend_compile_expr(&arg_node, args->child[0]);
4421 opline = zend_emit_op_tmp(result, ZEND_COUNT, &arg_node, NULL);
4422 opline->extended_value = zend_string_equals_literal(lcname, "sizeof");
4423
4424 return SUCCESS;
4425 }
4426 /* }}} */
4427
zend_compile_func_get_class(znode * result,zend_ast_list * args)4428 static zend_result zend_compile_func_get_class(znode *result, zend_ast_list *args) /* {{{ */
4429 {
4430 if (args->children == 0) {
4431 zend_emit_op_tmp(result, ZEND_GET_CLASS, NULL, NULL);
4432 } else {
4433 znode arg_node;
4434
4435 if (args->children != 1) {
4436 return FAILURE;
4437 }
4438
4439 zend_compile_expr(&arg_node, args->child[0]);
4440 zend_emit_op_tmp(result, ZEND_GET_CLASS, &arg_node, NULL);
4441 }
4442 return SUCCESS;
4443 }
4444 /* }}} */
4445
zend_compile_func_get_called_class(znode * result,zend_ast_list * args)4446 static zend_result zend_compile_func_get_called_class(znode *result, zend_ast_list *args) /* {{{ */
4447 {
4448 if (args->children != 0) {
4449 return FAILURE;
4450 }
4451
4452 zend_emit_op_tmp(result, ZEND_GET_CALLED_CLASS, NULL, NULL);
4453 return SUCCESS;
4454 }
4455 /* }}} */
4456
zend_compile_func_gettype(znode * result,zend_ast_list * args)4457 static zend_result zend_compile_func_gettype(znode *result, zend_ast_list *args) /* {{{ */
4458 {
4459 znode arg_node;
4460
4461 if (args->children != 1) {
4462 return FAILURE;
4463 }
4464
4465 zend_compile_expr(&arg_node, args->child[0]);
4466 zend_emit_op_tmp(result, ZEND_GET_TYPE, &arg_node, NULL);
4467 return SUCCESS;
4468 }
4469 /* }}} */
4470
zend_compile_func_num_args(znode * result,zend_ast_list * args)4471 static zend_result zend_compile_func_num_args(znode *result, zend_ast_list *args) /* {{{ */
4472 {
4473 if (CG(active_op_array)->function_name && args->children == 0) {
4474 zend_emit_op_tmp(result, ZEND_FUNC_NUM_ARGS, NULL, NULL);
4475 return SUCCESS;
4476 } else {
4477 return FAILURE;
4478 }
4479 }
4480 /* }}} */
4481
zend_compile_func_get_args(znode * result,zend_ast_list * args)4482 static zend_result zend_compile_func_get_args(znode *result, zend_ast_list *args) /* {{{ */
4483 {
4484 if (CG(active_op_array)->function_name && args->children == 0) {
4485 zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, NULL, NULL);
4486 return SUCCESS;
4487 } else {
4488 return FAILURE;
4489 }
4490 }
4491 /* }}} */
4492
zend_compile_func_array_key_exists(znode * result,zend_ast_list * args)4493 static zend_result zend_compile_func_array_key_exists(znode *result, zend_ast_list *args) /* {{{ */
4494 {
4495 znode subject, needle;
4496
4497 if (args->children != 2) {
4498 return FAILURE;
4499 }
4500
4501 zend_compile_expr(&needle, args->child[0]);
4502 zend_compile_expr(&subject, args->child[1]);
4503
4504 zend_emit_op_tmp(result, ZEND_ARRAY_KEY_EXISTS, &needle, &subject);
4505 return SUCCESS;
4506 }
4507 /* }}} */
4508
zend_compile_func_array_slice(znode * result,zend_ast_list * args)4509 static zend_result zend_compile_func_array_slice(znode *result, zend_ast_list *args) /* {{{ */
4510 {
4511 if (CG(active_op_array)->function_name
4512 && args->children == 2
4513 && args->child[0]->kind == ZEND_AST_CALL
4514 && args->child[0]->child[0]->kind == ZEND_AST_ZVAL
4515 && Z_TYPE_P(zend_ast_get_zval(args->child[0]->child[0])) == IS_STRING
4516 && args->child[0]->child[1]->kind == ZEND_AST_ARG_LIST
4517 && args->child[1]->kind == ZEND_AST_ZVAL) {
4518
4519 zend_string *orig_name = zend_ast_get_str(args->child[0]->child[0]);
4520 bool is_fully_qualified;
4521 zend_string *name = zend_resolve_function_name(orig_name, args->child[0]->child[0]->attr, &is_fully_qualified);
4522 zend_ast_list *list = zend_ast_get_list(args->child[0]->child[1]);
4523 zval *zv = zend_ast_get_zval(args->child[1]);
4524 znode first;
4525
4526 if (zend_string_equals_literal_ci(name, "func_get_args")
4527 && list->children == 0
4528 && Z_TYPE_P(zv) == IS_LONG
4529 && Z_LVAL_P(zv) >= 0) {
4530 first.op_type = IS_CONST;
4531 ZVAL_LONG(&first.u.constant, Z_LVAL_P(zv));
4532 zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, &first, NULL);
4533 zend_string_release_ex(name, 0);
4534 return SUCCESS;
4535 }
4536 zend_string_release_ex(name, 0);
4537 }
4538 return FAILURE;
4539 }
4540 /* }}} */
4541
zend_try_compile_special_func(znode * result,zend_string * lcname,zend_ast_list * args,zend_function * fbc,uint32_t type)4542 static zend_result zend_try_compile_special_func(znode *result, zend_string *lcname, zend_ast_list *args, zend_function *fbc, uint32_t type) /* {{{ */
4543 {
4544 if (CG(compiler_options) & ZEND_COMPILE_NO_BUILTINS) {
4545 return FAILURE;
4546 }
4547
4548 if (fbc->type != ZEND_INTERNAL_FUNCTION) {
4549 /* If the function is part of disabled_functions, it may be redeclared as a userland
4550 * function with a different implementation. Don't use the VM builtin in that case. */
4551 return FAILURE;
4552 }
4553
4554 if (zend_args_contain_unpack_or_named(args)) {
4555 return FAILURE;
4556 }
4557
4558 if (zend_string_equals_literal(lcname, "strlen")) {
4559 return zend_compile_func_strlen(result, args);
4560 } else if (zend_string_equals_literal(lcname, "is_null")) {
4561 return zend_compile_func_typecheck(result, args, IS_NULL);
4562 } else if (zend_string_equals_literal(lcname, "is_bool")) {
4563 return zend_compile_func_typecheck(result, args, _IS_BOOL);
4564 } else if (zend_string_equals_literal(lcname, "is_long")
4565 || zend_string_equals_literal(lcname, "is_int")
4566 || zend_string_equals_literal(lcname, "is_integer")
4567 ) {
4568 return zend_compile_func_typecheck(result, args, IS_LONG);
4569 } else if (zend_string_equals_literal(lcname, "is_float")
4570 || zend_string_equals_literal(lcname, "is_double")
4571 ) {
4572 return zend_compile_func_typecheck(result, args, IS_DOUBLE);
4573 } else if (zend_string_equals_literal(lcname, "is_string")) {
4574 return zend_compile_func_typecheck(result, args, IS_STRING);
4575 } else if (zend_string_equals_literal(lcname, "is_array")) {
4576 return zend_compile_func_typecheck(result, args, IS_ARRAY);
4577 } else if (zend_string_equals_literal(lcname, "is_object")) {
4578 return zend_compile_func_typecheck(result, args, IS_OBJECT);
4579 } else if (zend_string_equals_literal(lcname, "is_resource")) {
4580 return zend_compile_func_typecheck(result, args, IS_RESOURCE);
4581 } else if (zend_string_equals_literal(lcname, "is_scalar")) {
4582 return zend_compile_func_is_scalar(result, args);
4583 } else if (zend_string_equals_literal(lcname, "boolval")) {
4584 return zend_compile_func_cast(result, args, _IS_BOOL);
4585 } else if (zend_string_equals_literal(lcname, "intval")) {
4586 return zend_compile_func_cast(result, args, IS_LONG);
4587 } else if (zend_string_equals_literal(lcname, "floatval")
4588 || zend_string_equals_literal(lcname, "doubleval")
4589 ) {
4590 return zend_compile_func_cast(result, args, IS_DOUBLE);
4591 } else if (zend_string_equals_literal(lcname, "strval")) {
4592 return zend_compile_func_cast(result, args, IS_STRING);
4593 } else if (zend_string_equals_literal(lcname, "defined")) {
4594 return zend_compile_func_defined(result, args);
4595 } else if (zend_string_equals_literal(lcname, "chr") && type == BP_VAR_R) {
4596 return zend_compile_func_chr(result, args);
4597 } else if (zend_string_equals_literal(lcname, "ord") && type == BP_VAR_R) {
4598 return zend_compile_func_ord(result, args);
4599 } else if (zend_string_equals_literal(lcname, "call_user_func_array")) {
4600 return zend_compile_func_cufa(result, args, lcname);
4601 } else if (zend_string_equals_literal(lcname, "call_user_func")) {
4602 return zend_compile_func_cuf(result, args, lcname);
4603 } else if (zend_string_equals_literal(lcname, "in_array")) {
4604 return zend_compile_func_in_array(result, args);
4605 } else if (zend_string_equals(lcname, ZSTR_KNOWN(ZEND_STR_COUNT))
4606 || zend_string_equals_literal(lcname, "sizeof")) {
4607 return zend_compile_func_count(result, args, lcname);
4608 } else if (zend_string_equals_literal(lcname, "get_class")) {
4609 return zend_compile_func_get_class(result, args);
4610 } else if (zend_string_equals_literal(lcname, "get_called_class")) {
4611 return zend_compile_func_get_called_class(result, args);
4612 } else if (zend_string_equals_literal(lcname, "gettype")) {
4613 return zend_compile_func_gettype(result, args);
4614 } else if (zend_string_equals_literal(lcname, "func_num_args")) {
4615 return zend_compile_func_num_args(result, args);
4616 } else if (zend_string_equals_literal(lcname, "func_get_args")) {
4617 return zend_compile_func_get_args(result, args);
4618 } else if (zend_string_equals_literal(lcname, "array_slice")) {
4619 return zend_compile_func_array_slice(result, args);
4620 } else if (zend_string_equals_literal(lcname, "array_key_exists")) {
4621 return zend_compile_func_array_key_exists(result, args);
4622 } else {
4623 return FAILURE;
4624 }
4625 }
4626 /* }}} */
4627
zend_compile_call(znode * result,zend_ast * ast,uint32_t type)4628 static void zend_compile_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4629 {
4630 zend_ast *name_ast = ast->child[0];
4631 zend_ast *args_ast = ast->child[1];
4632 bool is_callable_convert = args_ast->kind == ZEND_AST_CALLABLE_CONVERT;
4633
4634 znode name_node;
4635
4636 if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
4637 zend_compile_expr(&name_node, name_ast);
4638 zend_compile_dynamic_call(result, &name_node, args_ast, ast->lineno);
4639 return;
4640 }
4641
4642 {
4643 bool runtime_resolution = zend_compile_function_name(&name_node, name_ast);
4644 if (runtime_resolution) {
4645 if (zend_string_equals_literal_ci(zend_ast_get_str(name_ast), "assert")
4646 && !is_callable_convert) {
4647 zend_compile_assert(result, zend_ast_get_list(args_ast), Z_STR(name_node.u.constant), NULL, ast->lineno);
4648 } else {
4649 zend_compile_ns_call(result, &name_node, args_ast, ast->lineno);
4650 }
4651 return;
4652 }
4653 }
4654
4655 {
4656 zval *name = &name_node.u.constant;
4657 zend_string *lcname;
4658 zend_function *fbc;
4659 zend_op *opline;
4660
4661 lcname = zend_string_tolower(Z_STR_P(name));
4662 fbc = zend_hash_find_ptr(CG(function_table), lcname);
4663
4664 /* Special assert() handling should apply independently of compiler flags. */
4665 if (fbc && zend_string_equals_literal(lcname, "assert") && !is_callable_convert) {
4666 zend_compile_assert(result, zend_ast_get_list(args_ast), lcname, fbc, ast->lineno);
4667 zend_string_release(lcname);
4668 zval_ptr_dtor(&name_node.u.constant);
4669 return;
4670 }
4671
4672 if (!fbc
4673 || !fbc_is_finalized(fbc)
4674 || zend_compile_ignore_function(fbc, CG(active_op_array)->filename)) {
4675 zend_string_release_ex(lcname, 0);
4676 zend_compile_dynamic_call(result, &name_node, args_ast, ast->lineno);
4677 return;
4678 }
4679
4680 if (!is_callable_convert &&
4681 zend_try_compile_special_func(result, lcname,
4682 zend_ast_get_list(args_ast), fbc, type) == SUCCESS
4683 ) {
4684 zend_string_release_ex(lcname, 0);
4685 zval_ptr_dtor(&name_node.u.constant);
4686 return;
4687 }
4688
4689 zval_ptr_dtor(&name_node.u.constant);
4690 ZVAL_NEW_STR(&name_node.u.constant, lcname);
4691
4692 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
4693 opline->result.num = zend_alloc_cache_slot();
4694
4695 zend_compile_call_common(result, args_ast, fbc, ast->lineno);
4696 }
4697 }
4698 /* }}} */
4699
zend_compile_method_call(znode * result,zend_ast * ast,uint32_t type)4700 static void zend_compile_method_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4701 {
4702 zend_ast *obj_ast = ast->child[0];
4703 zend_ast *method_ast = ast->child[1];
4704 zend_ast *args_ast = ast->child[2];
4705
4706 znode obj_node, method_node;
4707 zend_op *opline;
4708 zend_function *fbc = NULL;
4709 bool nullsafe = ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL;
4710 uint32_t short_circuiting_checkpoint = zend_short_circuiting_checkpoint();
4711
4712 if (is_this_fetch(obj_ast)) {
4713 if (this_guaranteed_exists()) {
4714 obj_node.op_type = IS_UNUSED;
4715 } else {
4716 zend_emit_op(&obj_node, ZEND_FETCH_THIS, NULL, NULL);
4717 }
4718 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
4719
4720 /* We will throw if $this doesn't exist, so there's no need to emit a JMP_NULL
4721 * check for a nullsafe access. */
4722 } else {
4723 zend_short_circuiting_mark_inner(obj_ast);
4724 zend_compile_expr(&obj_node, obj_ast);
4725 if (nullsafe) {
4726 zend_emit_jmp_null(&obj_node, type);
4727 }
4728 }
4729
4730 zend_compile_expr(&method_node, method_ast);
4731 opline = zend_emit_op(NULL, ZEND_INIT_METHOD_CALL, &obj_node, NULL);
4732
4733 if (method_node.op_type == IS_CONST) {
4734 if (Z_TYPE(method_node.u.constant) != IS_STRING) {
4735 zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4736 }
4737
4738 opline->op2_type = IS_CONST;
4739 opline->op2.constant = zend_add_func_name_literal(
4740 Z_STR(method_node.u.constant));
4741 opline->result.num = zend_alloc_cache_slots(2);
4742 } else {
4743 SET_NODE(opline->op2, &method_node);
4744 }
4745
4746 /* Check if this calls a known method on $this */
4747 if (opline->op1_type == IS_UNUSED && opline->op2_type == IS_CONST &&
4748 CG(active_class_entry) && zend_is_scope_known()) {
4749 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4750 fbc = zend_hash_find_ptr(&CG(active_class_entry)->function_table, lcname);
4751
4752 /* We only know the exact method that is being called if it is either private or final.
4753 * Otherwise an overriding method in a child class may be called. */
4754 if (fbc && !(fbc->common.fn_flags & (ZEND_ACC_PRIVATE|ZEND_ACC_FINAL))) {
4755 fbc = NULL;
4756 }
4757 }
4758
4759 if (zend_compile_call_common(result, args_ast, fbc, zend_ast_get_lineno(method_ast))) {
4760 if (short_circuiting_checkpoint != zend_short_circuiting_checkpoint()) {
4761 zend_error_noreturn(E_COMPILE_ERROR,
4762 "Cannot combine nullsafe operator with Closure creation");
4763 }
4764 }
4765 }
4766 /* }}} */
4767
zend_is_constructor(zend_string * name)4768 static bool zend_is_constructor(zend_string *name) /* {{{ */
4769 {
4770 return zend_string_equals_literal_ci(name, ZEND_CONSTRUCTOR_FUNC_NAME);
4771 }
4772 /* }}} */
4773
zend_get_compatible_func_or_null(zend_class_entry * ce,zend_string * lcname)4774 static zend_function *zend_get_compatible_func_or_null(zend_class_entry *ce, zend_string *lcname) /* {{{ */
4775 {
4776 zend_function *fbc = zend_hash_find_ptr(&ce->function_table, lcname);
4777 if (!fbc || (fbc->common.fn_flags & ZEND_ACC_PUBLIC) || ce == CG(active_class_entry)) {
4778 return fbc;
4779 }
4780
4781 if (!(fbc->common.fn_flags & ZEND_ACC_PRIVATE)
4782 && (fbc->common.scope->ce_flags & ZEND_ACC_LINKED)
4783 && (!CG(active_class_entry) || (CG(active_class_entry)->ce_flags & ZEND_ACC_LINKED))
4784 && zend_check_protected(zend_get_function_root_class(fbc), CG(active_class_entry))) {
4785 return fbc;
4786 }
4787
4788 return NULL;
4789 }
4790 /* }}} */
4791
zend_compile_static_call(znode * result,zend_ast * ast,uint32_t type)4792 static void zend_compile_static_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4793 {
4794 zend_ast *class_ast = ast->child[0];
4795 zend_ast *method_ast = ast->child[1];
4796 zend_ast *args_ast = ast->child[2];
4797
4798 znode class_node, method_node;
4799 zend_op *opline;
4800 zend_function *fbc = NULL;
4801
4802 zend_short_circuiting_mark_inner(class_ast);
4803 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4804
4805 zend_compile_expr(&method_node, method_ast);
4806
4807 if (method_node.op_type == IS_CONST) {
4808 zval *name = &method_node.u.constant;
4809 if (Z_TYPE_P(name) != IS_STRING) {
4810 zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4811 }
4812 if (zend_is_constructor(Z_STR_P(name))) {
4813 zval_ptr_dtor(name);
4814 method_node.op_type = IS_UNUSED;
4815 }
4816 }
4817
4818 opline = get_next_op();
4819 opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
4820
4821 zend_set_class_name_op1(opline, &class_node);
4822
4823 if (method_node.op_type == IS_CONST) {
4824 opline->op2_type = IS_CONST;
4825 opline->op2.constant = zend_add_func_name_literal(
4826 Z_STR(method_node.u.constant));
4827 opline->result.num = zend_alloc_cache_slots(2);
4828 } else {
4829 if (opline->op1_type == IS_CONST) {
4830 opline->result.num = zend_alloc_cache_slot();
4831 }
4832 SET_NODE(opline->op2, &method_node);
4833 }
4834
4835 /* Check if we already know which method we're calling */
4836 if (opline->op2_type == IS_CONST) {
4837 zend_class_entry *ce = NULL;
4838 if (opline->op1_type == IS_CONST) {
4839 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op1) + 1);
4840 ce = zend_hash_find_ptr(CG(class_table), lcname);
4841 if (ce) {
4842 if (zend_compile_ignore_class(ce, CG(active_op_array)->filename)) {
4843 ce = NULL;
4844 }
4845 } else if (CG(active_class_entry)
4846 && zend_string_equals_ci(CG(active_class_entry)->name, lcname)) {
4847 ce = CG(active_class_entry);
4848 }
4849 } else if (opline->op1_type == IS_UNUSED
4850 && (opline->op1.num & ZEND_FETCH_CLASS_MASK) == ZEND_FETCH_CLASS_SELF
4851 && zend_is_scope_known()) {
4852 ce = CG(active_class_entry);
4853 }
4854 if (ce) {
4855 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4856 fbc = zend_get_compatible_func_or_null(ce, lcname);
4857 }
4858 }
4859
4860 zend_compile_call_common(result, args_ast, fbc, zend_ast_get_lineno(method_ast));
4861 }
4862 /* }}} */
4863
4864 static void zend_compile_class_decl(znode *result, zend_ast *ast, bool toplevel);
4865
zend_compile_new(znode * result,zend_ast * ast)4866 static void zend_compile_new(znode *result, zend_ast *ast) /* {{{ */
4867 {
4868 zend_ast *class_ast = ast->child[0];
4869 zend_ast *args_ast = ast->child[1];
4870
4871 znode class_node, ctor_result;
4872 zend_op *opline;
4873
4874 if (class_ast->kind == ZEND_AST_CLASS) {
4875 /* anon class declaration */
4876 zend_compile_class_decl(&class_node, class_ast, 0);
4877 } else {
4878 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4879 }
4880
4881 opline = zend_emit_op(result, ZEND_NEW, NULL, NULL);
4882
4883 if (class_node.op_type == IS_CONST) {
4884 opline->op1_type = IS_CONST;
4885 opline->op1.constant = zend_add_class_name_literal(
4886 Z_STR(class_node.u.constant));
4887 opline->op2.num = zend_alloc_cache_slot();
4888 } else {
4889 SET_NODE(opline->op1, &class_node);
4890 }
4891
4892 zend_compile_call_common(&ctor_result, args_ast, NULL, ast->lineno);
4893 zend_do_free(&ctor_result);
4894 }
4895 /* }}} */
4896
zend_compile_clone(znode * result,zend_ast * ast)4897 static void zend_compile_clone(znode *result, zend_ast *ast) /* {{{ */
4898 {
4899 zend_ast *obj_ast = ast->child[0];
4900
4901 znode obj_node;
4902 zend_compile_expr(&obj_node, obj_ast);
4903
4904 zend_emit_op_tmp(result, ZEND_CLONE, &obj_node, NULL);
4905 }
4906 /* }}} */
4907
zend_compile_global_var(zend_ast * ast)4908 static void zend_compile_global_var(zend_ast *ast) /* {{{ */
4909 {
4910 zend_ast *var_ast = ast->child[0];
4911 zend_ast *name_ast = var_ast->child[0];
4912
4913 znode name_node, result;
4914
4915 zend_compile_expr(&name_node, name_ast);
4916 if (name_node.op_type == IS_CONST) {
4917 convert_to_string(&name_node.u.constant);
4918 }
4919
4920 // TODO(GLOBALS) Forbid "global $GLOBALS"?
4921 if (is_this_fetch(var_ast)) {
4922 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as global variable");
4923 } else if (zend_try_compile_cv(&result, var_ast) == SUCCESS) {
4924 zend_op *opline = zend_emit_op(NULL, ZEND_BIND_GLOBAL, &result, &name_node);
4925 opline->extended_value = zend_alloc_cache_slot();
4926 } else {
4927 /* name_ast should be evaluated only. FETCH_GLOBAL_LOCK instructs FETCH_W
4928 * to not free the name_node operand, so it can be reused in the following
4929 * ASSIGN_REF, which then frees it. */
4930 zend_op *opline = zend_emit_op(&result, ZEND_FETCH_W, &name_node, NULL);
4931 opline->extended_value = ZEND_FETCH_GLOBAL_LOCK;
4932
4933 if (name_node.op_type == IS_CONST) {
4934 zend_string_addref(Z_STR(name_node.u.constant));
4935 }
4936
4937 zend_emit_assign_ref_znode(
4938 zend_ast_create(ZEND_AST_VAR, zend_ast_create_znode(&name_node)),
4939 &result
4940 );
4941 }
4942 }
4943 /* }}} */
4944
zend_compile_static_var_common(zend_string * var_name,zval * value,uint32_t mode)4945 static void zend_compile_static_var_common(zend_string *var_name, zval *value, uint32_t mode) /* {{{ */
4946 {
4947 zend_op *opline;
4948 if (!CG(active_op_array)->static_variables) {
4949 if (CG(active_op_array)->scope) {
4950 CG(active_op_array)->scope->ce_flags |= ZEND_HAS_STATIC_IN_METHODS;
4951 }
4952 CG(active_op_array)->static_variables = zend_new_array(8);
4953 }
4954
4955 value = zend_hash_update(CG(active_op_array)->static_variables, var_name, value);
4956
4957 if (zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
4958 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as static variable");
4959 }
4960
4961 opline = zend_emit_op(NULL, ZEND_BIND_STATIC, NULL, NULL);
4962 opline->op1_type = IS_CV;
4963 opline->op1.var = lookup_cv(var_name);
4964 opline->extended_value = (uint32_t)((char*)value - (char*)CG(active_op_array)->static_variables->arData) | mode;
4965 }
4966 /* }}} */
4967
zend_compile_static_var(zend_ast * ast)4968 static void zend_compile_static_var(zend_ast *ast) /* {{{ */
4969 {
4970 zend_ast *var_ast = ast->child[0];
4971 zend_string *var_name = zend_ast_get_str(var_ast);
4972
4973 if (zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
4974 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as static variable");
4975 }
4976
4977 if (!CG(active_op_array)->static_variables) {
4978 if (CG(active_op_array)->scope) {
4979 CG(active_op_array)->scope->ce_flags |= ZEND_HAS_STATIC_IN_METHODS;
4980 }
4981 CG(active_op_array)->static_variables = zend_new_array(8);
4982 }
4983
4984 if (zend_hash_exists(CG(active_op_array)->static_variables, var_name)) {
4985 zend_error_noreturn(E_COMPILE_ERROR, "Duplicate declaration of static variable $%s", ZSTR_VAL(var_name));
4986 }
4987
4988 zend_eval_const_expr(&ast->child[1]);
4989 zend_ast *value_ast = ast->child[1];
4990
4991 if (!value_ast || value_ast->kind == ZEND_AST_ZVAL) {
4992 zval *value_zv = value_ast
4993 ? zend_ast_get_zval(value_ast)
4994 : &EG(uninitialized_zval);
4995 Z_TRY_ADDREF_P(value_zv);
4996 zend_compile_static_var_common(var_name, value_zv, ZEND_BIND_REF);
4997 } else {
4998 zend_op *opline;
4999
5000 zval *placeholder_ptr = zend_hash_update(CG(active_op_array)->static_variables, var_name, &EG(uninitialized_zval));
5001 Z_TYPE_EXTRA_P(placeholder_ptr) |= IS_STATIC_VAR_UNINITIALIZED;
5002 uint32_t placeholder_offset = (uint32_t)((char*)placeholder_ptr - (char*)CG(active_op_array)->static_variables->arData);
5003
5004 uint32_t static_def_jmp_opnum = get_next_op_number();
5005 opline = zend_emit_op(NULL, ZEND_BIND_INIT_STATIC_OR_JMP, NULL, NULL);
5006 opline->op1_type = IS_CV;
5007 opline->op1.var = lookup_cv(var_name);
5008 opline->extended_value = placeholder_offset;
5009
5010 znode expr;
5011 zend_compile_expr(&expr, value_ast);
5012
5013 opline = zend_emit_op(NULL, ZEND_BIND_STATIC, NULL, &expr);
5014 opline->op1_type = IS_CV;
5015 opline->op1.var = lookup_cv(var_name);
5016 opline->extended_value = placeholder_offset | ZEND_BIND_REF;
5017
5018 zend_update_jump_target_to_next(static_def_jmp_opnum);
5019 }
5020 }
5021 /* }}} */
5022
zend_compile_unset(zend_ast * ast)5023 static void zend_compile_unset(zend_ast *ast) /* {{{ */
5024 {
5025 zend_ast *var_ast = ast->child[0];
5026 znode var_node;
5027 zend_op *opline;
5028
5029 zend_ensure_writable_variable(var_ast);
5030
5031 if (is_global_var_fetch(var_ast)) {
5032 if (!var_ast->child[1]) {
5033 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for unsetting");
5034 }
5035
5036 zend_compile_expr(&var_node, var_ast->child[1]);
5037 if (var_node.op_type == IS_CONST) {
5038 convert_to_string(&var_node.u.constant);
5039 }
5040
5041 opline = zend_emit_op(NULL, ZEND_UNSET_VAR, &var_node, NULL);
5042 opline->extended_value = ZEND_FETCH_GLOBAL;
5043 return;
5044 }
5045
5046 switch (var_ast->kind) {
5047 case ZEND_AST_VAR:
5048 if (is_this_fetch(var_ast)) {
5049 zend_error_noreturn(E_COMPILE_ERROR, "Cannot unset $this");
5050 } else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
5051 opline = zend_emit_op(NULL, ZEND_UNSET_CV, &var_node, NULL);
5052 } else {
5053 opline = zend_compile_simple_var_no_cv(NULL, var_ast, BP_VAR_UNSET, 0);
5054 opline->opcode = ZEND_UNSET_VAR;
5055 }
5056 return;
5057 case ZEND_AST_DIM:
5058 opline = zend_compile_dim(NULL, var_ast, BP_VAR_UNSET, /* by_ref */ false);
5059 opline->opcode = ZEND_UNSET_DIM;
5060 return;
5061 case ZEND_AST_PROP:
5062 case ZEND_AST_NULLSAFE_PROP:
5063 opline = zend_compile_prop(NULL, var_ast, BP_VAR_UNSET, 0);
5064 opline->opcode = ZEND_UNSET_OBJ;
5065 return;
5066 case ZEND_AST_STATIC_PROP:
5067 opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_UNSET, 0, 0);
5068 opline->opcode = ZEND_UNSET_STATIC_PROP;
5069 return;
5070 EMPTY_SWITCH_DEFAULT_CASE()
5071 }
5072 }
5073 /* }}} */
5074
zend_handle_loops_and_finally_ex(zend_long depth,znode * return_value)5075 static bool zend_handle_loops_and_finally_ex(zend_long depth, znode *return_value) /* {{{ */
5076 {
5077 zend_loop_var *base;
5078 zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
5079
5080 if (!loop_var) {
5081 return 1;
5082 }
5083 base = zend_stack_base(&CG(loop_var_stack));
5084 for (; loop_var >= base; loop_var--) {
5085 if (loop_var->opcode == ZEND_FAST_CALL) {
5086 zend_op *opline = get_next_op();
5087
5088 opline->opcode = ZEND_FAST_CALL;
5089 opline->result_type = IS_TMP_VAR;
5090 opline->result.var = loop_var->var_num;
5091 if (return_value) {
5092 SET_NODE(opline->op2, return_value);
5093 }
5094 opline->op1.num = loop_var->try_catch_offset;
5095 } else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
5096 zend_op *opline = get_next_op();
5097 opline->opcode = ZEND_DISCARD_EXCEPTION;
5098 opline->op1_type = IS_TMP_VAR;
5099 opline->op1.var = loop_var->var_num;
5100 } else if (loop_var->opcode == ZEND_RETURN) {
5101 /* Stack separator */
5102 break;
5103 } else if (depth <= 1) {
5104 return 1;
5105 } else if (loop_var->opcode == ZEND_NOP) {
5106 /* Loop doesn't have freeable variable */
5107 depth--;
5108 } else {
5109 zend_op *opline;
5110
5111 ZEND_ASSERT(loop_var->var_type & (IS_VAR|IS_TMP_VAR));
5112 opline = get_next_op();
5113 opline->opcode = loop_var->opcode;
5114 opline->op1_type = loop_var->var_type;
5115 opline->op1.var = loop_var->var_num;
5116 opline->extended_value = ZEND_FREE_ON_RETURN;
5117 depth--;
5118 }
5119 }
5120 return (depth == 0);
5121 }
5122 /* }}} */
5123
zend_handle_loops_and_finally(znode * return_value)5124 static bool zend_handle_loops_and_finally(znode *return_value) /* {{{ */
5125 {
5126 return zend_handle_loops_and_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1, return_value);
5127 }
5128 /* }}} */
5129
zend_has_finally_ex(zend_long depth)5130 static bool zend_has_finally_ex(zend_long depth) /* {{{ */
5131 {
5132 zend_loop_var *base;
5133 zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
5134
5135 if (!loop_var) {
5136 return 0;
5137 }
5138 base = zend_stack_base(&CG(loop_var_stack));
5139 for (; loop_var >= base; loop_var--) {
5140 if (loop_var->opcode == ZEND_FAST_CALL) {
5141 return 1;
5142 } else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
5143 } else if (loop_var->opcode == ZEND_RETURN) {
5144 /* Stack separator */
5145 return 0;
5146 } else if (depth <= 1) {
5147 return 0;
5148 } else {
5149 depth--;
5150 }
5151 }
5152 return 0;
5153 }
5154 /* }}} */
5155
zend_has_finally(void)5156 static bool zend_has_finally(void) /* {{{ */
5157 {
5158 return zend_has_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1);
5159 }
5160 /* }}} */
5161
zend_compile_return(zend_ast * ast)5162 static void zend_compile_return(zend_ast *ast) /* {{{ */
5163 {
5164 zend_ast *expr_ast = ast->child[0];
5165 bool is_generator = (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0;
5166 bool by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
5167
5168 znode expr_node;
5169 zend_op *opline;
5170
5171 if (is_generator) {
5172 /* For generators the by-ref flag refers to yields, not returns */
5173 by_ref = 0;
5174 }
5175
5176 if (!expr_ast) {
5177 expr_node.op_type = IS_CONST;
5178 ZVAL_NULL(&expr_node.u.constant);
5179 } else if (by_ref && zend_is_variable(expr_ast)) {
5180 zend_assert_not_short_circuited(expr_ast);
5181 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
5182 } else {
5183 zend_compile_expr(&expr_node, expr_ast);
5184 }
5185
5186 if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)
5187 && (expr_node.op_type == IS_CV || (by_ref && expr_node.op_type == IS_VAR))
5188 && zend_has_finally()) {
5189 /* Copy return value into temporary VAR to avoid modification in finally code */
5190 if (by_ref) {
5191 zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
5192 } else {
5193 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &expr_node, NULL);
5194 }
5195 }
5196
5197 /* Generator return types are handled separately */
5198 if (!is_generator && (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE)) {
5199 zend_emit_return_type_check(
5200 expr_ast ? &expr_node : NULL, CG(active_op_array)->arg_info - 1, 0);
5201 }
5202
5203 zend_handle_loops_and_finally((expr_node.op_type & (IS_TMP_VAR | IS_VAR)) ? &expr_node : NULL);
5204
5205 opline = zend_emit_op(NULL, by_ref ? ZEND_RETURN_BY_REF : ZEND_RETURN,
5206 &expr_node, NULL);
5207
5208 if (by_ref && expr_ast) {
5209 if (zend_is_call(expr_ast)) {
5210 opline->extended_value = ZEND_RETURNS_FUNCTION;
5211 } else if (!zend_is_variable(expr_ast) || zend_ast_is_short_circuited(expr_ast)) {
5212 opline->extended_value = ZEND_RETURNS_VALUE;
5213 }
5214 }
5215 }
5216 /* }}} */
5217
zend_compile_echo(zend_ast * ast)5218 static void zend_compile_echo(zend_ast *ast) /* {{{ */
5219 {
5220 zend_op *opline;
5221 zend_ast *expr_ast = ast->child[0];
5222
5223 znode expr_node;
5224 zend_compile_expr(&expr_node, expr_ast);
5225
5226 opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
5227 opline->extended_value = 0;
5228 }
5229 /* }}} */
5230
zend_compile_throw(znode * result,zend_ast * ast)5231 static void zend_compile_throw(znode *result, zend_ast *ast) /* {{{ */
5232 {
5233 zend_ast *expr_ast = ast->child[0];
5234
5235 znode expr_node;
5236 zend_compile_expr(&expr_node, expr_ast);
5237
5238 zend_op *opline = zend_emit_op(NULL, ZEND_THROW, &expr_node, NULL);
5239 if (result) {
5240 /* Mark this as an "expression throw" for opcache. */
5241 opline->extended_value = ZEND_THROW_IS_EXPR;
5242 result->op_type = IS_CONST;
5243 ZVAL_TRUE(&result->u.constant);
5244 }
5245 }
5246 /* }}} */
5247
zend_compile_break_continue(zend_ast * ast)5248 static void zend_compile_break_continue(zend_ast *ast) /* {{{ */
5249 {
5250 zend_ast *depth_ast = ast->child[0];
5251
5252 zend_op *opline;
5253 zend_long depth;
5254
5255 ZEND_ASSERT(ast->kind == ZEND_AST_BREAK || ast->kind == ZEND_AST_CONTINUE);
5256
5257 if (depth_ast) {
5258 zval *depth_zv;
5259 if (depth_ast->kind != ZEND_AST_ZVAL) {
5260 zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator with non-integer operand "
5261 "is no longer supported", ast->kind == ZEND_AST_BREAK ? "break" : "continue");
5262 }
5263
5264 depth_zv = zend_ast_get_zval(depth_ast);
5265 if (Z_TYPE_P(depth_zv) != IS_LONG || Z_LVAL_P(depth_zv) < 1) {
5266 zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator accepts only positive integers",
5267 ast->kind == ZEND_AST_BREAK ? "break" : "continue");
5268 }
5269
5270 depth = Z_LVAL_P(depth_zv);
5271 } else {
5272 depth = 1;
5273 }
5274
5275 if (CG(context).current_brk_cont == -1) {
5276 zend_error_noreturn(E_COMPILE_ERROR, "'%s' not in the 'loop' or 'switch' context",
5277 ast->kind == ZEND_AST_BREAK ? "break" : "continue");
5278 } else {
5279 if (!zend_handle_loops_and_finally_ex(depth, NULL)) {
5280 zend_error_noreturn(E_COMPILE_ERROR, "Cannot '%s' " ZEND_LONG_FMT " level%s",
5281 ast->kind == ZEND_AST_BREAK ? "break" : "continue",
5282 depth, depth == 1 ? "" : "s");
5283 }
5284 }
5285
5286 if (ast->kind == ZEND_AST_CONTINUE) {
5287 int d, cur = CG(context).current_brk_cont;
5288 for (d = depth - 1; d > 0; d--) {
5289 cur = CG(context).brk_cont_array[cur].parent;
5290 ZEND_ASSERT(cur != -1);
5291 }
5292
5293 if (CG(context).brk_cont_array[cur].is_switch) {
5294 if (depth == 1) {
5295 if (CG(context).brk_cont_array[cur].parent == -1) {
5296 zend_error(E_WARNING,
5297 "\"continue\" targeting switch is equivalent to \"break\"");
5298 } else {
5299 zend_error(E_WARNING,
5300 "\"continue\" targeting switch is equivalent to \"break\". " \
5301 "Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
5302 depth + 1);
5303 }
5304 } else {
5305 if (CG(context).brk_cont_array[cur].parent == -1) {
5306 zend_error(E_WARNING,
5307 "\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\"",
5308 depth, depth);
5309 } else {
5310 zend_error(E_WARNING,
5311 "\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\". " \
5312 "Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
5313 depth, depth, depth + 1);
5314 }
5315 }
5316 }
5317 }
5318
5319 opline = zend_emit_op(NULL, ast->kind == ZEND_AST_BREAK ? ZEND_BRK : ZEND_CONT, NULL, NULL);
5320 opline->op1.num = CG(context).current_brk_cont;
5321 opline->op2.num = depth;
5322 }
5323 /* }}} */
5324
zend_resolve_goto_label(zend_op_array * op_array,zend_op * opline)5325 void zend_resolve_goto_label(zend_op_array *op_array, zend_op *opline) /* {{{ */
5326 {
5327 zend_label *dest;
5328 int current, remove_oplines = opline->op1.num;
5329 zval *label;
5330 uint32_t opnum = opline - op_array->opcodes;
5331
5332 label = CT_CONSTANT_EX(op_array, opline->op2.constant);
5333 if (CG(context).labels == NULL ||
5334 (dest = zend_hash_find_ptr(CG(context).labels, Z_STR_P(label))) == NULL
5335 ) {
5336 CG(in_compilation) = 1;
5337 CG(active_op_array) = op_array;
5338 CG(zend_lineno) = opline->lineno;
5339 zend_error_noreturn(E_COMPILE_ERROR, "'goto' to undefined label '%s'", Z_STRVAL_P(label));
5340 }
5341
5342 zval_ptr_dtor_str(label);
5343 ZVAL_NULL(label);
5344
5345 current = opline->extended_value;
5346 for (; current != dest->brk_cont; current = CG(context).brk_cont_array[current].parent) {
5347 if (current == -1) {
5348 CG(in_compilation) = 1;
5349 CG(active_op_array) = op_array;
5350 CG(zend_lineno) = opline->lineno;
5351 zend_error_noreturn(E_COMPILE_ERROR, "'goto' into loop or switch statement is disallowed");
5352 }
5353 if (CG(context).brk_cont_array[current].start >= 0) {
5354 remove_oplines--;
5355 }
5356 }
5357
5358 for (current = 0; current < op_array->last_try_catch; ++current) {
5359 zend_try_catch_element *elem = &op_array->try_catch_array[current];
5360 if (elem->try_op > opnum) {
5361 break;
5362 }
5363 if (elem->finally_op && opnum < elem->finally_op - 1
5364 && (dest->opline_num > elem->finally_end || dest->opline_num < elem->try_op)
5365 ) {
5366 remove_oplines--;
5367 }
5368 }
5369
5370 opline->opcode = ZEND_JMP;
5371 SET_UNUSED(opline->op1);
5372 SET_UNUSED(opline->op2);
5373 SET_UNUSED(opline->result);
5374 opline->op1.opline_num = dest->opline_num;
5375 opline->extended_value = 0;
5376
5377 ZEND_ASSERT(remove_oplines >= 0);
5378 while (remove_oplines--) {
5379 opline--;
5380 MAKE_NOP(opline);
5381 ZEND_VM_SET_OPCODE_HANDLER(opline);
5382 }
5383 }
5384 /* }}} */
5385
zend_compile_goto(zend_ast * ast)5386 static void zend_compile_goto(zend_ast *ast) /* {{{ */
5387 {
5388 zend_ast *label_ast = ast->child[0];
5389 znode label_node;
5390 zend_op *opline;
5391
5392 zend_compile_expr(&label_node, label_ast);
5393
5394 /* Label resolution and unwinding adjustments happen in pass two. */
5395 uint32_t opnum_start = get_next_op_number();
5396 zend_handle_loops_and_finally(NULL);
5397 opline = zend_emit_op(NULL, ZEND_GOTO, NULL, &label_node);
5398 opline->op1.num = get_next_op_number() - opnum_start - 1;
5399 opline->extended_value = CG(context).current_brk_cont;
5400 }
5401 /* }}} */
5402
zend_compile_label(zend_ast * ast)5403 static void zend_compile_label(zend_ast *ast) /* {{{ */
5404 {
5405 zend_string *label = zend_ast_get_str(ast->child[0]);
5406 zend_label dest;
5407
5408 if (!CG(context).labels) {
5409 ALLOC_HASHTABLE(CG(context).labels);
5410 zend_hash_init(CG(context).labels, 8, NULL, label_ptr_dtor, 0);
5411 }
5412
5413 dest.brk_cont = CG(context).current_brk_cont;
5414 dest.opline_num = get_next_op_number();
5415
5416 if (!zend_hash_add_mem(CG(context).labels, label, &dest, sizeof(zend_label))) {
5417 zend_error_noreturn(E_COMPILE_ERROR, "Label '%s' already defined", ZSTR_VAL(label));
5418 }
5419 }
5420 /* }}} */
5421
zend_compile_while(zend_ast * ast)5422 static void zend_compile_while(zend_ast *ast) /* {{{ */
5423 {
5424 zend_ast *cond_ast = ast->child[0];
5425 zend_ast *stmt_ast = ast->child[1];
5426 znode cond_node;
5427 uint32_t opnum_start, opnum_jmp, opnum_cond;
5428
5429 opnum_jmp = zend_emit_jump(0);
5430
5431 zend_begin_loop(ZEND_NOP, NULL, 0);
5432
5433 opnum_start = get_next_op_number();
5434 zend_compile_stmt(stmt_ast);
5435
5436 opnum_cond = get_next_op_number();
5437 zend_update_jump_target(opnum_jmp, opnum_cond);
5438 zend_compile_expr(&cond_node, cond_ast);
5439
5440 zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
5441
5442 zend_end_loop(opnum_cond, NULL);
5443 }
5444 /* }}} */
5445
zend_compile_do_while(zend_ast * ast)5446 static void zend_compile_do_while(zend_ast *ast) /* {{{ */
5447 {
5448 zend_ast *stmt_ast = ast->child[0];
5449 zend_ast *cond_ast = ast->child[1];
5450
5451 znode cond_node;
5452 uint32_t opnum_start, opnum_cond;
5453
5454 zend_begin_loop(ZEND_NOP, NULL, 0);
5455
5456 opnum_start = get_next_op_number();
5457 zend_compile_stmt(stmt_ast);
5458
5459 opnum_cond = get_next_op_number();
5460 zend_compile_expr(&cond_node, cond_ast);
5461
5462 zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
5463
5464 zend_end_loop(opnum_cond, NULL);
5465 }
5466 /* }}} */
5467
zend_compile_expr_list(znode * result,zend_ast * ast)5468 static void zend_compile_expr_list(znode *result, zend_ast *ast) /* {{{ */
5469 {
5470 zend_ast_list *list;
5471 uint32_t i;
5472
5473 result->op_type = IS_CONST;
5474 ZVAL_TRUE(&result->u.constant);
5475
5476 if (!ast) {
5477 return;
5478 }
5479
5480 list = zend_ast_get_list(ast);
5481 for (i = 0; i < list->children; ++i) {
5482 zend_ast *expr_ast = list->child[i];
5483
5484 zend_do_free(result);
5485 zend_compile_expr(result, expr_ast);
5486 }
5487 }
5488 /* }}} */
5489
zend_compile_for(zend_ast * ast)5490 static void zend_compile_for(zend_ast *ast) /* {{{ */
5491 {
5492 zend_ast *init_ast = ast->child[0];
5493 zend_ast *cond_ast = ast->child[1];
5494 zend_ast *loop_ast = ast->child[2];
5495 zend_ast *stmt_ast = ast->child[3];
5496
5497 znode result;
5498 uint32_t opnum_start, opnum_jmp, opnum_loop;
5499
5500 zend_compile_expr_list(&result, init_ast);
5501 zend_do_free(&result);
5502
5503 opnum_jmp = zend_emit_jump(0);
5504
5505 zend_begin_loop(ZEND_NOP, NULL, 0);
5506
5507 opnum_start = get_next_op_number();
5508 zend_compile_stmt(stmt_ast);
5509
5510 opnum_loop = get_next_op_number();
5511 zend_compile_expr_list(&result, loop_ast);
5512 zend_do_free(&result);
5513
5514 zend_update_jump_target_to_next(opnum_jmp);
5515 zend_compile_expr_list(&result, cond_ast);
5516 zend_do_extended_stmt();
5517
5518 zend_emit_cond_jump(ZEND_JMPNZ, &result, opnum_start);
5519
5520 zend_end_loop(opnum_loop, NULL);
5521 }
5522 /* }}} */
5523
zend_compile_foreach(zend_ast * ast)5524 static void zend_compile_foreach(zend_ast *ast) /* {{{ */
5525 {
5526 zend_ast *expr_ast = ast->child[0];
5527 zend_ast *value_ast = ast->child[1];
5528 zend_ast *key_ast = ast->child[2];
5529 zend_ast *stmt_ast = ast->child[3];
5530 bool by_ref = value_ast->kind == ZEND_AST_REF;
5531 bool is_variable = zend_is_variable(expr_ast) && zend_can_write_to_variable(expr_ast);
5532
5533 znode expr_node, reset_node, value_node, key_node;
5534 zend_op *opline;
5535 uint32_t opnum_reset, opnum_fetch;
5536
5537 if (key_ast) {
5538 if (key_ast->kind == ZEND_AST_REF) {
5539 zend_error_noreturn(E_COMPILE_ERROR, "Key element cannot be a reference");
5540 }
5541 if (key_ast->kind == ZEND_AST_ARRAY) {
5542 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use list as key element");
5543 }
5544 }
5545
5546 if (by_ref) {
5547 value_ast = value_ast->child[0];
5548 }
5549
5550 if (value_ast->kind == ZEND_AST_ARRAY && zend_propagate_list_refs(value_ast)) {
5551 by_ref = 1;
5552 }
5553
5554 if (by_ref && is_variable) {
5555 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
5556 } else {
5557 zend_compile_expr(&expr_node, expr_ast);
5558 }
5559
5560 if (by_ref) {
5561 zend_separate_if_call_and_write(&expr_node, expr_ast, BP_VAR_W);
5562 }
5563
5564 opnum_reset = get_next_op_number();
5565 opline = zend_emit_op(&reset_node, by_ref ? ZEND_FE_RESET_RW : ZEND_FE_RESET_R, &expr_node, NULL);
5566
5567 zend_begin_loop(ZEND_FE_FREE, &reset_node, 0);
5568
5569 opnum_fetch = get_next_op_number();
5570 opline = zend_emit_op(NULL, by_ref ? ZEND_FE_FETCH_RW : ZEND_FE_FETCH_R, &reset_node, NULL);
5571
5572 if (is_this_fetch(value_ast)) {
5573 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
5574 } else if (value_ast->kind == ZEND_AST_VAR &&
5575 zend_try_compile_cv(&value_node, value_ast) == SUCCESS) {
5576 SET_NODE(opline->op2, &value_node);
5577 } else {
5578 opline->op2_type = IS_VAR;
5579 opline->op2.var = get_temporary_variable();
5580 GET_NODE(&value_node, opline->op2);
5581 if (value_ast->kind == ZEND_AST_ARRAY) {
5582 zend_compile_list_assign(NULL, value_ast, &value_node, value_ast->attr);
5583 } else if (by_ref) {
5584 zend_emit_assign_ref_znode(value_ast, &value_node);
5585 } else {
5586 zend_emit_assign_znode(value_ast, &value_node);
5587 }
5588 }
5589
5590 if (key_ast) {
5591 opline = &CG(active_op_array)->opcodes[opnum_fetch];
5592 zend_make_tmp_result(&key_node, opline);
5593 zend_emit_assign_znode(key_ast, &key_node);
5594 }
5595
5596 zend_compile_stmt(stmt_ast);
5597
5598 /* Place JMP and FE_FREE on the line where foreach starts. It would be
5599 * better to use the end line, but this information is not available
5600 * currently. */
5601 CG(zend_lineno) = ast->lineno;
5602 zend_emit_jump(opnum_fetch);
5603
5604 opline = &CG(active_op_array)->opcodes[opnum_reset];
5605 opline->op2.opline_num = get_next_op_number();
5606
5607 opline = &CG(active_op_array)->opcodes[opnum_fetch];
5608 opline->extended_value = get_next_op_number();
5609
5610 zend_end_loop(opnum_fetch, &reset_node);
5611
5612 opline = zend_emit_op(NULL, ZEND_FE_FREE, &reset_node, NULL);
5613 }
5614 /* }}} */
5615
zend_compile_if(zend_ast * ast)5616 static void zend_compile_if(zend_ast *ast) /* {{{ */
5617 {
5618 zend_ast_list *list = zend_ast_get_list(ast);
5619 uint32_t i;
5620 uint32_t *jmp_opnums = NULL;
5621
5622 if (list->children > 1) {
5623 jmp_opnums = safe_emalloc(sizeof(uint32_t), list->children - 1, 0);
5624 }
5625
5626 for (i = 0; i < list->children; ++i) {
5627 zend_ast *elem_ast = list->child[i];
5628 zend_ast *cond_ast = elem_ast->child[0];
5629 zend_ast *stmt_ast = elem_ast->child[1];
5630
5631 if (cond_ast) {
5632 znode cond_node;
5633 uint32_t opnum_jmpz;
5634
5635 if (i > 0) {
5636 CG(zend_lineno) = cond_ast->lineno;
5637 zend_do_extended_stmt();
5638 }
5639
5640 zend_compile_expr(&cond_node, cond_ast);
5641 opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5642
5643 zend_compile_stmt(stmt_ast);
5644
5645 if (i != list->children - 1) {
5646 /* Set the lineno of JMP to the position of the if keyword, as we don't want to
5647 * report the last line in the if branch as covered if it hasn't actually executed. */
5648 CG(zend_lineno) = elem_ast->lineno;
5649 jmp_opnums[i] = zend_emit_jump(0);
5650 }
5651 zend_update_jump_target_to_next(opnum_jmpz);
5652 } else {
5653 /* "else" can only occur as last element. */
5654 ZEND_ASSERT(i == list->children - 1);
5655 zend_compile_stmt(stmt_ast);
5656 }
5657 }
5658
5659 if (list->children > 1) {
5660 for (i = 0; i < list->children - 1; ++i) {
5661 zend_update_jump_target_to_next(jmp_opnums[i]);
5662 }
5663 efree(jmp_opnums);
5664 }
5665 }
5666 /* }}} */
5667
determine_switch_jumptable_type(zend_ast_list * cases)5668 static uint8_t determine_switch_jumptable_type(zend_ast_list *cases) {
5669 uint32_t i;
5670 uint8_t common_type = IS_UNDEF;
5671 for (i = 0; i < cases->children; i++) {
5672 zend_ast *case_ast = cases->child[i];
5673 zend_ast **cond_ast = &case_ast->child[0];
5674 zval *cond_zv;
5675 if (!case_ast->child[0]) {
5676 /* Skip default clause */
5677 continue;
5678 }
5679
5680 zend_eval_const_expr(cond_ast);
5681 if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
5682 /* Non-constant case */
5683 return IS_UNDEF;
5684 }
5685
5686 cond_zv = zend_ast_get_zval(case_ast->child[0]);
5687 if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
5688 /* We only optimize switched on integers and strings */
5689 return IS_UNDEF;
5690 }
5691
5692 if (common_type == IS_UNDEF) {
5693 common_type = Z_TYPE_P(cond_zv);
5694 } else if (common_type != Z_TYPE_P(cond_zv)) {
5695 /* Non-uniform case types */
5696 return IS_UNDEF;
5697 }
5698
5699 if (Z_TYPE_P(cond_zv) == IS_STRING
5700 && is_numeric_string(Z_STRVAL_P(cond_zv), Z_STRLEN_P(cond_zv), NULL, NULL, 0)) {
5701 /* Numeric strings cannot be compared with a simple hash lookup */
5702 return IS_UNDEF;
5703 }
5704 }
5705
5706 return common_type;
5707 }
5708
should_use_jumptable(zend_ast_list * cases,uint8_t jumptable_type)5709 static bool should_use_jumptable(zend_ast_list *cases, uint8_t jumptable_type) {
5710 if (CG(compiler_options) & ZEND_COMPILE_NO_JUMPTABLES) {
5711 return 0;
5712 }
5713
5714 /* Thresholds are chosen based on when the average switch time for equidistributed
5715 * input becomes smaller when using the jumptable optimization. */
5716 if (jumptable_type == IS_LONG) {
5717 return cases->children >= 5;
5718 } else {
5719 ZEND_ASSERT(jumptable_type == IS_STRING);
5720 return cases->children >= 2;
5721 }
5722 }
5723
zend_compile_switch(zend_ast * ast)5724 static void zend_compile_switch(zend_ast *ast) /* {{{ */
5725 {
5726 zend_ast *expr_ast = ast->child[0];
5727 zend_ast_list *cases = zend_ast_get_list(ast->child[1]);
5728
5729 uint32_t i;
5730 bool has_default_case = 0;
5731
5732 znode expr_node, case_node;
5733 zend_op *opline;
5734 uint32_t *jmpnz_opnums, opnum_default_jmp, opnum_switch = (uint32_t)-1;
5735 uint8_t jumptable_type;
5736 HashTable *jumptable = NULL;
5737
5738 zend_compile_expr(&expr_node, expr_ast);
5739
5740 zend_begin_loop(ZEND_FREE, &expr_node, 1);
5741
5742 case_node.op_type = IS_TMP_VAR;
5743 case_node.u.op.var = get_temporary_variable();
5744
5745 jumptable_type = determine_switch_jumptable_type(cases);
5746 if (jumptable_type != IS_UNDEF && should_use_jumptable(cases, jumptable_type)) {
5747 znode jumptable_op;
5748
5749 ALLOC_HASHTABLE(jumptable);
5750 zend_hash_init(jumptable, cases->children, NULL, NULL, 0);
5751 jumptable_op.op_type = IS_CONST;
5752 ZVAL_ARR(&jumptable_op.u.constant, jumptable);
5753
5754 opline = zend_emit_op(NULL,
5755 jumptable_type == IS_LONG ? ZEND_SWITCH_LONG : ZEND_SWITCH_STRING,
5756 &expr_node, &jumptable_op);
5757 if (opline->op1_type == IS_CONST) {
5758 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5759 }
5760 opnum_switch = opline - CG(active_op_array)->opcodes;
5761 }
5762
5763 jmpnz_opnums = safe_emalloc(sizeof(uint32_t), cases->children, 0);
5764 for (i = 0; i < cases->children; ++i) {
5765 zend_ast *case_ast = cases->child[i];
5766 zend_ast *cond_ast = case_ast->child[0];
5767 znode cond_node;
5768
5769 if (!cond_ast) {
5770 if (has_default_case) {
5771 CG(zend_lineno) = case_ast->lineno;
5772 zend_error_noreturn(E_COMPILE_ERROR,
5773 "Switch statements may only contain one default clause");
5774 }
5775 has_default_case = 1;
5776 continue;
5777 }
5778
5779 zend_compile_expr(&cond_node, cond_ast);
5780
5781 if (expr_node.op_type == IS_CONST
5782 && Z_TYPE(expr_node.u.constant) == IS_FALSE) {
5783 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5784 } else if (expr_node.op_type == IS_CONST
5785 && Z_TYPE(expr_node.u.constant) == IS_TRUE) {
5786 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, 0);
5787 } else {
5788 opline = zend_emit_op(NULL,
5789 (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE : ZEND_IS_EQUAL,
5790 &expr_node, &cond_node);
5791 SET_NODE(opline->result, &case_node);
5792 if (opline->op1_type == IS_CONST) {
5793 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5794 }
5795
5796 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
5797 }
5798 }
5799
5800 opnum_default_jmp = zend_emit_jump(0);
5801
5802 for (i = 0; i < cases->children; ++i) {
5803 zend_ast *case_ast = cases->child[i];
5804 zend_ast *cond_ast = case_ast->child[0];
5805 zend_ast *stmt_ast = case_ast->child[1];
5806
5807 if (cond_ast) {
5808 zend_update_jump_target_to_next(jmpnz_opnums[i]);
5809
5810 if (jumptable) {
5811 zval *cond_zv = zend_ast_get_zval(cond_ast);
5812 zval jmp_target;
5813 ZVAL_LONG(&jmp_target, get_next_op_number());
5814
5815 ZEND_ASSERT(Z_TYPE_P(cond_zv) == jumptable_type);
5816 if (Z_TYPE_P(cond_zv) == IS_LONG) {
5817 zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
5818 } else {
5819 ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
5820 zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
5821 }
5822 }
5823 } else {
5824 zend_update_jump_target_to_next(opnum_default_jmp);
5825
5826 if (jumptable) {
5827 ZEND_ASSERT(opnum_switch != (uint32_t)-1);
5828 opline = &CG(active_op_array)->opcodes[opnum_switch];
5829 opline->extended_value = get_next_op_number();
5830 }
5831 }
5832
5833 zend_compile_stmt(stmt_ast);
5834 }
5835
5836 if (!has_default_case) {
5837 zend_update_jump_target_to_next(opnum_default_jmp);
5838
5839 if (jumptable) {
5840 opline = &CG(active_op_array)->opcodes[opnum_switch];
5841 opline->extended_value = get_next_op_number();
5842 }
5843 }
5844
5845 zend_end_loop(get_next_op_number(), &expr_node);
5846
5847 if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
5848 opline = zend_emit_op(NULL, ZEND_FREE, &expr_node, NULL);
5849 opline->extended_value = ZEND_FREE_SWITCH;
5850 } else if (expr_node.op_type == IS_CONST) {
5851 zval_ptr_dtor_nogc(&expr_node.u.constant);
5852 }
5853
5854 efree(jmpnz_opnums);
5855 }
5856 /* }}} */
5857
count_match_conds(zend_ast_list * arms)5858 static uint32_t count_match_conds(zend_ast_list *arms)
5859 {
5860 uint32_t num_conds = 0;
5861
5862 for (uint32_t i = 0; i < arms->children; i++) {
5863 zend_ast *arm_ast = arms->child[i];
5864 if (arm_ast->child[0] == NULL) {
5865 continue;
5866 }
5867
5868 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5869 num_conds += conds->children;
5870 }
5871
5872 return num_conds;
5873 }
5874
can_match_use_jumptable(zend_ast_list * arms)5875 static bool can_match_use_jumptable(zend_ast_list *arms) {
5876 for (uint32_t i = 0; i < arms->children; i++) {
5877 zend_ast *arm_ast = arms->child[i];
5878 if (!arm_ast->child[0]) {
5879 /* Skip default arm */
5880 continue;
5881 }
5882
5883 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5884 for (uint32_t j = 0; j < conds->children; j++) {
5885 zend_ast **cond_ast = &conds->child[j];
5886
5887 zend_eval_const_expr(cond_ast);
5888 if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
5889 return 0;
5890 }
5891
5892 zval *cond_zv = zend_ast_get_zval(*cond_ast);
5893 if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
5894 return 0;
5895 }
5896 }
5897 }
5898
5899 return 1;
5900 }
5901
zend_compile_match(znode * result,zend_ast * ast)5902 static void zend_compile_match(znode *result, zend_ast *ast)
5903 {
5904 zend_ast *expr_ast = ast->child[0];
5905 zend_ast_list *arms = zend_ast_get_list(ast->child[1]);
5906 bool has_default_arm = 0;
5907 uint32_t opnum_match = (uint32_t)-1;
5908
5909 znode expr_node;
5910 zend_compile_expr(&expr_node, expr_ast);
5911
5912 znode case_node;
5913 case_node.op_type = IS_TMP_VAR;
5914 case_node.u.op.var = get_temporary_variable();
5915
5916 uint32_t num_conds = count_match_conds(arms);
5917 uint8_t can_use_jumptable = can_match_use_jumptable(arms);
5918 bool uses_jumptable = can_use_jumptable && num_conds >= 2;
5919 HashTable *jumptable = NULL;
5920 uint32_t *jmpnz_opnums = NULL;
5921
5922 for (uint32_t i = 0; i < arms->children; ++i) {
5923 zend_ast *arm_ast = arms->child[i];
5924
5925 if (!arm_ast->child[0]) {
5926 if (has_default_arm) {
5927 CG(zend_lineno) = arm_ast->lineno;
5928 zend_error_noreturn(E_COMPILE_ERROR,
5929 "Match expressions may only contain one default arm");
5930 }
5931 has_default_arm = 1;
5932 }
5933 }
5934
5935 if (uses_jumptable) {
5936 znode jumptable_op;
5937
5938 ALLOC_HASHTABLE(jumptable);
5939 zend_hash_init(jumptable, num_conds, NULL, NULL, 0);
5940 jumptable_op.op_type = IS_CONST;
5941 ZVAL_ARR(&jumptable_op.u.constant, jumptable);
5942
5943 zend_op *opline = zend_emit_op(NULL, ZEND_MATCH, &expr_node, &jumptable_op);
5944 if (opline->op1_type == IS_CONST) {
5945 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5946 }
5947 opnum_match = opline - CG(active_op_array)->opcodes;
5948 } else {
5949 jmpnz_opnums = safe_emalloc(sizeof(uint32_t), num_conds, 0);
5950 uint32_t cond_count = 0;
5951 for (uint32_t i = 0; i < arms->children; ++i) {
5952 zend_ast *arm_ast = arms->child[i];
5953
5954 if (!arm_ast->child[0]) {
5955 continue;
5956 }
5957
5958 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5959 for (uint32_t j = 0; j < conds->children; j++) {
5960 zend_ast *cond_ast = conds->child[j];
5961
5962 znode cond_node;
5963 zend_compile_expr(&cond_node, cond_ast);
5964
5965 uint32_t opcode = (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE_STRICT : ZEND_IS_IDENTICAL;
5966 zend_op *opline = zend_emit_op(NULL, opcode, &expr_node, &cond_node);
5967 SET_NODE(opline->result, &case_node);
5968 if (opline->op1_type == IS_CONST) {
5969 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5970 }
5971
5972 jmpnz_opnums[cond_count] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
5973
5974 cond_count++;
5975 }
5976 }
5977 }
5978
5979 uint32_t opnum_default_jmp = 0;
5980 if (!uses_jumptable) {
5981 opnum_default_jmp = zend_emit_jump(0);
5982 }
5983
5984 bool is_first_case = 1;
5985 uint32_t cond_count = 0;
5986 uint32_t *jmp_end_opnums = safe_emalloc(sizeof(uint32_t), arms->children, 0);
5987
5988 // The generated default arm is emitted first to avoid live range issues where the tmpvar
5989 // for the arm result is freed even though it has not been initialized yet.
5990 if (!has_default_arm) {
5991 if (!uses_jumptable) {
5992 zend_update_jump_target_to_next(opnum_default_jmp);
5993 }
5994
5995 if (jumptable) {
5996 zend_op *opline = &CG(active_op_array)->opcodes[opnum_match];
5997 opline->extended_value = get_next_op_number();
5998 }
5999
6000 zend_op *opline = zend_emit_op(NULL, ZEND_MATCH_ERROR, &expr_node, NULL);
6001 if (opline->op1_type == IS_CONST) {
6002 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
6003 }
6004 if (arms->children == 0) {
6005 /* Mark this as an "expression throw" for opcache. */
6006 opline->extended_value = ZEND_THROW_IS_EXPR;
6007 }
6008 }
6009
6010 for (uint32_t i = 0; i < arms->children; ++i) {
6011 zend_ast *arm_ast = arms->child[i];
6012 zend_ast *body_ast = arm_ast->child[1];
6013
6014 if (arm_ast->child[0] != NULL) {
6015 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
6016
6017 for (uint32_t j = 0; j < conds->children; j++) {
6018 zend_ast *cond_ast = conds->child[j];
6019
6020 if (jmpnz_opnums != NULL) {
6021 zend_update_jump_target_to_next(jmpnz_opnums[cond_count]);
6022 }
6023
6024 if (jumptable) {
6025 zval *cond_zv = zend_ast_get_zval(cond_ast);
6026 zval jmp_target;
6027 ZVAL_LONG(&jmp_target, get_next_op_number());
6028
6029 if (Z_TYPE_P(cond_zv) == IS_LONG) {
6030 zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
6031 } else {
6032 ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
6033 zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
6034 }
6035 }
6036
6037 cond_count++;
6038 }
6039 } else {
6040 if (!uses_jumptable) {
6041 zend_update_jump_target_to_next(opnum_default_jmp);
6042 }
6043
6044 if (jumptable) {
6045 ZEND_ASSERT(opnum_match != (uint32_t)-1);
6046 zend_op *opline = &CG(active_op_array)->opcodes[opnum_match];
6047 opline->extended_value = get_next_op_number();
6048 }
6049 }
6050
6051 znode body_node;
6052 zend_compile_expr(&body_node, body_ast);
6053
6054 if (is_first_case) {
6055 zend_emit_op_tmp(result, ZEND_QM_ASSIGN, &body_node, NULL);
6056 is_first_case = 0;
6057 } else {
6058 zend_op *opline_qm_assign = zend_emit_op(NULL, ZEND_QM_ASSIGN, &body_node, NULL);
6059 SET_NODE(opline_qm_assign->result, result);
6060 }
6061
6062 jmp_end_opnums[i] = zend_emit_jump(0);
6063 }
6064
6065 // Initialize result in case there is no arm
6066 if (arms->children == 0) {
6067 result->op_type = IS_CONST;
6068 ZVAL_NULL(&result->u.constant);
6069 }
6070
6071 for (uint32_t i = 0; i < arms->children; ++i) {
6072 zend_update_jump_target_to_next(jmp_end_opnums[i]);
6073 }
6074
6075 if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
6076 zend_op *opline = zend_emit_op(NULL, ZEND_FREE, &expr_node, NULL);
6077 opline->extended_value = ZEND_FREE_SWITCH;
6078 } else if (expr_node.op_type == IS_CONST) {
6079 zval_ptr_dtor_nogc(&expr_node.u.constant);
6080 }
6081
6082 if (jmpnz_opnums != NULL) {
6083 efree(jmpnz_opnums);
6084 }
6085 efree(jmp_end_opnums);
6086 }
6087
zend_compile_try(zend_ast * ast)6088 static void zend_compile_try(zend_ast *ast) /* {{{ */
6089 {
6090 zend_ast *try_ast = ast->child[0];
6091 zend_ast_list *catches = zend_ast_get_list(ast->child[1]);
6092 zend_ast *finally_ast = ast->child[2];
6093
6094 uint32_t i, j;
6095 zend_op *opline;
6096 uint32_t try_catch_offset;
6097 uint32_t *jmp_opnums = safe_emalloc(sizeof(uint32_t), catches->children, 0);
6098 uint32_t orig_fast_call_var = CG(context).fast_call_var;
6099 uint32_t orig_try_catch_offset = CG(context).try_catch_offset;
6100
6101 if (catches->children == 0 && !finally_ast) {
6102 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use try without catch or finally");
6103 }
6104
6105 /* label: try { } must not be equal to try { label: } */
6106 if (CG(context).labels) {
6107 zend_label *label;
6108 ZEND_HASH_MAP_REVERSE_FOREACH_PTR(CG(context).labels, label) {
6109 if (label->opline_num == get_next_op_number()) {
6110 zend_emit_op(NULL, ZEND_NOP, NULL, NULL);
6111 }
6112 break;
6113 } ZEND_HASH_FOREACH_END();
6114 }
6115
6116 try_catch_offset = zend_add_try_element(get_next_op_number());
6117
6118 if (finally_ast) {
6119 zend_loop_var fast_call;
6120 if (!(CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)) {
6121 CG(active_op_array)->fn_flags |= ZEND_ACC_HAS_FINALLY_BLOCK;
6122 }
6123 CG(context).fast_call_var = get_temporary_variable();
6124
6125 /* Push FAST_CALL on unwind stack */
6126 fast_call.opcode = ZEND_FAST_CALL;
6127 fast_call.var_type = IS_TMP_VAR;
6128 fast_call.var_num = CG(context).fast_call_var;
6129 fast_call.try_catch_offset = try_catch_offset;
6130 zend_stack_push(&CG(loop_var_stack), &fast_call);
6131 }
6132
6133 CG(context).try_catch_offset = try_catch_offset;
6134
6135 zend_compile_stmt(try_ast);
6136
6137 if (catches->children != 0) {
6138 jmp_opnums[0] = zend_emit_jump(0);
6139 }
6140
6141 for (i = 0; i < catches->children; ++i) {
6142 zend_ast *catch_ast = catches->child[i];
6143 zend_ast_list *classes = zend_ast_get_list(catch_ast->child[0]);
6144 zend_ast *var_ast = catch_ast->child[1];
6145 zend_ast *stmt_ast = catch_ast->child[2];
6146 zend_string *var_name = var_ast ? zval_make_interned_string(zend_ast_get_zval(var_ast)) : NULL;
6147 bool is_last_catch = (i + 1 == catches->children);
6148
6149 uint32_t *jmp_multicatch = safe_emalloc(sizeof(uint32_t), classes->children - 1, 0);
6150 uint32_t opnum_catch = (uint32_t)-1;
6151
6152 CG(zend_lineno) = catch_ast->lineno;
6153
6154 for (j = 0; j < classes->children; j++) {
6155 zend_ast *class_ast = classes->child[j];
6156 bool is_last_class = (j + 1 == classes->children);
6157
6158 if (!zend_is_const_default_class_ref(class_ast)) {
6159 zend_error_noreturn(E_COMPILE_ERROR, "Bad class name in the catch statement");
6160 }
6161
6162 opnum_catch = get_next_op_number();
6163 if (i == 0 && j == 0) {
6164 CG(active_op_array)->try_catch_array[try_catch_offset].catch_op = opnum_catch;
6165 }
6166
6167 opline = get_next_op();
6168 opline->opcode = ZEND_CATCH;
6169 opline->op1_type = IS_CONST;
6170 opline->op1.constant = zend_add_class_name_literal(
6171 zend_resolve_class_name_ast(class_ast));
6172 opline->extended_value = zend_alloc_cache_slot();
6173
6174 if (var_name && zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
6175 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
6176 }
6177
6178 opline->result_type = var_name ? IS_CV : IS_UNUSED;
6179 opline->result.var = var_name ? lookup_cv(var_name) : -1;
6180
6181 if (is_last_catch && is_last_class) {
6182 opline->extended_value |= ZEND_LAST_CATCH;
6183 }
6184
6185 if (!is_last_class) {
6186 jmp_multicatch[j] = zend_emit_jump(0);
6187 opline = &CG(active_op_array)->opcodes[opnum_catch];
6188 opline->op2.opline_num = get_next_op_number();
6189 }
6190 }
6191
6192 for (j = 0; j < classes->children - 1; j++) {
6193 zend_update_jump_target_to_next(jmp_multicatch[j]);
6194 }
6195
6196 efree(jmp_multicatch);
6197
6198 zend_compile_stmt(stmt_ast);
6199
6200 if (!is_last_catch) {
6201 jmp_opnums[i + 1] = zend_emit_jump(0);
6202 }
6203
6204 ZEND_ASSERT(opnum_catch != (uint32_t)-1 && "Should have at least one class");
6205 opline = &CG(active_op_array)->opcodes[opnum_catch];
6206 if (!is_last_catch) {
6207 opline->op2.opline_num = get_next_op_number();
6208 }
6209 }
6210
6211 for (i = 0; i < catches->children; ++i) {
6212 zend_update_jump_target_to_next(jmp_opnums[i]);
6213 }
6214
6215 if (finally_ast) {
6216 zend_loop_var discard_exception;
6217 uint32_t opnum_jmp = get_next_op_number() + 1;
6218
6219 /* Pop FAST_CALL from unwind stack */
6220 zend_stack_del_top(&CG(loop_var_stack));
6221
6222 /* Push DISCARD_EXCEPTION on unwind stack */
6223 discard_exception.opcode = ZEND_DISCARD_EXCEPTION;
6224 discard_exception.var_type = IS_TMP_VAR;
6225 discard_exception.var_num = CG(context).fast_call_var;
6226 zend_stack_push(&CG(loop_var_stack), &discard_exception);
6227
6228 CG(zend_lineno) = finally_ast->lineno;
6229
6230 opline = zend_emit_op(NULL, ZEND_FAST_CALL, NULL, NULL);
6231 opline->op1.num = try_catch_offset;
6232 opline->result_type = IS_TMP_VAR;
6233 opline->result.var = CG(context).fast_call_var;
6234
6235 zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
6236
6237 zend_compile_stmt(finally_ast);
6238
6239 CG(active_op_array)->try_catch_array[try_catch_offset].finally_op = opnum_jmp + 1;
6240 CG(active_op_array)->try_catch_array[try_catch_offset].finally_end
6241 = get_next_op_number();
6242
6243 opline = zend_emit_op(NULL, ZEND_FAST_RET, NULL, NULL);
6244 opline->op1_type = IS_TMP_VAR;
6245 opline->op1.var = CG(context).fast_call_var;
6246 opline->op2.num = orig_try_catch_offset;
6247
6248 zend_update_jump_target_to_next(opnum_jmp);
6249
6250 CG(context).fast_call_var = orig_fast_call_var;
6251
6252 /* Pop DISCARD_EXCEPTION from unwind stack */
6253 zend_stack_del_top(&CG(loop_var_stack));
6254 }
6255
6256 CG(context).try_catch_offset = orig_try_catch_offset;
6257
6258 efree(jmp_opnums);
6259 }
6260 /* }}} */
6261
6262 /* Encoding declarations must already be handled during parsing */
zend_handle_encoding_declaration(zend_ast * ast)6263 bool zend_handle_encoding_declaration(zend_ast *ast) /* {{{ */
6264 {
6265 zend_ast_list *declares = zend_ast_get_list(ast);
6266 uint32_t i;
6267 for (i = 0; i < declares->children; ++i) {
6268 zend_ast *declare_ast = declares->child[i];
6269 zend_ast *name_ast = declare_ast->child[0];
6270 zend_ast *value_ast = declare_ast->child[1];
6271 zend_string *name = zend_ast_get_str(name_ast);
6272
6273 if (zend_string_equals_literal_ci(name, "encoding")) {
6274 if (value_ast->kind != ZEND_AST_ZVAL) {
6275 zend_throw_exception(zend_ce_compile_error, "Encoding must be a literal", 0);
6276 return 0;
6277 }
6278
6279 if (CG(multibyte)) {
6280 zend_string *encoding_name = zval_get_string(zend_ast_get_zval(value_ast));
6281
6282 const zend_encoding *new_encoding, *old_encoding;
6283 zend_encoding_filter old_input_filter;
6284
6285 CG(encoding_declared) = 1;
6286
6287 new_encoding = zend_multibyte_fetch_encoding(ZSTR_VAL(encoding_name));
6288 if (!new_encoding) {
6289 zend_error(E_COMPILE_WARNING, "Unsupported encoding [%s]", ZSTR_VAL(encoding_name));
6290 } else {
6291 old_input_filter = LANG_SCNG(input_filter);
6292 old_encoding = LANG_SCNG(script_encoding);
6293 zend_multibyte_set_filter(new_encoding);
6294
6295 /* need to re-scan if input filter changed */
6296 if (old_input_filter != LANG_SCNG(input_filter) ||
6297 (old_input_filter && new_encoding != old_encoding)) {
6298 zend_multibyte_yyinput_again(old_input_filter, old_encoding);
6299 }
6300 }
6301
6302 zend_string_release_ex(encoding_name, 0);
6303 } else {
6304 zend_error(E_COMPILE_WARNING, "declare(encoding=...) ignored because "
6305 "Zend multibyte feature is turned off by settings");
6306 }
6307 }
6308 }
6309
6310 return 1;
6311 }
6312 /* }}} */
6313
6314 /* Check whether this is the first statement, not counting declares. */
zend_is_first_statement(zend_ast * ast,bool allow_nop)6315 static zend_result zend_is_first_statement(zend_ast *ast, bool allow_nop) /* {{{ */
6316 {
6317 uint32_t i = 0;
6318 zend_ast_list *file_ast = zend_ast_get_list(CG(ast));
6319
6320 while (i < file_ast->children) {
6321 if (file_ast->child[i] == ast) {
6322 return SUCCESS;
6323 } else if (file_ast->child[i] == NULL) {
6324 if (!allow_nop) {
6325 return FAILURE;
6326 }
6327 } else if (file_ast->child[i]->kind != ZEND_AST_DECLARE) {
6328 return FAILURE;
6329 }
6330 i++;
6331 }
6332 return FAILURE;
6333 }
6334 /* }}} */
6335
zend_compile_declare(zend_ast * ast)6336 static void zend_compile_declare(zend_ast *ast) /* {{{ */
6337 {
6338 zend_ast_list *declares = zend_ast_get_list(ast->child[0]);
6339 zend_ast *stmt_ast = ast->child[1];
6340 zend_declarables orig_declarables = FC(declarables);
6341 uint32_t i;
6342
6343 for (i = 0; i < declares->children; ++i) {
6344 zend_ast *declare_ast = declares->child[i];
6345 zend_ast *name_ast = declare_ast->child[0];
6346 zend_ast **value_ast_ptr = &declare_ast->child[1];
6347 zend_string *name = zend_ast_get_str(name_ast);
6348
6349 if ((*value_ast_ptr)->kind != ZEND_AST_ZVAL) {
6350 zend_error_noreturn(E_COMPILE_ERROR, "declare(%s) value must be a literal", ZSTR_VAL(name));
6351 }
6352
6353 if (zend_string_equals_literal_ci(name, "ticks")) {
6354 zval value_zv;
6355 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
6356 FC(declarables).ticks = zval_get_long(&value_zv);
6357 zval_ptr_dtor_nogc(&value_zv);
6358 } else if (zend_string_equals_literal_ci(name, "encoding")) {
6359
6360 if (FAILURE == zend_is_first_statement(ast, /* allow_nop */ 0)) {
6361 zend_error_noreturn(E_COMPILE_ERROR, "Encoding declaration pragma must be "
6362 "the very first statement in the script");
6363 }
6364 } else if (zend_string_equals_literal_ci(name, "strict_types")) {
6365 zval value_zv;
6366
6367 if (FAILURE == zend_is_first_statement(ast, /* allow_nop */ 0)) {
6368 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must be "
6369 "the very first statement in the script");
6370 }
6371
6372 if (ast->child[1] != NULL) {
6373 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must not "
6374 "use block mode");
6375 }
6376
6377 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
6378
6379 if (Z_TYPE(value_zv) != IS_LONG || (Z_LVAL(value_zv) != 0 && Z_LVAL(value_zv) != 1)) {
6380 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must have 0 or 1 as its value");
6381 }
6382
6383 if (Z_LVAL(value_zv) == 1) {
6384 CG(active_op_array)->fn_flags |= ZEND_ACC_STRICT_TYPES;
6385 }
6386
6387 } else {
6388 zend_error(E_COMPILE_WARNING, "Unsupported declare '%s'", ZSTR_VAL(name));
6389 }
6390 }
6391
6392 if (stmt_ast) {
6393 zend_compile_stmt(stmt_ast);
6394
6395 FC(declarables) = orig_declarables;
6396 }
6397 }
6398 /* }}} */
6399
zend_compile_stmt_list(zend_ast * ast)6400 static void zend_compile_stmt_list(zend_ast *ast) /* {{{ */
6401 {
6402 zend_ast_list *list = zend_ast_get_list(ast);
6403 uint32_t i;
6404 for (i = 0; i < list->children; ++i) {
6405 zend_compile_stmt(list->child[i]);
6406 }
6407 }
6408 /* }}} */
6409
zend_set_function_arg_flags(zend_function * func)6410 ZEND_API void zend_set_function_arg_flags(zend_function *func) /* {{{ */
6411 {
6412 uint32_t i, n;
6413
6414 func->common.arg_flags[0] = 0;
6415 func->common.arg_flags[1] = 0;
6416 func->common.arg_flags[2] = 0;
6417 if (func->common.arg_info) {
6418 n = MIN(func->common.num_args, MAX_ARG_FLAG_NUM);
6419 i = 0;
6420 while (i < n) {
6421 ZEND_SET_ARG_FLAG(func, i + 1, ZEND_ARG_SEND_MODE(&func->common.arg_info[i]));
6422 i++;
6423 }
6424 if (UNEXPECTED((func->common.fn_flags & ZEND_ACC_VARIADIC) && ZEND_ARG_SEND_MODE(&func->common.arg_info[i]))) {
6425 uint32_t pass_by_reference = ZEND_ARG_SEND_MODE(&func->common.arg_info[i]);
6426 while (i < MAX_ARG_FLAG_NUM) {
6427 ZEND_SET_ARG_FLAG(func, i + 1, pass_by_reference);
6428 i++;
6429 }
6430 }
6431 }
6432 }
6433 /* }}} */
6434
zend_compile_single_typename(zend_ast * ast)6435 static zend_type zend_compile_single_typename(zend_ast *ast)
6436 {
6437 ZEND_ASSERT(!(ast->attr & ZEND_TYPE_NULLABLE));
6438 if (ast->kind == ZEND_AST_TYPE) {
6439 if (ast->attr == IS_STATIC && !CG(active_class_entry) && zend_is_scope_known()) {
6440 zend_error_noreturn(E_COMPILE_ERROR,
6441 "Cannot use \"static\" when no class scope is active");
6442 }
6443
6444 return (zend_type) ZEND_TYPE_INIT_CODE(ast->attr, 0, 0);
6445 } else {
6446 zend_string *class_name = zend_ast_get_str(ast);
6447 uint8_t type_code = zend_lookup_builtin_type_by_name(class_name);
6448
6449 if (type_code != 0) {
6450 if ((ast->attr & ZEND_NAME_NOT_FQ) != ZEND_NAME_NOT_FQ) {
6451 zend_error_noreturn(E_COMPILE_ERROR,
6452 "Type declaration '%s' must be unqualified",
6453 ZSTR_VAL(zend_string_tolower(class_name)));
6454 }
6455
6456 /* Transform iterable into a type union alias */
6457 if (type_code == IS_ITERABLE) {
6458 /* Set iterable bit for BC compat during Reflection and string representation of type */
6459 zend_type iterable = (zend_type) ZEND_TYPE_INIT_CLASS_MASK(ZSTR_KNOWN(ZEND_STR_TRAVERSABLE),
6460 (MAY_BE_ARRAY|_ZEND_TYPE_ITERABLE_BIT));
6461 return iterable;
6462 }
6463
6464 return (zend_type) ZEND_TYPE_INIT_CODE(type_code, 0, 0);
6465 } else {
6466 const char *correct_name;
6467 zend_string *orig_name = zend_ast_get_str(ast);
6468 uint32_t fetch_type = zend_get_class_fetch_type_ast(ast);
6469 if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
6470 class_name = zend_resolve_class_name_ast(ast);
6471 zend_assert_valid_class_name(class_name);
6472 } else {
6473 zend_ensure_valid_class_fetch_type(fetch_type);
6474 zend_string_addref(class_name);
6475 }
6476
6477 if (ast->attr == ZEND_NAME_NOT_FQ
6478 && zend_is_confusable_type(orig_name, &correct_name)
6479 && zend_is_not_imported(orig_name)) {
6480 const char *extra =
6481 FC(current_namespace) ? " or import the class with \"use\"" : "";
6482 if (correct_name) {
6483 zend_error(E_COMPILE_WARNING,
6484 "\"%s\" will be interpreted as a class name. Did you mean \"%s\"? "
6485 "Write \"\\%s\"%s to suppress this warning",
6486 ZSTR_VAL(orig_name), correct_name, ZSTR_VAL(class_name), extra);
6487 } else {
6488 zend_error(E_COMPILE_WARNING,
6489 "\"%s\" is not a supported builtin type "
6490 "and will be interpreted as a class name. "
6491 "Write \"\\%s\"%s to suppress this warning",
6492 ZSTR_VAL(orig_name), ZSTR_VAL(class_name), extra);
6493 }
6494 }
6495
6496 class_name = zend_new_interned_string(class_name);
6497 zend_alloc_ce_cache(class_name);
6498 return (zend_type) ZEND_TYPE_INIT_CLASS(class_name, 0, 0);
6499 }
6500 }
6501 }
6502
zend_are_intersection_types_redundant(zend_type left_type,zend_type right_type)6503 static void zend_are_intersection_types_redundant(zend_type left_type, zend_type right_type)
6504 {
6505 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(left_type));
6506 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(right_type));
6507 zend_type_list *l_type_list = ZEND_TYPE_LIST(left_type);
6508 zend_type_list *r_type_list = ZEND_TYPE_LIST(right_type);
6509 zend_type_list *smaller_type_list, *larger_type_list;
6510 bool flipped = false;
6511
6512 if (r_type_list->num_types < l_type_list->num_types) {
6513 smaller_type_list = r_type_list;
6514 larger_type_list = l_type_list;
6515 flipped = true;
6516 } else {
6517 smaller_type_list = l_type_list;
6518 larger_type_list = r_type_list;
6519 }
6520
6521 unsigned int sum = 0;
6522 zend_type *outer_type;
6523 ZEND_TYPE_LIST_FOREACH(smaller_type_list, outer_type)
6524 zend_type *inner_type;
6525 ZEND_TYPE_LIST_FOREACH(larger_type_list, inner_type)
6526 if (zend_string_equals_ci(ZEND_TYPE_NAME(*inner_type), ZEND_TYPE_NAME(*outer_type))) {
6527 sum++;
6528 break;
6529 }
6530 ZEND_TYPE_LIST_FOREACH_END();
6531 ZEND_TYPE_LIST_FOREACH_END();
6532
6533 if (sum == smaller_type_list->num_types) {
6534 zend_string *smaller_type_str;
6535 zend_string *larger_type_str;
6536 if (flipped) {
6537 smaller_type_str = zend_type_to_string(right_type);
6538 larger_type_str = zend_type_to_string(left_type);
6539 } else {
6540 smaller_type_str = zend_type_to_string(left_type);
6541 larger_type_str = zend_type_to_string(right_type);
6542 }
6543 if (smaller_type_list->num_types == larger_type_list->num_types) {
6544 zend_error_noreturn(E_COMPILE_ERROR, "Type %s is redundant with type %s",
6545 ZSTR_VAL(smaller_type_str), ZSTR_VAL(larger_type_str));
6546 } else {
6547 zend_error_noreturn(E_COMPILE_ERROR, "Type %s is redundant as it is more restrictive than type %s",
6548 ZSTR_VAL(larger_type_str), ZSTR_VAL(smaller_type_str));
6549 }
6550 }
6551 }
6552
zend_is_intersection_type_redundant_by_single_type(zend_type intersection_type,zend_type single_type)6553 static void zend_is_intersection_type_redundant_by_single_type(zend_type intersection_type, zend_type single_type)
6554 {
6555 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(intersection_type));
6556 ZEND_ASSERT(!ZEND_TYPE_IS_INTERSECTION(single_type));
6557
6558 zend_type *single_intersection_type = NULL;
6559 ZEND_TYPE_FOREACH(intersection_type, single_intersection_type)
6560 if (zend_string_equals_ci(ZEND_TYPE_NAME(*single_intersection_type), ZEND_TYPE_NAME(single_type))) {
6561 zend_string *single_type_str = zend_type_to_string(single_type);
6562 zend_string *complete_type = zend_type_to_string(intersection_type);
6563 zend_error_noreturn(E_COMPILE_ERROR, "Type %s is redundant as it is more restrictive than type %s",
6564 ZSTR_VAL(complete_type), ZSTR_VAL(single_type_str));
6565 }
6566 ZEND_TYPE_FOREACH_END();
6567 }
6568
6569 /* Used by both intersection and union types prior to transforming the type list to a full zend_type */
zend_is_type_list_redundant_by_single_type(zend_type_list * type_list,zend_type type)6570 static void zend_is_type_list_redundant_by_single_type(zend_type_list *type_list, zend_type type)
6571 {
6572 ZEND_ASSERT(!ZEND_TYPE_IS_INTERSECTION(type));
6573 for (size_t i = 0; i < type_list->num_types - 1; i++) {
6574 if (ZEND_TYPE_IS_INTERSECTION(type_list->types[i])) {
6575 zend_is_intersection_type_redundant_by_single_type(type_list->types[i], type);
6576 continue;
6577 }
6578 if (zend_string_equals_ci(ZEND_TYPE_NAME(type_list->types[i]), ZEND_TYPE_NAME(type))) {
6579 zend_string *single_type_str = zend_type_to_string(type);
6580 zend_error_noreturn(E_COMPILE_ERROR, "Duplicate type %s is redundant", ZSTR_VAL(single_type_str));
6581 }
6582 }
6583 }
6584
6585 static zend_type zend_compile_typename(zend_ast *ast, bool force_allow_null);
6586
zend_compile_typename_ex(zend_ast * ast,bool force_allow_null,bool * forced_allow_null)6587 static zend_type zend_compile_typename_ex(
6588 zend_ast *ast, bool force_allow_null, bool *forced_allow_null) /* {{{ */
6589 {
6590 bool is_marked_nullable = ast->attr & ZEND_TYPE_NULLABLE;
6591 zend_ast_attr orig_ast_attr = ast->attr;
6592 zend_type type = ZEND_TYPE_INIT_NONE(0);
6593
6594 if (is_marked_nullable) {
6595 ast->attr &= ~ZEND_TYPE_NULLABLE;
6596 }
6597
6598 if (ast->kind == ZEND_AST_TYPE_UNION) {
6599 zend_ast_list *list = zend_ast_get_list(ast);
6600 zend_type_list *type_list;
6601 bool is_composite = false;
6602 bool has_only_iterable_class = true;
6603 ALLOCA_FLAG(use_heap)
6604
6605 type_list = do_alloca(ZEND_TYPE_LIST_SIZE(list->children), use_heap);
6606 type_list->num_types = 0;
6607
6608 for (uint32_t i = 0; i < list->children; i++) {
6609 zend_ast *type_ast = list->child[i];
6610 zend_type single_type;
6611 uint32_t type_mask = ZEND_TYPE_FULL_MASK(type);
6612
6613 if (type_ast->kind == ZEND_AST_TYPE_INTERSECTION) {
6614 has_only_iterable_class = false;
6615 is_composite = true;
6616 /* The first class type can be stored directly as the type ptr payload. */
6617 if (ZEND_TYPE_IS_COMPLEX(type) && !ZEND_TYPE_HAS_LIST(type)) {
6618 /* Switch from single name to name list. */
6619 type_list->num_types = 1;
6620 type_list->types[0] = type;
6621 ZEND_TYPE_FULL_MASK(type_list->types[0]) &= ~_ZEND_TYPE_MAY_BE_MASK;
6622 }
6623 /* Mark type as list type */
6624 ZEND_TYPE_SET_LIST(type, type_list);
6625
6626 single_type = zend_compile_typename(type_ast, false);
6627 ZEND_ASSERT(ZEND_TYPE_IS_INTERSECTION(single_type));
6628
6629 type_list->types[type_list->num_types++] = single_type;
6630
6631 /* Check for trivially redundant class types */
6632 for (size_t i = 0; i < type_list->num_types - 1; i++) {
6633 if (ZEND_TYPE_IS_INTERSECTION(type_list->types[i])) {
6634 zend_are_intersection_types_redundant(single_type, type_list->types[i]);
6635 continue;
6636 }
6637 /* Type from type list is a simple type */
6638 zend_is_intersection_type_redundant_by_single_type(single_type, type_list->types[i]);
6639 }
6640 continue;
6641 }
6642
6643 single_type = zend_compile_single_typename(type_ast);
6644 uint32_t single_type_mask = ZEND_TYPE_PURE_MASK(single_type);
6645
6646 if (single_type_mask == MAY_BE_ANY) {
6647 zend_error_noreturn(E_COMPILE_ERROR, "Type mixed can only be used as a standalone type");
6648 }
6649 if (ZEND_TYPE_IS_COMPLEX(single_type) && !ZEND_TYPE_IS_ITERABLE_FALLBACK(single_type)) {
6650 has_only_iterable_class = false;
6651 }
6652
6653 uint32_t type_mask_overlap = ZEND_TYPE_PURE_MASK(type) & single_type_mask;
6654 if (type_mask_overlap) {
6655 zend_type overlap_type = ZEND_TYPE_INIT_MASK(type_mask_overlap);
6656 zend_string *overlap_type_str = zend_type_to_string(overlap_type);
6657 zend_error_noreturn(E_COMPILE_ERROR,
6658 "Duplicate type %s is redundant", ZSTR_VAL(overlap_type_str));
6659 }
6660
6661 if ( ((type_mask & MAY_BE_TRUE) && (single_type_mask == MAY_BE_FALSE))
6662 || ((type_mask & MAY_BE_FALSE) && (single_type_mask == MAY_BE_TRUE)) ) {
6663 zend_error_noreturn(E_COMPILE_ERROR,
6664 "Type contains both true and false, bool should be used instead");
6665 }
6666 ZEND_TYPE_FULL_MASK(type) |= ZEND_TYPE_PURE_MASK(single_type);
6667 ZEND_TYPE_FULL_MASK(single_type) &= ~_ZEND_TYPE_MAY_BE_MASK;
6668
6669 if (ZEND_TYPE_IS_COMPLEX(single_type)) {
6670 if (!ZEND_TYPE_IS_COMPLEX(type) && !is_composite) {
6671 /* The first class type can be stored directly as the type ptr payload. */
6672 ZEND_TYPE_SET_PTR(type, ZEND_TYPE_NAME(single_type));
6673 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_NAME_BIT;
6674 } else {
6675 if (type_list->num_types == 0) {
6676 /* Switch from single name to name list. */
6677 type_list->num_types = 1;
6678 type_list->types[0] = type;
6679 ZEND_TYPE_FULL_MASK(type_list->types[0]) &= ~_ZEND_TYPE_MAY_BE_MASK;
6680 ZEND_TYPE_SET_LIST(type, type_list);
6681 }
6682
6683 type_list->types[type_list->num_types++] = single_type;
6684
6685 /* Check for trivially redundant class types */
6686 zend_is_type_list_redundant_by_single_type(type_list, single_type);
6687 }
6688 }
6689 }
6690
6691 if (type_list->num_types) {
6692 zend_type_list *list = zend_arena_alloc(
6693 &CG(arena), ZEND_TYPE_LIST_SIZE(type_list->num_types));
6694 memcpy(list, type_list, ZEND_TYPE_LIST_SIZE(type_list->num_types));
6695 ZEND_TYPE_SET_LIST(type, list);
6696 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6697 /* Inform that the type list is a union type */
6698 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_UNION_BIT;
6699 }
6700
6701 free_alloca(type_list, use_heap);
6702
6703 uint32_t type_mask = ZEND_TYPE_FULL_MASK(type);
6704 if ((type_mask & MAY_BE_OBJECT) &&
6705 ((!has_only_iterable_class && ZEND_TYPE_IS_COMPLEX(type)) || (type_mask & MAY_BE_STATIC))) {
6706 zend_string *type_str = zend_type_to_string(type);
6707 zend_error_noreturn(E_COMPILE_ERROR,
6708 "Type %s contains both object and a class type, which is redundant",
6709 ZSTR_VAL(type_str));
6710 }
6711 } else if (ast->kind == ZEND_AST_TYPE_INTERSECTION) {
6712 zend_ast_list *list = zend_ast_get_list(ast);
6713 zend_type_list *type_list;
6714
6715 /* Allocate the type list directly on the arena as it must be a type
6716 * list of the same number of elements as the AST list has children */
6717 type_list = zend_arena_alloc(&CG(arena), ZEND_TYPE_LIST_SIZE(list->children));
6718 type_list->num_types = 0;
6719
6720 ZEND_ASSERT(list->children > 1);
6721
6722 for (uint32_t i = 0; i < list->children; i++) {
6723 zend_ast *type_ast = list->child[i];
6724 zend_type single_type = zend_compile_single_typename(type_ast);
6725
6726 /* An intersection of union types cannot exist so invalidate it
6727 * Currently only can happen with iterable getting canonicalized to Traversable|array */
6728 if (ZEND_TYPE_IS_ITERABLE_FALLBACK(single_type)) {
6729 zend_string *standard_type_str = zend_type_to_string(single_type);
6730 zend_error_noreturn(E_COMPILE_ERROR,
6731 "Type %s cannot be part of an intersection type", ZSTR_VAL(standard_type_str));
6732 zend_string_release_ex(standard_type_str, false);
6733 }
6734 /* An intersection of standard types cannot exist so invalidate it */
6735 if (ZEND_TYPE_IS_ONLY_MASK(single_type)) {
6736 zend_string *standard_type_str = zend_type_to_string(single_type);
6737 zend_error_noreturn(E_COMPILE_ERROR,
6738 "Type %s cannot be part of an intersection type", ZSTR_VAL(standard_type_str));
6739 zend_string_release_ex(standard_type_str, false);
6740 }
6741 /* Check for "self" and "parent" too */
6742 if (zend_string_equals_literal_ci(ZEND_TYPE_NAME(single_type), "self")
6743 || zend_string_equals_literal_ci(ZEND_TYPE_NAME(single_type), "parent")) {
6744 zend_error_noreturn(E_COMPILE_ERROR,
6745 "Type %s cannot be part of an intersection type", ZSTR_VAL(ZEND_TYPE_NAME(single_type)));
6746 }
6747
6748 /* Add type to the type list */
6749 type_list->types[type_list->num_types++] = single_type;
6750
6751 /* Check for trivially redundant class types */
6752 zend_is_type_list_redundant_by_single_type(type_list, single_type);
6753 }
6754
6755 ZEND_ASSERT(list->children == type_list->num_types);
6756
6757 /* An implicitly nullable intersection type needs to be converted to a DNF type */
6758 if (force_allow_null) {
6759 zend_type intersection_type = ZEND_TYPE_INIT_NONE(0);
6760 ZEND_TYPE_SET_LIST(intersection_type, type_list);
6761 ZEND_TYPE_FULL_MASK(intersection_type) |= _ZEND_TYPE_INTERSECTION_BIT;
6762 ZEND_TYPE_FULL_MASK(intersection_type) |= _ZEND_TYPE_ARENA_BIT;
6763
6764 zend_type_list *dnf_type_list = zend_arena_alloc(&CG(arena), ZEND_TYPE_LIST_SIZE(1));
6765 dnf_type_list->num_types = 1;
6766 dnf_type_list->types[0] = intersection_type;
6767 ZEND_TYPE_SET_LIST(type, dnf_type_list);
6768 /* Inform that the type list is a DNF type */
6769 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_UNION_BIT;
6770 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6771 } else {
6772 ZEND_TYPE_SET_LIST(type, type_list);
6773 /* Inform that the type list is an intersection type */
6774 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_INTERSECTION_BIT;
6775 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6776 }
6777 } else {
6778 type = zend_compile_single_typename(ast);
6779 }
6780
6781 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
6782
6783 if (type_mask == MAY_BE_ANY && is_marked_nullable) {
6784 zend_error_noreturn(E_COMPILE_ERROR, "Type mixed cannot be marked as nullable since mixed already includes null");
6785 }
6786
6787 if ((type_mask & MAY_BE_NULL) && is_marked_nullable) {
6788 zend_error_noreturn(E_COMPILE_ERROR, "null cannot be marked as nullable");
6789 }
6790
6791 if (force_allow_null && !is_marked_nullable && !(type_mask & MAY_BE_NULL)) {
6792 *forced_allow_null = true;
6793 }
6794
6795 if (is_marked_nullable || force_allow_null) {
6796 ZEND_TYPE_FULL_MASK(type) |= MAY_BE_NULL;
6797 type_mask = ZEND_TYPE_PURE_MASK(type);
6798 }
6799
6800 if ((type_mask & MAY_BE_VOID) && (ZEND_TYPE_IS_COMPLEX(type) || type_mask != MAY_BE_VOID)) {
6801 zend_error_noreturn(E_COMPILE_ERROR, "Void can only be used as a standalone type");
6802 }
6803
6804 if ((type_mask & MAY_BE_NEVER) && (ZEND_TYPE_IS_COMPLEX(type) || type_mask != MAY_BE_NEVER)) {
6805 zend_error_noreturn(E_COMPILE_ERROR, "never can only be used as a standalone type");
6806 }
6807
6808 ast->attr = orig_ast_attr;
6809 return type;
6810 }
6811 /* }}} */
6812
zend_compile_typename(zend_ast * ast,bool force_allow_null)6813 static zend_type zend_compile_typename(zend_ast *ast, bool force_allow_null)
6814 {
6815 bool forced_allow_null;
6816 return zend_compile_typename_ex(ast, force_allow_null, &forced_allow_null);
6817 }
6818
6819 /* May convert value from int to float. */
zend_is_valid_default_value(zend_type type,zval * value)6820 static bool zend_is_valid_default_value(zend_type type, zval *value)
6821 {
6822 ZEND_ASSERT(ZEND_TYPE_IS_SET(type));
6823 if (ZEND_TYPE_CONTAINS_CODE(type, Z_TYPE_P(value))) {
6824 return 1;
6825 }
6826 if ((ZEND_TYPE_FULL_MASK(type) & MAY_BE_DOUBLE) && Z_TYPE_P(value) == IS_LONG) {
6827 /* Integers are allowed as initializers for floating-point values. */
6828 convert_to_double(value);
6829 return 1;
6830 }
6831 return 0;
6832 }
6833
zend_compile_attributes(HashTable ** attributes,zend_ast * ast,uint32_t offset,uint32_t target,uint32_t promoted)6834 static void zend_compile_attributes(
6835 HashTable **attributes, zend_ast *ast, uint32_t offset, uint32_t target, uint32_t promoted
6836 ) /* {{{ */ {
6837 zend_attribute *attr;
6838 zend_internal_attribute *config;
6839
6840 zend_ast_list *list = zend_ast_get_list(ast);
6841 uint32_t g, i, j;
6842
6843 ZEND_ASSERT(ast->kind == ZEND_AST_ATTRIBUTE_LIST);
6844
6845 for (g = 0; g < list->children; g++) {
6846 zend_ast_list *group = zend_ast_get_list(list->child[g]);
6847
6848 ZEND_ASSERT(group->kind == ZEND_AST_ATTRIBUTE_GROUP);
6849
6850 for (i = 0; i < group->children; i++) {
6851 ZEND_ASSERT(group->child[i]->kind == ZEND_AST_ATTRIBUTE);
6852
6853 zend_ast *el = group->child[i];
6854
6855 if (el->child[1] &&
6856 el->child[1]->kind == ZEND_AST_CALLABLE_CONVERT) {
6857 zend_error_noreturn(E_COMPILE_ERROR,
6858 "Cannot create Closure as attribute argument");
6859 }
6860
6861 zend_string *name = zend_resolve_class_name_ast(el->child[0]);
6862 zend_string *lcname = zend_string_tolower_ex(name, false);
6863 zend_ast_list *args = el->child[1] ? zend_ast_get_list(el->child[1]) : NULL;
6864
6865 config = zend_internal_attribute_get(lcname);
6866 zend_string_release(lcname);
6867
6868 /* Exclude internal attributes that do not match on promoted properties. */
6869 if (config && !(target & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL))) {
6870 if (promoted & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL)) {
6871 zend_string_release(name);
6872 continue;
6873 }
6874 }
6875
6876 uint32_t flags = (CG(active_op_array)->fn_flags & ZEND_ACC_STRICT_TYPES)
6877 ? ZEND_ATTRIBUTE_STRICT_TYPES : 0;
6878 attr = zend_add_attribute(
6879 attributes, name, args ? args->children : 0, flags, offset, el->lineno);
6880 zend_string_release(name);
6881
6882 /* Populate arguments */
6883 if (args) {
6884 ZEND_ASSERT(args->kind == ZEND_AST_ARG_LIST);
6885
6886 bool uses_named_args = 0;
6887 for (j = 0; j < args->children; j++) {
6888 zend_ast **arg_ast_ptr = &args->child[j];
6889 zend_ast *arg_ast = *arg_ast_ptr;
6890
6891 if (arg_ast->kind == ZEND_AST_UNPACK) {
6892 zend_error_noreturn(E_COMPILE_ERROR,
6893 "Cannot use unpacking in attribute argument list");
6894 }
6895
6896 if (arg_ast->kind == ZEND_AST_NAMED_ARG) {
6897 attr->args[j].name = zend_string_copy(zend_ast_get_str(arg_ast->child[0]));
6898 arg_ast_ptr = &arg_ast->child[1];
6899 uses_named_args = 1;
6900
6901 for (uint32_t k = 0; k < j; k++) {
6902 if (attr->args[k].name &&
6903 zend_string_equals(attr->args[k].name, attr->args[j].name)) {
6904 zend_error_noreturn(E_COMPILE_ERROR, "Duplicate named parameter $%s",
6905 ZSTR_VAL(attr->args[j].name));
6906 }
6907 }
6908 } else if (uses_named_args) {
6909 zend_error_noreturn(E_COMPILE_ERROR,
6910 "Cannot use positional argument after named argument");
6911 }
6912
6913 zend_const_expr_to_zval(
6914 &attr->args[j].value, arg_ast_ptr, /* allow_dynamic */ true);
6915 }
6916 }
6917 }
6918 }
6919
6920 if (*attributes != NULL) {
6921 /* Validate attributes in a secondary loop (needed to detect repeated attributes). */
6922 ZEND_HASH_PACKED_FOREACH_PTR(*attributes, attr) {
6923 if (attr->offset != offset || NULL == (config = zend_internal_attribute_get(attr->lcname))) {
6924 continue;
6925 }
6926
6927 if (!(target & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL))) {
6928 zend_string *location = zend_get_attribute_target_names(target);
6929 zend_string *allowed = zend_get_attribute_target_names(config->flags);
6930
6931 zend_error_noreturn(E_ERROR, "Attribute \"%s\" cannot target %s (allowed targets: %s)",
6932 ZSTR_VAL(attr->name), ZSTR_VAL(location), ZSTR_VAL(allowed)
6933 );
6934 }
6935
6936 if (!(config->flags & ZEND_ATTRIBUTE_IS_REPEATABLE)) {
6937 if (zend_is_attribute_repeated(*attributes, attr)) {
6938 zend_error_noreturn(E_ERROR, "Attribute \"%s\" must not be repeated", ZSTR_VAL(attr->name));
6939 }
6940 }
6941
6942 if (config->validator != NULL) {
6943 config->validator(attr, target, CG(active_class_entry));
6944 }
6945 } ZEND_HASH_FOREACH_END();
6946 }
6947 }
6948 /* }}} */
6949
zend_compile_params(zend_ast * ast,zend_ast * return_type_ast,uint32_t fallback_return_type)6950 static void zend_compile_params(zend_ast *ast, zend_ast *return_type_ast, uint32_t fallback_return_type) /* {{{ */
6951 {
6952 zend_ast_list *list = zend_ast_get_list(ast);
6953 uint32_t i;
6954 zend_op_array *op_array = CG(active_op_array);
6955 zend_arg_info *arg_infos;
6956
6957 if (return_type_ast || fallback_return_type) {
6958 /* Use op_array->arg_info[-1] for return type */
6959 arg_infos = safe_emalloc(sizeof(zend_arg_info), list->children + 1, 0);
6960 arg_infos->name = NULL;
6961 if (return_type_ast) {
6962 arg_infos->type = zend_compile_typename(
6963 return_type_ast, /* force_allow_null */ 0);
6964 ZEND_TYPE_FULL_MASK(arg_infos->type) |= _ZEND_ARG_INFO_FLAGS(
6965 (op_array->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0, /* is_variadic */ 0, /* is_tentative */ 0);
6966 } else {
6967 arg_infos->type = (zend_type) ZEND_TYPE_INIT_CODE(fallback_return_type, 0, 0);
6968 }
6969 arg_infos++;
6970 op_array->fn_flags |= ZEND_ACC_HAS_RETURN_TYPE;
6971
6972 if (ZEND_TYPE_CONTAINS_CODE(arg_infos[-1].type, IS_VOID)
6973 && (op_array->fn_flags & ZEND_ACC_RETURN_REFERENCE)) {
6974 zend_error(E_DEPRECATED, "Returning by reference from a void function is deprecated");
6975 }
6976 } else {
6977 if (list->children == 0) {
6978 return;
6979 }
6980 arg_infos = safe_emalloc(sizeof(zend_arg_info), list->children, 0);
6981 }
6982
6983 /* Find last required parameter number for deprecation message. */
6984 uint32_t last_required_param = (uint32_t) -1;
6985 for (i = 0; i < list->children; ++i) {
6986 zend_ast *param_ast = list->child[i];
6987 zend_ast *default_ast_ptr = param_ast->child[2];
6988 bool is_variadic = (param_ast->attr & ZEND_PARAM_VARIADIC) != 0;
6989 if (!default_ast_ptr && !is_variadic) {
6990 last_required_param = i;
6991 }
6992 }
6993
6994 for (i = 0; i < list->children; ++i) {
6995 zend_ast *param_ast = list->child[i];
6996 zend_ast *type_ast = param_ast->child[0];
6997 zend_ast *var_ast = param_ast->child[1];
6998 zend_ast **default_ast_ptr = ¶m_ast->child[2];
6999 zend_ast *attributes_ast = param_ast->child[3];
7000 zend_ast *doc_comment_ast = param_ast->child[4];
7001 zend_string *name = zval_make_interned_string(zend_ast_get_zval(var_ast));
7002 bool is_ref = (param_ast->attr & ZEND_PARAM_REF) != 0;
7003 bool is_variadic = (param_ast->attr & ZEND_PARAM_VARIADIC) != 0;
7004 uint32_t property_flags = param_ast->attr & (ZEND_ACC_PPP_MASK | ZEND_ACC_READONLY);
7005
7006 znode var_node, default_node;
7007 uint8_t opcode;
7008 zend_op *opline;
7009 zend_arg_info *arg_info;
7010
7011 if (zend_is_auto_global(name)) {
7012 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign auto-global variable %s",
7013 ZSTR_VAL(name));
7014 }
7015
7016 var_node.op_type = IS_CV;
7017 var_node.u.op.var = lookup_cv(name);
7018
7019 if (EX_VAR_TO_NUM(var_node.u.op.var) != i) {
7020 zend_error_noreturn(E_COMPILE_ERROR, "Redefinition of parameter $%s",
7021 ZSTR_VAL(name));
7022 } else if (zend_string_equals(name, ZSTR_KNOWN(ZEND_STR_THIS))) {
7023 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as parameter");
7024 }
7025
7026 if (op_array->fn_flags & ZEND_ACC_VARIADIC) {
7027 zend_error_noreturn(E_COMPILE_ERROR, "Only the last parameter can be variadic");
7028 }
7029
7030 if (is_variadic) {
7031 opcode = ZEND_RECV_VARIADIC;
7032 default_node.op_type = IS_UNUSED;
7033 op_array->fn_flags |= ZEND_ACC_VARIADIC;
7034
7035 if (*default_ast_ptr) {
7036 zend_error_noreturn(E_COMPILE_ERROR,
7037 "Variadic parameter cannot have a default value");
7038 }
7039 } else if (*default_ast_ptr) {
7040 /* we cannot substitute constants here or it will break ReflectionParameter::getDefaultValueConstantName() and ReflectionParameter::isDefaultValueConstant() */
7041 uint32_t cops = CG(compiler_options);
7042 CG(compiler_options) |= ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION | ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION;
7043 opcode = ZEND_RECV_INIT;
7044 default_node.op_type = IS_CONST;
7045 zend_const_expr_to_zval(
7046 &default_node.u.constant, default_ast_ptr, /* allow_dynamic */ true);
7047 CG(compiler_options) = cops;
7048 } else {
7049 opcode = ZEND_RECV;
7050 default_node.op_type = IS_UNUSED;
7051 op_array->required_num_args = i + 1;
7052 }
7053
7054 arg_info = &arg_infos[i];
7055 arg_info->name = zend_string_copy(name);
7056 arg_info->type = (zend_type) ZEND_TYPE_INIT_NONE(0);
7057
7058 if (attributes_ast) {
7059 zend_compile_attributes(
7060 &op_array->attributes, attributes_ast, i + 1, ZEND_ATTRIBUTE_TARGET_PARAMETER,
7061 property_flags ? ZEND_ATTRIBUTE_TARGET_PROPERTY : 0
7062 );
7063 }
7064
7065 bool forced_allow_nullable = false;
7066 if (type_ast) {
7067 uint32_t default_type = *default_ast_ptr ? Z_TYPE(default_node.u.constant) : IS_UNDEF;
7068 bool force_nullable = default_type == IS_NULL && !property_flags;
7069
7070 op_array->fn_flags |= ZEND_ACC_HAS_TYPE_HINTS;
7071 arg_info->type = zend_compile_typename_ex(type_ast, force_nullable, &forced_allow_nullable);
7072
7073 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_VOID) {
7074 zend_error_noreturn(E_COMPILE_ERROR, "void cannot be used as a parameter type");
7075 }
7076
7077 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_NEVER) {
7078 zend_error_noreturn(E_COMPILE_ERROR, "never cannot be used as a parameter type");
7079 }
7080
7081 if (default_type != IS_UNDEF && default_type != IS_CONSTANT_AST && !force_nullable
7082 && !zend_is_valid_default_value(arg_info->type, &default_node.u.constant)) {
7083 zend_string *type_str = zend_type_to_string(arg_info->type);
7084 zend_error_noreturn(E_COMPILE_ERROR,
7085 "Cannot use %s as default value for parameter $%s of type %s",
7086 zend_get_type_by_const(default_type),
7087 ZSTR_VAL(name), ZSTR_VAL(type_str));
7088 }
7089 }
7090 if (last_required_param != (uint32_t) -1
7091 && i < last_required_param
7092 && default_node.op_type == IS_CONST) {
7093 /* Ignore parameters of the form "Type $param = null".
7094 * This is the PHP 5 style way of writing "?Type $param", so allow it for now. */
7095 if (!forced_allow_nullable) {
7096 zend_ast *required_param_ast = list->child[last_required_param];
7097 zend_error(E_DEPRECATED,
7098 "Optional parameter $%s declared before required parameter $%s "
7099 "is implicitly treated as a required parameter",
7100 ZSTR_VAL(name), ZSTR_VAL(zend_ast_get_str(required_param_ast->child[1])));
7101 }
7102
7103 /* Regardless of whether we issue a deprecation, convert this parameter into
7104 * a required parameter without a default value. This ensures that it cannot be
7105 * used as an optional parameter even with named parameters. */
7106 opcode = ZEND_RECV;
7107 default_node.op_type = IS_UNUSED;
7108 zval_ptr_dtor(&default_node.u.constant);
7109 }
7110
7111 opline = zend_emit_op(NULL, opcode, NULL, &default_node);
7112 SET_NODE(opline->result, &var_node);
7113 opline->op1.num = i + 1;
7114
7115 if (type_ast) {
7116 /* Allocate cache slot to speed-up run-time class resolution */
7117 opline->extended_value =
7118 zend_alloc_cache_slots(zend_type_get_num_classes(arg_info->type));
7119 }
7120
7121 uint32_t arg_info_flags = _ZEND_ARG_INFO_FLAGS(is_ref, is_variadic, /* is_tentative */ 0)
7122 | (property_flags ? _ZEND_IS_PROMOTED_BIT : 0);
7123 ZEND_TYPE_FULL_MASK(arg_info->type) |= arg_info_flags;
7124 if (opcode == ZEND_RECV) {
7125 opline->op2.num = type_ast ?
7126 ZEND_TYPE_FULL_MASK(arg_info->type) : MAY_BE_ANY;
7127 }
7128
7129 if (property_flags) {
7130 zend_op_array *op_array = CG(active_op_array);
7131 zend_class_entry *scope = op_array->scope;
7132
7133 bool is_ctor =
7134 scope && zend_is_constructor(op_array->function_name);
7135 if (!is_ctor) {
7136 zend_error_noreturn(E_COMPILE_ERROR,
7137 "Cannot declare promoted property outside a constructor");
7138 }
7139 if ((op_array->fn_flags & ZEND_ACC_ABSTRACT)
7140 || (scope->ce_flags & ZEND_ACC_INTERFACE)) {
7141 zend_error_noreturn(E_COMPILE_ERROR,
7142 "Cannot declare promoted property in an abstract constructor");
7143 }
7144 if (is_variadic) {
7145 zend_error_noreturn(E_COMPILE_ERROR,
7146 "Cannot declare variadic promoted property");
7147 }
7148 if (zend_hash_exists(&scope->properties_info, name)) {
7149 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::$%s",
7150 ZSTR_VAL(scope->name), ZSTR_VAL(name));
7151 }
7152 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_CALLABLE) {
7153 zend_string *str = zend_type_to_string(arg_info->type);
7154 zend_error_noreturn(E_COMPILE_ERROR,
7155 "Property %s::$%s cannot have type %s",
7156 ZSTR_VAL(scope->name), ZSTR_VAL(name), ZSTR_VAL(str));
7157 }
7158
7159 if (!(property_flags & ZEND_ACC_READONLY) && (scope->ce_flags & ZEND_ACC_READONLY_CLASS)) {
7160 property_flags |= ZEND_ACC_READONLY;
7161 }
7162
7163 /* Recompile the type, as it has different memory management requirements. */
7164 zend_type type = ZEND_TYPE_INIT_NONE(0);
7165 if (type_ast) {
7166 type = zend_compile_typename(type_ast, /* force_allow_null */ 0);
7167 }
7168
7169 /* Don't give the property an explicit default value. For typed properties this means
7170 * uninitialized, for untyped properties it means an implicit null default value. */
7171 zval default_value;
7172 if (ZEND_TYPE_IS_SET(type)) {
7173 ZVAL_UNDEF(&default_value);
7174 } else {
7175 if (property_flags & ZEND_ACC_READONLY) {
7176 zend_error_noreturn(E_COMPILE_ERROR, "Readonly property %s::$%s must have type",
7177 ZSTR_VAL(scope->name), ZSTR_VAL(name));
7178 }
7179
7180 ZVAL_NULL(&default_value);
7181 }
7182
7183 zend_string *doc_comment =
7184 doc_comment_ast ? zend_string_copy(zend_ast_get_str(doc_comment_ast)) : NULL;
7185 zend_property_info *prop = zend_declare_typed_property(
7186 scope, name, &default_value, property_flags | ZEND_ACC_PROMOTED, doc_comment, type);
7187 if (attributes_ast) {
7188 zend_compile_attributes(
7189 &prop->attributes, attributes_ast, 0, ZEND_ATTRIBUTE_TARGET_PROPERTY, ZEND_ATTRIBUTE_TARGET_PARAMETER);
7190 }
7191 }
7192 }
7193
7194 /* These are assigned at the end to avoid uninitialized memory in case of an error */
7195 op_array->num_args = list->children;
7196 op_array->arg_info = arg_infos;
7197
7198 /* Don't count the variadic argument */
7199 if (op_array->fn_flags & ZEND_ACC_VARIADIC) {
7200 op_array->num_args--;
7201 }
7202 zend_set_function_arg_flags((zend_function*)op_array);
7203
7204 for (i = 0; i < list->children; i++) {
7205 zend_ast *param_ast = list->child[i];
7206 bool is_ref = (param_ast->attr & ZEND_PARAM_REF) != 0;
7207 uint32_t flags = param_ast->attr & (ZEND_ACC_PPP_MASK | ZEND_ACC_READONLY);
7208 if (!flags) {
7209 continue;
7210 }
7211
7212 /* Emit $this->prop = $prop for promoted properties. */
7213 zend_string *name = zend_ast_get_str(param_ast->child[1]);
7214 znode name_node, value_node;
7215 name_node.op_type = IS_CONST;
7216 ZVAL_STR_COPY(&name_node.u.constant, name);
7217 value_node.op_type = IS_CV;
7218 value_node.u.op.var = lookup_cv(name);
7219
7220 zend_op *opline = zend_emit_op(NULL,
7221 is_ref ? ZEND_ASSIGN_OBJ_REF : ZEND_ASSIGN_OBJ, NULL, &name_node);
7222 opline->extended_value = zend_alloc_cache_slots(3);
7223 zend_emit_op_data(&value_node);
7224 }
7225 }
7226 /* }}} */
7227
zend_compile_closure_binding(znode * closure,zend_op_array * op_array,zend_ast * uses_ast)7228 static void zend_compile_closure_binding(znode *closure, zend_op_array *op_array, zend_ast *uses_ast) /* {{{ */
7229 {
7230 zend_ast_list *list = zend_ast_get_list(uses_ast);
7231 uint32_t i;
7232
7233 if (!list->children) {
7234 return;
7235 }
7236
7237 if (!op_array->static_variables) {
7238 op_array->static_variables = zend_new_array(8);
7239 }
7240
7241 for (i = 0; i < list->children; ++i) {
7242 zend_ast *var_name_ast = list->child[i];
7243 zend_string *var_name = zval_make_interned_string(zend_ast_get_zval(var_name_ast));
7244 uint32_t mode = var_name_ast->attr;
7245 zend_op *opline;
7246 zval *value;
7247
7248 if (zend_string_equals(var_name, ZSTR_KNOWN(ZEND_STR_THIS))) {
7249 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as lexical variable");
7250 }
7251
7252 if (zend_is_auto_global(var_name)) {
7253 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use auto-global as lexical variable");
7254 }
7255
7256 value = zend_hash_add(op_array->static_variables, var_name, &EG(uninitialized_zval));
7257 if (!value) {
7258 zend_error_noreturn(E_COMPILE_ERROR,
7259 "Cannot use variable $%s twice", ZSTR_VAL(var_name));
7260 }
7261
7262 CG(zend_lineno) = zend_ast_get_lineno(var_name_ast);
7263
7264 opline = zend_emit_op(NULL, ZEND_BIND_LEXICAL, closure, NULL);
7265 opline->op2_type = IS_CV;
7266 opline->op2.var = lookup_cv(var_name);
7267 opline->extended_value =
7268 (uint32_t)((char*)value - (char*)op_array->static_variables->arData) | mode;
7269 }
7270 }
7271 /* }}} */
7272
7273 typedef struct {
7274 HashTable uses;
7275 bool varvars_used;
7276 } closure_info;
7277
find_implicit_binds_recursively(closure_info * info,zend_ast * ast)7278 static void find_implicit_binds_recursively(closure_info *info, zend_ast *ast) {
7279 if (!ast) {
7280 return;
7281 }
7282
7283 if (ast->kind == ZEND_AST_VAR) {
7284 zend_ast *name_ast = ast->child[0];
7285 if (name_ast->kind == ZEND_AST_ZVAL && Z_TYPE_P(zend_ast_get_zval(name_ast)) == IS_STRING) {
7286 zend_string *name = zend_ast_get_str(name_ast);
7287 if (zend_is_auto_global(name)) {
7288 /* These is no need to explicitly import auto-globals. */
7289 return;
7290 }
7291
7292 if (zend_string_equals(name, ZSTR_KNOWN(ZEND_STR_THIS))) {
7293 /* $this does not need to be explicitly imported. */
7294 return;
7295 }
7296
7297 zend_hash_add_empty_element(&info->uses, name);
7298 } else {
7299 info->varvars_used = 1;
7300 find_implicit_binds_recursively(info, name_ast);
7301 }
7302 } else if (zend_ast_is_list(ast)) {
7303 zend_ast_list *list = zend_ast_get_list(ast);
7304 uint32_t i;
7305 for (i = 0; i < list->children; i++) {
7306 find_implicit_binds_recursively(info, list->child[i]);
7307 }
7308 } else if (ast->kind == ZEND_AST_CLOSURE) {
7309 /* For normal closures add the use() list. */
7310 zend_ast_decl *closure_ast = (zend_ast_decl *) ast;
7311 zend_ast *uses_ast = closure_ast->child[1];
7312 if (uses_ast) {
7313 zend_ast_list *uses_list = zend_ast_get_list(uses_ast);
7314 uint32_t i;
7315 for (i = 0; i < uses_list->children; i++) {
7316 zend_hash_add_empty_element(&info->uses, zend_ast_get_str(uses_list->child[i]));
7317 }
7318 }
7319 } else if (ast->kind == ZEND_AST_ARROW_FUNC) {
7320 /* For arrow functions recursively check the expression. */
7321 zend_ast_decl *closure_ast = (zend_ast_decl *) ast;
7322 find_implicit_binds_recursively(info, closure_ast->child[2]);
7323 } else if (!zend_ast_is_special(ast)) {
7324 uint32_t i, children = zend_ast_get_num_children(ast);
7325 for (i = 0; i < children; i++) {
7326 find_implicit_binds_recursively(info, ast->child[i]);
7327 }
7328 }
7329 }
7330
find_implicit_binds(closure_info * info,zend_ast * params_ast,zend_ast * stmt_ast)7331 static void find_implicit_binds(closure_info *info, zend_ast *params_ast, zend_ast *stmt_ast)
7332 {
7333 zend_ast_list *param_list = zend_ast_get_list(params_ast);
7334 uint32_t i;
7335
7336 zend_hash_init(&info->uses, param_list->children, NULL, NULL, 0);
7337
7338 find_implicit_binds_recursively(info, stmt_ast);
7339
7340 /* Remove variables that are parameters */
7341 for (i = 0; i < param_list->children; i++) {
7342 zend_ast *param_ast = param_list->child[i];
7343 zend_hash_del(&info->uses, zend_ast_get_str(param_ast->child[1]));
7344 }
7345 }
7346
compile_implicit_lexical_binds(closure_info * info,znode * closure,zend_op_array * op_array)7347 static void compile_implicit_lexical_binds(
7348 closure_info *info, znode *closure, zend_op_array *op_array)
7349 {
7350 zend_string *var_name;
7351 zend_op *opline;
7352
7353 /* TODO We might want to use a special binding mode if varvars_used is set. */
7354 if (zend_hash_num_elements(&info->uses) == 0) {
7355 return;
7356 }
7357
7358 if (!op_array->static_variables) {
7359 op_array->static_variables = zend_new_array(8);
7360 }
7361
7362 ZEND_HASH_MAP_FOREACH_STR_KEY(&info->uses, var_name)
7363 zval *value = zend_hash_add(
7364 op_array->static_variables, var_name, &EG(uninitialized_zval));
7365 uint32_t offset = (uint32_t)((char*)value - (char*)op_array->static_variables->arData);
7366
7367 opline = zend_emit_op(NULL, ZEND_BIND_LEXICAL, closure, NULL);
7368 opline->op2_type = IS_CV;
7369 opline->op2.var = lookup_cv(var_name);
7370 opline->extended_value = offset | ZEND_BIND_IMPLICIT;
7371 ZEND_HASH_FOREACH_END();
7372 }
7373
zend_compile_closure_uses(zend_ast * ast)7374 static void zend_compile_closure_uses(zend_ast *ast) /* {{{ */
7375 {
7376 zend_op_array *op_array = CG(active_op_array);
7377 zend_ast_list *list = zend_ast_get_list(ast);
7378 uint32_t i;
7379
7380 for (i = 0; i < list->children; ++i) {
7381 uint32_t mode = ZEND_BIND_EXPLICIT;
7382 zend_ast *var_ast = list->child[i];
7383 zend_string *var_name = zend_ast_get_str(var_ast);
7384 zval zv;
7385 ZVAL_NULL(&zv);
7386
7387 {
7388 int i;
7389 for (i = 0; i < op_array->last_var; i++) {
7390 if (zend_string_equals(op_array->vars[i], var_name)) {
7391 zend_error_noreturn(E_COMPILE_ERROR,
7392 "Cannot use lexical variable $%s as a parameter name", ZSTR_VAL(var_name));
7393 }
7394 }
7395 }
7396
7397 CG(zend_lineno) = zend_ast_get_lineno(var_ast);
7398
7399 if (var_ast->attr) {
7400 mode |= ZEND_BIND_REF;
7401 }
7402
7403 zend_compile_static_var_common(var_name, &zv, mode);
7404 }
7405 }
7406 /* }}} */
7407
zend_compile_implicit_closure_uses(closure_info * info)7408 static void zend_compile_implicit_closure_uses(closure_info *info)
7409 {
7410 zend_string *var_name;
7411 ZEND_HASH_MAP_FOREACH_STR_KEY(&info->uses, var_name)
7412 zval zv;
7413 ZVAL_NULL(&zv);
7414 zend_compile_static_var_common(var_name, &zv, ZEND_BIND_IMPLICIT);
7415 ZEND_HASH_FOREACH_END();
7416 }
7417
add_stringable_interface(zend_class_entry * ce)7418 static void add_stringable_interface(zend_class_entry *ce) {
7419 for (uint32_t i = 0; i < ce->num_interfaces; i++) {
7420 if (zend_string_equals_literal(ce->interface_names[i].lc_name, "stringable")) {
7421 /* Interface already explicitly implemented */
7422 return;
7423 }
7424 }
7425
7426 ce->num_interfaces++;
7427 ce->interface_names =
7428 erealloc(ce->interface_names, sizeof(zend_class_name) * ce->num_interfaces);
7429 // TODO: Add known interned strings instead?
7430 ce->interface_names[ce->num_interfaces - 1].name =
7431 ZSTR_INIT_LITERAL("Stringable", 0);
7432 ce->interface_names[ce->num_interfaces - 1].lc_name =
7433 ZSTR_INIT_LITERAL("stringable", 0);
7434 }
7435
zend_begin_method_decl(zend_op_array * op_array,zend_string * name,bool has_body)7436 static zend_string *zend_begin_method_decl(zend_op_array *op_array, zend_string *name, bool has_body) /* {{{ */
7437 {
7438 zend_class_entry *ce = CG(active_class_entry);
7439 bool in_interface = (ce->ce_flags & ZEND_ACC_INTERFACE) != 0;
7440 uint32_t fn_flags = op_array->fn_flags;
7441
7442 zend_string *lcname;
7443
7444 if (fn_flags & ZEND_ACC_READONLY) {
7445 zend_error(E_COMPILE_ERROR, "Cannot use 'readonly' as method modifier");
7446 }
7447
7448 if ((fn_flags & ZEND_ACC_PRIVATE) && (fn_flags & ZEND_ACC_FINAL) && !zend_is_constructor(name)) {
7449 zend_error(E_COMPILE_WARNING, "Private methods cannot be final as they are never overridden by other classes");
7450 }
7451
7452 if (in_interface) {
7453 if (!(fn_flags & ZEND_ACC_PUBLIC)) {
7454 zend_error_noreturn(E_COMPILE_ERROR, "Access type for interface method "
7455 "%s::%s() must be public", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7456 }
7457 if (fn_flags & ZEND_ACC_FINAL) {
7458 zend_error_noreturn(E_COMPILE_ERROR, "Interface method "
7459 "%s::%s() must not be final", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7460 }
7461 if (fn_flags & ZEND_ACC_ABSTRACT) {
7462 zend_error_noreturn(E_COMPILE_ERROR, "Interface method "
7463 "%s::%s() must not be abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7464 }
7465 op_array->fn_flags |= ZEND_ACC_ABSTRACT;
7466 }
7467
7468 if (op_array->fn_flags & ZEND_ACC_ABSTRACT) {
7469 if ((op_array->fn_flags & ZEND_ACC_PRIVATE) && !(ce->ce_flags & ZEND_ACC_TRAIT)) {
7470 zend_error_noreturn(E_COMPILE_ERROR, "%s function %s::%s() cannot be declared private",
7471 in_interface ? "Interface" : "Abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7472 }
7473
7474 if (has_body) {
7475 zend_error_noreturn(E_COMPILE_ERROR, "%s function %s::%s() cannot contain body",
7476 in_interface ? "Interface" : "Abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
7477 }
7478
7479 ce->ce_flags |= ZEND_ACC_IMPLICIT_ABSTRACT_CLASS;
7480 } else if (!has_body) {
7481 zend_error_noreturn(E_COMPILE_ERROR, "Non-abstract method %s::%s() must contain body",
7482 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7483 }
7484
7485 op_array->scope = ce;
7486 op_array->function_name = zend_string_copy(name);
7487
7488 lcname = zend_string_tolower(name);
7489 lcname = zend_new_interned_string(lcname);
7490
7491 if (zend_hash_add_ptr(&ce->function_table, lcname, op_array) == NULL) {
7492 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::%s()",
7493 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7494 }
7495
7496 zend_add_magic_method(ce, (zend_function *) op_array, lcname);
7497 if (zend_string_equals_literal(lcname, ZEND_TOSTRING_FUNC_NAME)
7498 && !(ce->ce_flags & ZEND_ACC_TRAIT)) {
7499 add_stringable_interface(ce);
7500 }
7501
7502 return lcname;
7503 }
7504 /* }}} */
7505
zend_add_dynamic_func_def(zend_op_array * def)7506 static uint32_t zend_add_dynamic_func_def(zend_op_array *def) {
7507 zend_op_array *op_array = CG(active_op_array);
7508 uint32_t def_offset = op_array->num_dynamic_func_defs++;
7509 op_array->dynamic_func_defs = erealloc(
7510 op_array->dynamic_func_defs, op_array->num_dynamic_func_defs * sizeof(zend_op_array *));
7511 op_array->dynamic_func_defs[def_offset] = def;
7512 return def_offset;
7513 }
7514
zend_begin_func_decl(znode * result,zend_op_array * op_array,zend_ast_decl * decl,bool toplevel)7515 static zend_string *zend_begin_func_decl(znode *result, zend_op_array *op_array, zend_ast_decl *decl, bool toplevel) /* {{{ */
7516 {
7517 zend_string *unqualified_name, *name, *lcname;
7518 zend_op *opline;
7519
7520 unqualified_name = decl->name;
7521 op_array->function_name = name = zend_prefix_with_ns(unqualified_name);
7522 lcname = zend_string_tolower(name);
7523
7524 if (FC(imports_function)) {
7525 zend_string *import_name =
7526 zend_hash_find_ptr_lc(FC(imports_function), unqualified_name);
7527 if (import_name && !zend_string_equals_ci(lcname, import_name)) {
7528 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare function %s "
7529 "because the name is already in use", ZSTR_VAL(name));
7530 }
7531 }
7532
7533 if (zend_string_equals_literal(lcname, "__autoload")) {
7534 zend_error_noreturn(E_COMPILE_ERROR,
7535 "__autoload() is no longer supported, use spl_autoload_register() instead");
7536 }
7537
7538 if (zend_string_equals_literal_ci(unqualified_name, "assert")) {
7539 zend_error(E_COMPILE_ERROR,
7540 "Defining a custom assert() function is not allowed, "
7541 "as the function has special semantics");
7542 }
7543
7544 zend_register_seen_symbol(lcname, ZEND_SYMBOL_FUNCTION);
7545 if (!toplevel) {
7546 uint32_t func_ref = zend_add_dynamic_func_def(op_array);
7547 if (op_array->fn_flags & ZEND_ACC_CLOSURE) {
7548 opline = zend_emit_op_tmp(result, ZEND_DECLARE_LAMBDA_FUNCTION, NULL, NULL);
7549 opline->op2.num = func_ref;
7550 } else {
7551 opline = get_next_op();
7552 opline->opcode = ZEND_DECLARE_FUNCTION;
7553 opline->op1_type = IS_CONST;
7554 LITERAL_STR(opline->op1, zend_string_copy(lcname));
7555 opline->op2.num = func_ref;
7556 }
7557 }
7558 return lcname;
7559 }
7560 /* }}} */
7561
zend_compile_func_decl(znode * result,zend_ast * ast,bool toplevel)7562 static void zend_compile_func_decl(znode *result, zend_ast *ast, bool toplevel) /* {{{ */
7563 {
7564 zend_ast_decl *decl = (zend_ast_decl *) ast;
7565 zend_ast *params_ast = decl->child[0];
7566 zend_ast *uses_ast = decl->child[1];
7567 zend_ast *stmt_ast = decl->child[2];
7568 zend_ast *return_type_ast = decl->child[3];
7569 bool is_method = decl->kind == ZEND_AST_METHOD;
7570 zend_string *lcname;
7571
7572 zend_class_entry *orig_class_entry = CG(active_class_entry);
7573 zend_op_array *orig_op_array = CG(active_op_array);
7574 zend_op_array *op_array = zend_arena_alloc(&CG(arena), sizeof(zend_op_array));
7575 zend_oparray_context orig_oparray_context;
7576 closure_info info;
7577 memset(&info, 0, sizeof(closure_info));
7578
7579 init_op_array(op_array, ZEND_USER_FUNCTION, INITIAL_OP_ARRAY_SIZE);
7580
7581 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
7582 op_array->fn_flags |= ZEND_ACC_PRELOADED;
7583 }
7584
7585 op_array->fn_flags |= (orig_op_array->fn_flags & ZEND_ACC_STRICT_TYPES);
7586 op_array->fn_flags |= decl->flags;
7587 op_array->line_start = decl->start_lineno;
7588 op_array->line_end = decl->end_lineno;
7589 if (decl->doc_comment) {
7590 op_array->doc_comment = zend_string_copy(decl->doc_comment);
7591 }
7592
7593 if (decl->kind == ZEND_AST_CLOSURE || decl->kind == ZEND_AST_ARROW_FUNC) {
7594 op_array->fn_flags |= ZEND_ACC_CLOSURE;
7595 }
7596
7597 if (is_method) {
7598 bool has_body = stmt_ast != NULL;
7599 lcname = zend_begin_method_decl(op_array, decl->name, has_body);
7600 } else {
7601 lcname = zend_begin_func_decl(result, op_array, decl, toplevel);
7602 if (decl->kind == ZEND_AST_ARROW_FUNC) {
7603 find_implicit_binds(&info, params_ast, stmt_ast);
7604 compile_implicit_lexical_binds(&info, result, op_array);
7605 } else if (uses_ast) {
7606 zend_compile_closure_binding(result, op_array, uses_ast);
7607 }
7608 }
7609
7610 CG(active_op_array) = op_array;
7611
7612 if (decl->child[4]) {
7613 int target = ZEND_ATTRIBUTE_TARGET_FUNCTION;
7614
7615 if (is_method) {
7616 target = ZEND_ATTRIBUTE_TARGET_METHOD;
7617 }
7618
7619 zend_compile_attributes(&op_array->attributes, decl->child[4], 0, target, 0);
7620
7621 zend_attribute *override_attribute = zend_get_attribute_str(
7622 op_array->attributes,
7623 "override",
7624 sizeof("override")-1
7625 );
7626
7627 if (override_attribute) {
7628 op_array->fn_flags |= ZEND_ACC_OVERRIDE;
7629 }
7630 }
7631
7632 /* Do not leak the class scope into free standing functions, even if they are dynamically
7633 * defined inside a class method. This is necessary for correct handling of magic constants.
7634 * For example __CLASS__ should always be "" inside a free standing function. */
7635 if (decl->kind == ZEND_AST_FUNC_DECL) {
7636 CG(active_class_entry) = NULL;
7637 }
7638
7639 if (toplevel) {
7640 op_array->fn_flags |= ZEND_ACC_TOP_LEVEL;
7641 }
7642
7643 zend_oparray_context_begin(&orig_oparray_context);
7644
7645 {
7646 /* Push a separator to the loop variable stack */
7647 zend_loop_var dummy_var;
7648 dummy_var.opcode = ZEND_RETURN;
7649
7650 zend_stack_push(&CG(loop_var_stack), (void *) &dummy_var);
7651 }
7652
7653 zend_compile_params(params_ast, return_type_ast,
7654 is_method && zend_string_equals_literal(lcname, ZEND_TOSTRING_FUNC_NAME) ? IS_STRING : 0);
7655 if (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) {
7656 zend_mark_function_as_generator();
7657 zend_emit_op(NULL, ZEND_GENERATOR_CREATE, NULL, NULL);
7658 }
7659 if (decl->kind == ZEND_AST_ARROW_FUNC) {
7660 zend_compile_implicit_closure_uses(&info);
7661 zend_hash_destroy(&info.uses);
7662 } else if (uses_ast) {
7663 zend_compile_closure_uses(uses_ast);
7664 }
7665
7666 if (ast->kind == ZEND_AST_ARROW_FUNC && decl->child[2]->kind != ZEND_AST_RETURN) {
7667 bool needs_return = true;
7668 if (op_array->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
7669 zend_arg_info *return_info = CG(active_op_array)->arg_info - 1;
7670 needs_return = !ZEND_TYPE_CONTAINS_CODE(return_info->type, IS_NEVER);
7671 }
7672 if (needs_return) {
7673 stmt_ast = zend_ast_create(ZEND_AST_RETURN, stmt_ast);
7674 decl->child[2] = stmt_ast;
7675 }
7676 }
7677
7678 zend_compile_stmt(stmt_ast);
7679
7680 if (is_method) {
7681 CG(zend_lineno) = decl->start_lineno;
7682 zend_check_magic_method_implementation(
7683 CG(active_class_entry), (zend_function *) op_array, lcname, E_COMPILE_ERROR);
7684 } else if (toplevel) {
7685 /* Only register the function after a successful compile */
7686 if (UNEXPECTED(zend_hash_add_ptr(CG(function_table), lcname, op_array) == NULL)) {
7687 do_bind_function_error(lcname, op_array, true);
7688 }
7689 }
7690
7691 /* put the implicit return on the really last line */
7692 CG(zend_lineno) = decl->end_lineno;
7693
7694 zend_do_extended_stmt();
7695 zend_emit_final_return(0);
7696
7697 pass_two(CG(active_op_array));
7698 zend_oparray_context_end(&orig_oparray_context);
7699
7700 /* Pop the loop variable stack separator */
7701 zend_stack_del_top(&CG(loop_var_stack));
7702
7703 if (toplevel) {
7704 zend_observer_function_declared_notify(op_array, lcname);
7705 }
7706
7707 zend_string_release_ex(lcname, 0);
7708
7709 CG(active_op_array) = orig_op_array;
7710 CG(active_class_entry) = orig_class_entry;
7711 }
7712 /* }}} */
7713
zend_compile_prop_decl(zend_ast * ast,zend_ast * type_ast,uint32_t flags,zend_ast * attr_ast)7714 static void zend_compile_prop_decl(zend_ast *ast, zend_ast *type_ast, uint32_t flags, zend_ast *attr_ast) /* {{{ */
7715 {
7716 zend_ast_list *list = zend_ast_get_list(ast);
7717 zend_class_entry *ce = CG(active_class_entry);
7718 uint32_t i, children = list->children;
7719
7720 if (ce->ce_flags & ZEND_ACC_INTERFACE) {
7721 zend_error_noreturn(E_COMPILE_ERROR, "Interfaces may not include properties");
7722 }
7723
7724 if (ce->ce_flags & ZEND_ACC_ENUM) {
7725 zend_error_noreturn(E_COMPILE_ERROR, "Enum %s cannot include properties", ZSTR_VAL(ce->name));
7726 }
7727
7728 for (i = 0; i < children; ++i) {
7729 zend_property_info *info;
7730 zend_ast *prop_ast = list->child[i];
7731 zend_ast *name_ast = prop_ast->child[0];
7732 zend_ast **value_ast_ptr = &prop_ast->child[1];
7733 zend_ast *doc_comment_ast = prop_ast->child[2];
7734 zend_string *name = zval_make_interned_string(zend_ast_get_zval(name_ast));
7735 zend_string *doc_comment = NULL;
7736 zval value_zv;
7737 zend_type type = ZEND_TYPE_INIT_NONE(0);
7738
7739 if (type_ast) {
7740 type = zend_compile_typename(type_ast, /* force_allow_null */ 0);
7741
7742 if (ZEND_TYPE_FULL_MASK(type) & (MAY_BE_VOID|MAY_BE_NEVER|MAY_BE_CALLABLE)) {
7743 zend_string *str = zend_type_to_string(type);
7744 zend_error_noreturn(E_COMPILE_ERROR,
7745 "Property %s::$%s cannot have type %s",
7746 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(str));
7747 }
7748 }
7749
7750 /* Doc comment has been appended as last element in ZEND_AST_PROP_ELEM ast */
7751 if (doc_comment_ast) {
7752 doc_comment = zend_string_copy(zend_ast_get_str(doc_comment_ast));
7753 }
7754
7755 if (zend_hash_exists(&ce->properties_info, name)) {
7756 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::$%s",
7757 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7758 }
7759
7760 if (*value_ast_ptr) {
7761 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
7762
7763 if (ZEND_TYPE_IS_SET(type) && !Z_CONSTANT(value_zv)
7764 && !zend_is_valid_default_value(type, &value_zv)) {
7765 zend_string *str = zend_type_to_string(type);
7766 if (Z_TYPE(value_zv) == IS_NULL && !ZEND_TYPE_IS_INTERSECTION(type)) {
7767 ZEND_TYPE_FULL_MASK(type) |= MAY_BE_NULL;
7768 zend_string *nullable_str = zend_type_to_string(type);
7769
7770 zend_error_noreturn(E_COMPILE_ERROR,
7771 "Default value for property of type %s may not be null. "
7772 "Use the nullable type %s to allow null default value",
7773 ZSTR_VAL(str), ZSTR_VAL(nullable_str));
7774 } else {
7775 zend_error_noreturn(E_COMPILE_ERROR,
7776 "Cannot use %s as default value for property %s::$%s of type %s",
7777 zend_zval_value_name(&value_zv),
7778 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(str));
7779 }
7780 }
7781 } else if (!ZEND_TYPE_IS_SET(type)) {
7782 ZVAL_NULL(&value_zv);
7783 } else {
7784 ZVAL_UNDEF(&value_zv);
7785 }
7786
7787 if ((ce->ce_flags & ZEND_ACC_READONLY_CLASS)) {
7788 flags |= ZEND_ACC_READONLY;
7789 }
7790
7791 if (flags & ZEND_ACC_READONLY) {
7792 if (!ZEND_TYPE_IS_SET(type)) {
7793 zend_error_noreturn(E_COMPILE_ERROR, "Readonly property %s::$%s must have type",
7794 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7795 }
7796 if (!Z_ISUNDEF(value_zv)) {
7797 zend_error_noreturn(E_COMPILE_ERROR,
7798 "Readonly property %s::$%s cannot have default value",
7799 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7800 }
7801 if (flags & ZEND_ACC_STATIC) {
7802 zend_error_noreturn(E_COMPILE_ERROR,
7803 "Static property %s::$%s cannot be readonly",
7804 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7805 }
7806 }
7807
7808 info = zend_declare_typed_property(ce, name, &value_zv, flags, doc_comment, type);
7809
7810 if (attr_ast) {
7811 zend_compile_attributes(&info->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_PROPERTY, 0);
7812 }
7813 }
7814 }
7815 /* }}} */
7816
zend_compile_prop_group(zend_ast * ast)7817 static void zend_compile_prop_group(zend_ast *ast) /* {{{ */
7818 {
7819 zend_ast *type_ast = ast->child[0];
7820 zend_ast *prop_ast = ast->child[1];
7821 zend_ast *attr_ast = ast->child[2];
7822
7823 zend_compile_prop_decl(prop_ast, type_ast, ast->attr, attr_ast);
7824 }
7825 /* }}} */
7826
zend_check_trait_alias_modifiers(uint32_t attr)7827 static void zend_check_trait_alias_modifiers(uint32_t attr) /* {{{ */
7828 {
7829 if (attr & ZEND_ACC_STATIC) {
7830 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"static\" as method modifier in trait alias");
7831 } else if (attr & ZEND_ACC_ABSTRACT) {
7832 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"abstract\" as method modifier in trait alias");
7833 }
7834 }
7835 /* }}} */
7836
zend_compile_class_const_decl(zend_ast * ast,uint32_t flags,zend_ast * attr_ast,zend_ast * type_ast)7837 static void zend_compile_class_const_decl(zend_ast *ast, uint32_t flags, zend_ast *attr_ast, zend_ast *type_ast)
7838 {
7839 zend_ast_list *list = zend_ast_get_list(ast);
7840 zend_class_entry *ce = CG(active_class_entry);
7841 uint32_t i, children = list->children;
7842
7843 for (i = 0; i < children; ++i) {
7844 zend_class_constant *c;
7845 zend_ast *const_ast = list->child[i];
7846 zend_ast *name_ast = const_ast->child[0];
7847 zend_ast **value_ast_ptr = &const_ast->child[1];
7848 zend_ast *doc_comment_ast = const_ast->child[2];
7849 zend_string *name = zval_make_interned_string(zend_ast_get_zval(name_ast));
7850 zend_string *doc_comment = doc_comment_ast ? zend_string_copy(zend_ast_get_str(doc_comment_ast)) : NULL;
7851 zval value_zv;
7852 zend_type type = ZEND_TYPE_INIT_NONE(0);
7853
7854 if (type_ast) {
7855 type = zend_compile_typename(type_ast, /* force_allow_null */ 0);
7856
7857 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
7858
7859 if (type_mask != MAY_BE_ANY && (type_mask & (MAY_BE_CALLABLE|MAY_BE_VOID|MAY_BE_NEVER))) {
7860 zend_string *type_str = zend_type_to_string(type);
7861
7862 zend_error_noreturn(E_COMPILE_ERROR, "Class constant %s::%s cannot have type %s",
7863 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(type_str));
7864 }
7865 }
7866
7867 if (UNEXPECTED((flags & ZEND_ACC_PRIVATE) && (flags & ZEND_ACC_FINAL))) {
7868 zend_error_noreturn(
7869 E_COMPILE_ERROR, "Private constant %s::%s cannot be final as it is not visible to other classes",
7870 ZSTR_VAL(ce->name), ZSTR_VAL(name)
7871 );
7872 }
7873
7874 zend_const_expr_to_zval(&value_zv, value_ast_ptr, /* allow_dynamic */ false);
7875
7876 if (!Z_CONSTANT(value_zv) && ZEND_TYPE_IS_SET(type) && !zend_is_valid_default_value(type, &value_zv)) {
7877 zend_string *type_str = zend_type_to_string(type);
7878
7879 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use %s as value for class constant %s::%s of type %s",
7880 zend_zval_type_name(&value_zv), ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(type_str));
7881 }
7882
7883 c = zend_declare_typed_class_constant(ce, name, &value_zv, flags, doc_comment, type);
7884
7885 if (attr_ast) {
7886 zend_compile_attributes(&c->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_CLASS_CONST, 0);
7887 }
7888 }
7889 }
7890
zend_compile_class_const_group(zend_ast * ast)7891 static void zend_compile_class_const_group(zend_ast *ast) /* {{{ */
7892 {
7893 zend_ast *const_ast = ast->child[0];
7894 zend_ast *attr_ast = ast->child[1];
7895 zend_ast *type_ast = ast->child[2];
7896
7897 zend_compile_class_const_decl(const_ast, ast->attr, attr_ast, type_ast);
7898 }
7899 /* }}} */
7900
zend_compile_method_ref(zend_ast * ast,zend_trait_method_reference * method_ref)7901 static void zend_compile_method_ref(zend_ast *ast, zend_trait_method_reference *method_ref) /* {{{ */
7902 {
7903 zend_ast *class_ast = ast->child[0];
7904 zend_ast *method_ast = ast->child[1];
7905
7906 method_ref->method_name = zend_string_copy(zend_ast_get_str(method_ast));
7907
7908 if (class_ast) {
7909 method_ref->class_name = zend_resolve_const_class_name_reference(class_ast, "trait name");
7910 } else {
7911 method_ref->class_name = NULL;
7912 }
7913 }
7914 /* }}} */
7915
zend_compile_trait_precedence(zend_ast * ast)7916 static void zend_compile_trait_precedence(zend_ast *ast) /* {{{ */
7917 {
7918 zend_ast *method_ref_ast = ast->child[0];
7919 zend_ast *insteadof_ast = ast->child[1];
7920 zend_ast_list *insteadof_list = zend_ast_get_list(insteadof_ast);
7921 uint32_t i;
7922
7923 zend_trait_precedence *precedence = emalloc(sizeof(zend_trait_precedence) + (insteadof_list->children - 1) * sizeof(zend_string*));
7924 zend_compile_method_ref(method_ref_ast, &precedence->trait_method);
7925 precedence->num_excludes = insteadof_list->children;
7926
7927 for (i = 0; i < insteadof_list->children; ++i) {
7928 zend_ast *name_ast = insteadof_list->child[i];
7929 precedence->exclude_class_names[i] =
7930 zend_resolve_const_class_name_reference(name_ast, "trait name");
7931 }
7932
7933 zend_add_to_list(&CG(active_class_entry)->trait_precedences, precedence);
7934 }
7935 /* }}} */
7936
zend_compile_trait_alias(zend_ast * ast)7937 static void zend_compile_trait_alias(zend_ast *ast) /* {{{ */
7938 {
7939 zend_ast *method_ref_ast = ast->child[0];
7940 zend_ast *alias_ast = ast->child[1];
7941 uint32_t modifiers = ast->attr;
7942
7943 zend_trait_alias *alias;
7944
7945 zend_check_trait_alias_modifiers(modifiers);
7946
7947 alias = emalloc(sizeof(zend_trait_alias));
7948 zend_compile_method_ref(method_ref_ast, &alias->trait_method);
7949 alias->modifiers = modifiers;
7950
7951 if (alias_ast) {
7952 alias->alias = zend_string_copy(zend_ast_get_str(alias_ast));
7953 } else {
7954 alias->alias = NULL;
7955 }
7956
7957 zend_add_to_list(&CG(active_class_entry)->trait_aliases, alias);
7958 }
7959 /* }}} */
7960
zend_compile_use_trait(zend_ast * ast)7961 static void zend_compile_use_trait(zend_ast *ast) /* {{{ */
7962 {
7963 zend_ast_list *traits = zend_ast_get_list(ast->child[0]);
7964 zend_ast_list *adaptations = ast->child[1] ? zend_ast_get_list(ast->child[1]) : NULL;
7965 zend_class_entry *ce = CG(active_class_entry);
7966 uint32_t i;
7967
7968 ce->trait_names = erealloc(ce->trait_names, sizeof(zend_class_name) * (ce->num_traits + traits->children));
7969
7970 for (i = 0; i < traits->children; ++i) {
7971 zend_ast *trait_ast = traits->child[i];
7972
7973 if (ce->ce_flags & ZEND_ACC_INTERFACE) {
7974 zend_string *name = zend_ast_get_str(trait_ast);
7975 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use traits inside of interfaces. "
7976 "%s is used in %s", ZSTR_VAL(name), ZSTR_VAL(ce->name));
7977 }
7978
7979 ce->trait_names[ce->num_traits].name =
7980 zend_resolve_const_class_name_reference(trait_ast, "trait name");
7981 ce->trait_names[ce->num_traits].lc_name = zend_string_tolower(ce->trait_names[ce->num_traits].name);
7982 ce->num_traits++;
7983 }
7984
7985 if (!adaptations) {
7986 return;
7987 }
7988
7989 for (i = 0; i < adaptations->children; ++i) {
7990 zend_ast *adaptation_ast = adaptations->child[i];
7991 switch (adaptation_ast->kind) {
7992 case ZEND_AST_TRAIT_PRECEDENCE:
7993 zend_compile_trait_precedence(adaptation_ast);
7994 break;
7995 case ZEND_AST_TRAIT_ALIAS:
7996 zend_compile_trait_alias(adaptation_ast);
7997 break;
7998 EMPTY_SWITCH_DEFAULT_CASE()
7999 }
8000 }
8001 }
8002 /* }}} */
8003
zend_compile_implements(zend_ast * ast)8004 static void zend_compile_implements(zend_ast *ast) /* {{{ */
8005 {
8006 zend_ast_list *list = zend_ast_get_list(ast);
8007 zend_class_entry *ce = CG(active_class_entry);
8008 zend_class_name *interface_names;
8009 uint32_t i;
8010
8011 interface_names = emalloc(sizeof(zend_class_name) * list->children);
8012
8013 for (i = 0; i < list->children; ++i) {
8014 zend_ast *class_ast = list->child[i];
8015 interface_names[i].name =
8016 zend_resolve_const_class_name_reference(class_ast, "interface name");
8017 interface_names[i].lc_name = zend_string_tolower(interface_names[i].name);
8018 }
8019
8020 ce->num_interfaces = list->children;
8021 ce->interface_names = interface_names;
8022 }
8023 /* }}} */
8024
zend_generate_anon_class_name(zend_ast_decl * decl)8025 static zend_string *zend_generate_anon_class_name(zend_ast_decl *decl)
8026 {
8027 zend_string *filename = CG(active_op_array)->filename;
8028 uint32_t start_lineno = decl->start_lineno;
8029
8030 /* Use parent or first interface as prefix. */
8031 zend_string *prefix = ZSTR_KNOWN(ZEND_STR_CLASS);
8032 if (decl->child[0]) {
8033 prefix = zend_resolve_const_class_name_reference(decl->child[0], "class name");
8034 } else if (decl->child[1]) {
8035 zend_ast_list *list = zend_ast_get_list(decl->child[1]);
8036 prefix = zend_resolve_const_class_name_reference(list->child[0], "interface name");
8037 }
8038
8039 zend_string *result = zend_strpprintf(0, "%s@anonymous%c%s:%" PRIu32 "$%" PRIx32,
8040 ZSTR_VAL(prefix), '\0', ZSTR_VAL(filename), start_lineno, CG(rtd_key_counter)++);
8041 zend_string_release(prefix);
8042 return zend_new_interned_string(result);
8043 }
8044
zend_compile_enum_backing_type(zend_class_entry * ce,zend_ast * enum_backing_type_ast)8045 static void zend_compile_enum_backing_type(zend_class_entry *ce, zend_ast *enum_backing_type_ast)
8046 {
8047 ZEND_ASSERT(ce->ce_flags & ZEND_ACC_ENUM);
8048 zend_type type = zend_compile_typename(enum_backing_type_ast, 0);
8049 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
8050 if (ZEND_TYPE_IS_COMPLEX(type) || (type_mask != MAY_BE_LONG && type_mask != MAY_BE_STRING)) {
8051 zend_string *type_string = zend_type_to_string(type);
8052 zend_error_noreturn(E_COMPILE_ERROR,
8053 "Enum backing type must be int or string, %s given",
8054 ZSTR_VAL(type_string));
8055 }
8056 if (type_mask == MAY_BE_LONG) {
8057 ce->enum_backing_type = IS_LONG;
8058 } else {
8059 ZEND_ASSERT(type_mask == MAY_BE_STRING);
8060 ce->enum_backing_type = IS_STRING;
8061 }
8062 zend_type_release(type, 0);
8063 }
8064
zend_compile_class_decl(znode * result,zend_ast * ast,bool toplevel)8065 static void zend_compile_class_decl(znode *result, zend_ast *ast, bool toplevel) /* {{{ */
8066 {
8067 zend_ast_decl *decl = (zend_ast_decl *) ast;
8068 zend_ast *extends_ast = decl->child[0];
8069 zend_ast *implements_ast = decl->child[1];
8070 zend_ast *stmt_ast = decl->child[2];
8071 zend_ast *enum_backing_type_ast = decl->child[4];
8072 zend_string *name, *lcname;
8073 zend_class_entry *ce = zend_arena_alloc(&CG(arena), sizeof(zend_class_entry));
8074 zend_op *opline;
8075
8076 zend_class_entry *original_ce = CG(active_class_entry);
8077
8078 if (EXPECTED((decl->flags & ZEND_ACC_ANON_CLASS) == 0)) {
8079 zend_string *unqualified_name = decl->name;
8080
8081 if (CG(active_class_entry)) {
8082 zend_error_noreturn(E_COMPILE_ERROR, "Class declarations may not be nested");
8083 }
8084
8085 zend_assert_valid_class_name(unqualified_name);
8086 name = zend_prefix_with_ns(unqualified_name);
8087 name = zend_new_interned_string(name);
8088 lcname = zend_string_tolower(name);
8089
8090 if (FC(imports)) {
8091 zend_string *import_name =
8092 zend_hash_find_ptr_lc(FC(imports), unqualified_name);
8093 if (import_name && !zend_string_equals_ci(lcname, import_name)) {
8094 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare class %s "
8095 "because the name is already in use", ZSTR_VAL(name));
8096 }
8097 }
8098
8099 zend_register_seen_symbol(lcname, ZEND_SYMBOL_CLASS);
8100 } else {
8101 /* Find an anon class name that is not in use yet. */
8102 name = NULL;
8103 lcname = NULL;
8104 do {
8105 zend_tmp_string_release(name);
8106 zend_tmp_string_release(lcname);
8107 name = zend_generate_anon_class_name(decl);
8108 lcname = zend_string_tolower(name);
8109 } while (zend_hash_exists(CG(class_table), lcname));
8110 }
8111 lcname = zend_new_interned_string(lcname);
8112
8113 ce->type = ZEND_USER_CLASS;
8114 ce->name = name;
8115 zend_initialize_class_data(ce, 1);
8116 if (!(decl->flags & ZEND_ACC_ANON_CLASS)) {
8117 zend_alloc_ce_cache(ce->name);
8118 }
8119
8120 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
8121 ce->ce_flags |= ZEND_ACC_PRELOADED;
8122 ZEND_MAP_PTR_NEW(ce->static_members_table);
8123 ZEND_MAP_PTR_NEW(ce->mutable_data);
8124 }
8125
8126 ce->ce_flags |= decl->flags;
8127 ce->info.user.filename = zend_string_copy(zend_get_compiled_filename());
8128 ce->info.user.line_start = decl->start_lineno;
8129 ce->info.user.line_end = decl->end_lineno;
8130
8131 if (decl->doc_comment) {
8132 ce->info.user.doc_comment = zend_string_copy(decl->doc_comment);
8133 }
8134
8135 if (UNEXPECTED((decl->flags & ZEND_ACC_ANON_CLASS))) {
8136 /* Serialization is not supported for anonymous classes */
8137 ce->ce_flags |= ZEND_ACC_NOT_SERIALIZABLE;
8138 }
8139
8140 if (extends_ast) {
8141 ce->parent_name =
8142 zend_resolve_const_class_name_reference(extends_ast, "class name");
8143 }
8144
8145 CG(active_class_entry) = ce;
8146
8147 if (decl->child[3]) {
8148 zend_compile_attributes(&ce->attributes, decl->child[3], 0, ZEND_ATTRIBUTE_TARGET_CLASS, 0);
8149 }
8150
8151 if (implements_ast) {
8152 zend_compile_implements(implements_ast);
8153 }
8154
8155 if (ce->ce_flags & ZEND_ACC_ENUM) {
8156 if (enum_backing_type_ast != NULL) {
8157 zend_compile_enum_backing_type(ce, enum_backing_type_ast);
8158 }
8159 zend_enum_add_interfaces(ce);
8160 zend_enum_register_props(ce);
8161 }
8162
8163 zend_compile_stmt(stmt_ast);
8164
8165 /* Reset lineno for final opcodes and errors */
8166 CG(zend_lineno) = ast->lineno;
8167
8168 if ((ce->ce_flags & (ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_INTERFACE|ZEND_ACC_TRAIT|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) == ZEND_ACC_IMPLICIT_ABSTRACT_CLASS) {
8169 zend_verify_abstract_class(ce);
8170 }
8171
8172 CG(active_class_entry) = original_ce;
8173
8174 if (toplevel) {
8175 ce->ce_flags |= ZEND_ACC_TOP_LEVEL;
8176 }
8177
8178 /* We currently don't early-bind classes that implement interfaces or use traits */
8179 if (!ce->num_interfaces && !ce->num_traits
8180 && !(CG(compiler_options) & ZEND_COMPILE_WITHOUT_EXECUTION)) {
8181 if (toplevel) {
8182 if (extends_ast) {
8183 zend_class_entry *parent_ce = zend_lookup_class_ex(
8184 ce->parent_name, NULL, ZEND_FETCH_CLASS_NO_AUTOLOAD);
8185
8186 if (parent_ce
8187 && !zend_compile_ignore_class(parent_ce, ce->info.user.filename)) {
8188 if (zend_try_early_bind(ce, parent_ce, lcname, NULL)) {
8189 zend_string_release(lcname);
8190 return;
8191 }
8192 }
8193 } else if (EXPECTED(zend_hash_add_ptr(CG(class_table), lcname, ce) != NULL)) {
8194 zend_string_release(lcname);
8195 zend_build_properties_info_table(ce);
8196 zend_inheritance_check_override(ce);
8197 ce->ce_flags |= ZEND_ACC_LINKED;
8198 zend_observer_class_linked_notify(ce, lcname);
8199 return;
8200 } else {
8201 goto link_unbound;
8202 }
8203 } else if (!extends_ast) {
8204 link_unbound:
8205 /* Link unbound simple class */
8206 zend_build_properties_info_table(ce);
8207 zend_inheritance_check_override(ce);
8208 ce->ce_flags |= ZEND_ACC_LINKED;
8209 }
8210 }
8211
8212 opline = get_next_op();
8213
8214 if (ce->parent_name) {
8215 /* Lowercased parent name */
8216 zend_string *lc_parent_name = zend_string_tolower(ce->parent_name);
8217 opline->op2_type = IS_CONST;
8218 LITERAL_STR(opline->op2, lc_parent_name);
8219 }
8220
8221 opline->op1_type = IS_CONST;
8222 LITERAL_STR(opline->op1, lcname);
8223
8224 if (decl->flags & ZEND_ACC_ANON_CLASS) {
8225 opline->opcode = ZEND_DECLARE_ANON_CLASS;
8226 opline->extended_value = zend_alloc_cache_slot();
8227 zend_make_var_result(result, opline);
8228 if (!zend_hash_add_ptr(CG(class_table), lcname, ce)) {
8229 /* We checked above that the class name is not used. This really shouldn't happen. */
8230 zend_error_noreturn(E_ERROR,
8231 "Runtime definition key collision for %s. This is a bug", ZSTR_VAL(name));
8232 }
8233 } else {
8234 /* Generate RTD keys until we find one that isn't in use yet. */
8235 zend_string *key = NULL;
8236 do {
8237 zend_tmp_string_release(key);
8238 key = zend_build_runtime_definition_key(lcname, decl->start_lineno);
8239 } while (!zend_hash_add_ptr(CG(class_table), key, ce));
8240
8241 /* RTD key is placed after lcname literal in op1 */
8242 zend_add_literal_string(&key);
8243
8244 opline->opcode = ZEND_DECLARE_CLASS;
8245 if (toplevel
8246 && (CG(compiler_options) & ZEND_COMPILE_DELAYED_BINDING)
8247 /* We currently don't early-bind classes that implement interfaces or use traits */
8248 && !ce->num_interfaces && !ce->num_traits
8249 ) {
8250 if (!extends_ast) {
8251 /* Use empty string for classes without parents to avoid new handler, and special
8252 * handling of zend_early_binding. */
8253 opline->op2_type = IS_CONST;
8254 LITERAL_STR(opline->op2, ZSTR_EMPTY_ALLOC());
8255 }
8256 CG(active_op_array)->fn_flags |= ZEND_ACC_EARLY_BINDING;
8257 opline->opcode = ZEND_DECLARE_CLASS_DELAYED;
8258 opline->extended_value = zend_alloc_cache_slot();
8259 opline->result_type = IS_UNUSED;
8260 opline->result.opline_num = -1;
8261 }
8262 }
8263 }
8264 /* }}} */
8265
zend_compile_enum_case(zend_ast * ast)8266 static void zend_compile_enum_case(zend_ast *ast)
8267 {
8268 zend_class_entry *enum_class = CG(active_class_entry);
8269 if (!(enum_class->ce_flags & ZEND_ACC_ENUM)) {
8270 zend_error_noreturn(E_COMPILE_ERROR, "Case can only be used in enums");
8271 }
8272
8273 zend_string *enum_case_name = zval_make_interned_string(zend_ast_get_zval(ast->child[0]));
8274 zend_string *enum_class_name = enum_class->name;
8275
8276 zval class_name_zval;
8277 ZVAL_STR_COPY(&class_name_zval, enum_class_name);
8278 zend_ast *class_name_ast = zend_ast_create_zval(&class_name_zval);
8279
8280 zval case_name_zval;
8281 ZVAL_STR_COPY(&case_name_zval, enum_case_name);
8282 zend_ast *case_name_ast = zend_ast_create_zval(&case_name_zval);
8283
8284 zend_ast *case_value_ast = ast->child[1];
8285 // Remove case_value_ast from the original AST to avoid freeing it, as it will be freed by zend_const_expr_to_zval
8286 ast->child[1] = NULL;
8287 if (enum_class->enum_backing_type != IS_UNDEF && case_value_ast == NULL) {
8288 zend_error_noreturn(E_COMPILE_ERROR, "Case %s of backed enum %s must have a value",
8289 ZSTR_VAL(enum_case_name),
8290 ZSTR_VAL(enum_class_name));
8291 } else if (enum_class->enum_backing_type == IS_UNDEF && case_value_ast != NULL) {
8292 zend_error_noreturn(E_COMPILE_ERROR, "Case %s of non-backed enum %s must not have a value",
8293 ZSTR_VAL(enum_case_name),
8294 ZSTR_VAL(enum_class_name));
8295 }
8296
8297 zend_ast *const_enum_init_ast = zend_ast_create(ZEND_AST_CONST_ENUM_INIT, class_name_ast, case_name_ast, case_value_ast);
8298
8299 zval value_zv;
8300 zend_const_expr_to_zval(&value_zv, &const_enum_init_ast, /* allow_dynamic */ false);
8301
8302 /* Doc comment has been appended as second last element in ZEND_AST_ENUM ast - attributes are conventionally last */
8303 zend_ast *doc_comment_ast = ast->child[2];
8304 zend_string *doc_comment = NULL;
8305 if (doc_comment_ast) {
8306 doc_comment = zend_string_copy(zend_ast_get_str(doc_comment_ast));
8307 }
8308
8309 zend_class_constant *c = zend_declare_class_constant_ex(enum_class, enum_case_name, &value_zv, ZEND_ACC_PUBLIC, doc_comment);
8310 ZEND_CLASS_CONST_FLAGS(c) |= ZEND_CLASS_CONST_IS_CASE;
8311 zend_ast_destroy(const_enum_init_ast);
8312
8313 zend_ast *attr_ast = ast->child[3];
8314 if (attr_ast) {
8315 zend_compile_attributes(&c->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_CLASS_CONST, 0);
8316 }
8317 }
8318
zend_get_import_ht(uint32_t type)8319 static HashTable *zend_get_import_ht(uint32_t type) /* {{{ */
8320 {
8321 switch (type) {
8322 case ZEND_SYMBOL_CLASS:
8323 if (!FC(imports)) {
8324 FC(imports) = emalloc(sizeof(HashTable));
8325 zend_hash_init(FC(imports), 8, NULL, str_dtor, 0);
8326 }
8327 return FC(imports);
8328 case ZEND_SYMBOL_FUNCTION:
8329 if (!FC(imports_function)) {
8330 FC(imports_function) = emalloc(sizeof(HashTable));
8331 zend_hash_init(FC(imports_function), 8, NULL, str_dtor, 0);
8332 }
8333 return FC(imports_function);
8334 case ZEND_SYMBOL_CONST:
8335 if (!FC(imports_const)) {
8336 FC(imports_const) = emalloc(sizeof(HashTable));
8337 zend_hash_init(FC(imports_const), 8, NULL, str_dtor, 0);
8338 }
8339 return FC(imports_const);
8340 EMPTY_SWITCH_DEFAULT_CASE()
8341 }
8342
8343 return NULL;
8344 }
8345 /* }}} */
8346
zend_get_use_type_str(uint32_t type)8347 static char *zend_get_use_type_str(uint32_t type) /* {{{ */
8348 {
8349 switch (type) {
8350 case ZEND_SYMBOL_CLASS:
8351 return "";
8352 case ZEND_SYMBOL_FUNCTION:
8353 return " function";
8354 case ZEND_SYMBOL_CONST:
8355 return " const";
8356 EMPTY_SWITCH_DEFAULT_CASE()
8357 }
8358
8359 return " unknown";
8360 }
8361 /* }}} */
8362
zend_check_already_in_use(uint32_t type,zend_string * old_name,zend_string * new_name,zend_string * check_name)8363 static void zend_check_already_in_use(uint32_t type, zend_string *old_name, zend_string *new_name, zend_string *check_name) /* {{{ */
8364 {
8365 if (zend_string_equals_ci(old_name, check_name)) {
8366 return;
8367 }
8368
8369 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use%s %s as %s because the name "
8370 "is already in use", zend_get_use_type_str(type), ZSTR_VAL(old_name), ZSTR_VAL(new_name));
8371 }
8372 /* }}} */
8373
zend_compile_use(zend_ast * ast)8374 static void zend_compile_use(zend_ast *ast) /* {{{ */
8375 {
8376 zend_ast_list *list = zend_ast_get_list(ast);
8377 uint32_t i;
8378 zend_string *current_ns = FC(current_namespace);
8379 uint32_t type = ast->attr;
8380 HashTable *current_import = zend_get_import_ht(type);
8381 bool case_sensitive = type == ZEND_SYMBOL_CONST;
8382
8383 for (i = 0; i < list->children; ++i) {
8384 zend_ast *use_ast = list->child[i];
8385 zend_ast *old_name_ast = use_ast->child[0];
8386 zend_ast *new_name_ast = use_ast->child[1];
8387 zend_string *old_name = zend_ast_get_str(old_name_ast);
8388 zend_string *new_name, *lookup_name;
8389
8390 if (new_name_ast) {
8391 new_name = zend_string_copy(zend_ast_get_str(new_name_ast));
8392 } else {
8393 const char *unqualified_name;
8394 size_t unqualified_name_len;
8395 if (zend_get_unqualified_name(old_name, &unqualified_name, &unqualified_name_len)) {
8396 /* The form "use A\B" is equivalent to "use A\B as B" */
8397 new_name = zend_string_init(unqualified_name, unqualified_name_len, 0);
8398 } else {
8399 new_name = zend_string_copy(old_name);
8400
8401 if (!current_ns) {
8402 zend_error(E_WARNING, "The use statement with non-compound name '%s' "
8403 "has no effect", ZSTR_VAL(new_name));
8404 }
8405 }
8406 }
8407
8408 if (case_sensitive) {
8409 lookup_name = zend_string_copy(new_name);
8410 } else {
8411 lookup_name = zend_string_tolower(new_name);
8412 }
8413
8414 if (type == ZEND_SYMBOL_CLASS && zend_is_reserved_class_name(new_name)) {
8415 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use %s as %s because '%s' "
8416 "is a special class name", ZSTR_VAL(old_name), ZSTR_VAL(new_name), ZSTR_VAL(new_name));
8417 }
8418
8419 if (current_ns) {
8420 zend_string *ns_name = zend_string_alloc(ZSTR_LEN(current_ns) + 1 + ZSTR_LEN(new_name), 0);
8421 zend_str_tolower_copy(ZSTR_VAL(ns_name), ZSTR_VAL(current_ns), ZSTR_LEN(current_ns));
8422 ZSTR_VAL(ns_name)[ZSTR_LEN(current_ns)] = '\\';
8423 memcpy(ZSTR_VAL(ns_name) + ZSTR_LEN(current_ns) + 1, ZSTR_VAL(lookup_name), ZSTR_LEN(lookup_name) + 1);
8424
8425 if (zend_have_seen_symbol(ns_name, type)) {
8426 zend_check_already_in_use(type, old_name, new_name, ns_name);
8427 }
8428
8429 zend_string_efree(ns_name);
8430 } else if (zend_have_seen_symbol(lookup_name, type)) {
8431 zend_check_already_in_use(type, old_name, new_name, lookup_name);
8432 }
8433
8434 zend_string_addref(old_name);
8435 old_name = zend_new_interned_string(old_name);
8436 if (!zend_hash_add_ptr(current_import, lookup_name, old_name)) {
8437 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use%s %s as %s because the name "
8438 "is already in use", zend_get_use_type_str(type), ZSTR_VAL(old_name), ZSTR_VAL(new_name));
8439 }
8440
8441 zend_string_release_ex(lookup_name, 0);
8442 zend_string_release_ex(new_name, 0);
8443 }
8444 }
8445 /* }}} */
8446
zend_compile_group_use(zend_ast * ast)8447 static void zend_compile_group_use(zend_ast *ast) /* {{{ */
8448 {
8449 uint32_t i;
8450 zend_string *ns = zend_ast_get_str(ast->child[0]);
8451 zend_ast_list *list = zend_ast_get_list(ast->child[1]);
8452
8453 for (i = 0; i < list->children; i++) {
8454 zend_ast *inline_use, *use = list->child[i];
8455 zval *name_zval = zend_ast_get_zval(use->child[0]);
8456 zend_string *name = Z_STR_P(name_zval);
8457 zend_string *compound_ns = zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
8458 zend_string_release_ex(name, 0);
8459 ZVAL_STR(name_zval, compound_ns);
8460 inline_use = zend_ast_create_list(1, ZEND_AST_USE, use);
8461 inline_use->attr = ast->attr ? ast->attr : use->attr;
8462 zend_compile_use(inline_use);
8463 }
8464 }
8465 /* }}} */
8466
zend_compile_const_decl(zend_ast * ast)8467 static void zend_compile_const_decl(zend_ast *ast) /* {{{ */
8468 {
8469 zend_ast_list *list = zend_ast_get_list(ast);
8470 uint32_t i;
8471 for (i = 0; i < list->children; ++i) {
8472 zend_ast *const_ast = list->child[i];
8473 zend_ast *name_ast = const_ast->child[0];
8474 zend_ast **value_ast_ptr = &const_ast->child[1];
8475 zend_string *unqualified_name = zend_ast_get_str(name_ast);
8476
8477 zend_string *name;
8478 znode name_node, value_node;
8479 zval *value_zv = &value_node.u.constant;
8480
8481 value_node.op_type = IS_CONST;
8482 zend_const_expr_to_zval(value_zv, value_ast_ptr, /* allow_dynamic */ true);
8483
8484 if (zend_get_special_const(ZSTR_VAL(unqualified_name), ZSTR_LEN(unqualified_name))) {
8485 zend_error_noreturn(E_COMPILE_ERROR,
8486 "Cannot redeclare constant '%s'", ZSTR_VAL(unqualified_name));
8487 }
8488
8489 name = zend_prefix_with_ns(unqualified_name);
8490 name = zend_new_interned_string(name);
8491
8492 if (FC(imports_const)) {
8493 zend_string *import_name = zend_hash_find_ptr(FC(imports_const), unqualified_name);
8494 if (import_name && !zend_string_equals(import_name, name)) {
8495 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare const %s because "
8496 "the name is already in use", ZSTR_VAL(name));
8497 }
8498 }
8499
8500 name_node.op_type = IS_CONST;
8501 ZVAL_STR(&name_node.u.constant, name);
8502
8503 zend_emit_op(NULL, ZEND_DECLARE_CONST, &name_node, &value_node);
8504
8505 zend_register_seen_symbol(name, ZEND_SYMBOL_CONST);
8506 }
8507 }
8508 /* }}}*/
8509
zend_compile_namespace(zend_ast * ast)8510 static void zend_compile_namespace(zend_ast *ast) /* {{{ */
8511 {
8512 zend_ast *name_ast = ast->child[0];
8513 zend_ast *stmt_ast = ast->child[1];
8514 zend_string *name;
8515 bool with_bracket = stmt_ast != NULL;
8516
8517 /* handle mixed syntax declaration or nested namespaces */
8518 if (!FC(has_bracketed_namespaces)) {
8519 if (FC(current_namespace)) {
8520 /* previous namespace declarations were unbracketed */
8521 if (with_bracket) {
8522 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix bracketed namespace declarations "
8523 "with unbracketed namespace declarations");
8524 }
8525 }
8526 } else {
8527 /* previous namespace declarations were bracketed */
8528 if (!with_bracket) {
8529 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix bracketed namespace declarations "
8530 "with unbracketed namespace declarations");
8531 } else if (FC(current_namespace) || FC(in_namespace)) {
8532 zend_error_noreturn(E_COMPILE_ERROR, "Namespace declarations cannot be nested");
8533 }
8534 }
8535
8536 bool is_first_namespace = (!with_bracket && !FC(current_namespace))
8537 || (with_bracket && !FC(has_bracketed_namespaces));
8538 if (is_first_namespace && FAILURE == zend_is_first_statement(ast, /* allow_nop */ 1)) {
8539 zend_error_noreturn(E_COMPILE_ERROR, "Namespace declaration statement has to be "
8540 "the very first statement or after any declare call in the script");
8541 }
8542
8543 if (FC(current_namespace)) {
8544 zend_string_release_ex(FC(current_namespace), 0);
8545 }
8546
8547 if (name_ast) {
8548 name = zend_ast_get_str(name_ast);
8549
8550 if (zend_string_equals_literal_ci(name, "namespace")) {
8551 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use '%s' as namespace name", ZSTR_VAL(name));
8552 }
8553
8554 FC(current_namespace) = zend_string_copy(name);
8555 } else {
8556 FC(current_namespace) = NULL;
8557 }
8558
8559 zend_reset_import_tables();
8560
8561 FC(in_namespace) = 1;
8562 if (with_bracket) {
8563 FC(has_bracketed_namespaces) = 1;
8564 }
8565
8566 if (stmt_ast) {
8567 zend_compile_top_stmt(stmt_ast);
8568 zend_end_namespace();
8569 }
8570 }
8571 /* }}} */
8572
zend_compile_halt_compiler(zend_ast * ast)8573 static void zend_compile_halt_compiler(zend_ast *ast) /* {{{ */
8574 {
8575 zend_ast *offset_ast = ast->child[0];
8576 zend_long offset = Z_LVAL_P(zend_ast_get_zval(offset_ast));
8577
8578 zend_string *filename, *name;
8579 const char const_name[] = "__COMPILER_HALT_OFFSET__";
8580
8581 if (FC(has_bracketed_namespaces) && FC(in_namespace)) {
8582 zend_error_noreturn(E_COMPILE_ERROR,
8583 "__HALT_COMPILER() can only be used from the outermost scope");
8584 }
8585
8586 filename = zend_get_compiled_filename();
8587 name = zend_mangle_property_name(const_name, sizeof(const_name) - 1,
8588 ZSTR_VAL(filename), ZSTR_LEN(filename), 0);
8589
8590 zend_register_long_constant(ZSTR_VAL(name), ZSTR_LEN(name), offset, 0, 0);
8591 zend_string_release_ex(name, 0);
8592 }
8593 /* }}} */
8594
zend_try_ct_eval_magic_const(zval * zv,zend_ast * ast)8595 static bool zend_try_ct_eval_magic_const(zval *zv, zend_ast *ast) /* {{{ */
8596 {
8597 zend_op_array *op_array = CG(active_op_array);
8598 zend_class_entry *ce = CG(active_class_entry);
8599
8600 switch (ast->attr) {
8601 case T_LINE:
8602 ZVAL_LONG(zv, ast->lineno);
8603 break;
8604 case T_FILE:
8605 ZVAL_STR_COPY(zv, CG(compiled_filename));
8606 break;
8607 case T_DIR:
8608 {
8609 zend_string *filename = CG(compiled_filename);
8610 zend_string *dirname = zend_string_init(ZSTR_VAL(filename), ZSTR_LEN(filename), 0);
8611 #ifdef ZEND_WIN32
8612 ZSTR_LEN(dirname) = php_win32_ioutil_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
8613 #else
8614 ZSTR_LEN(dirname) = zend_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
8615 #endif
8616
8617 if (zend_string_equals_literal(dirname, ".")) {
8618 dirname = zend_string_extend(dirname, MAXPATHLEN, 0);
8619 #if HAVE_GETCWD
8620 ZEND_IGNORE_VALUE(VCWD_GETCWD(ZSTR_VAL(dirname), MAXPATHLEN));
8621 #elif HAVE_GETWD
8622 ZEND_IGNORE_VALUE(VCWD_GETWD(ZSTR_VAL(dirname)));
8623 #endif
8624 ZSTR_LEN(dirname) = strlen(ZSTR_VAL(dirname));
8625 }
8626
8627 ZVAL_STR(zv, dirname);
8628 break;
8629 }
8630 case T_FUNC_C:
8631 if (op_array && op_array->function_name) {
8632 ZVAL_STR_COPY(zv, op_array->function_name);
8633 } else {
8634 ZVAL_EMPTY_STRING(zv);
8635 }
8636 break;
8637 case T_METHOD_C:
8638 /* Detect whether we are directly inside a class (e.g. a class constant) and treat
8639 * this as not being inside a function. */
8640 if (op_array && ce && !op_array->scope && !(op_array->fn_flags & ZEND_ACC_CLOSURE)) {
8641 op_array = NULL;
8642 }
8643 if (op_array && op_array->function_name) {
8644 if (op_array->scope) {
8645 ZVAL_NEW_STR(zv,
8646 zend_create_member_string(op_array->scope->name, op_array->function_name));
8647 } else {
8648 ZVAL_STR_COPY(zv, op_array->function_name);
8649 }
8650 } else {
8651 ZVAL_EMPTY_STRING(zv);
8652 }
8653 break;
8654 case T_CLASS_C:
8655 if (ce) {
8656 if ((ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
8657 return 0;
8658 } else {
8659 ZVAL_STR_COPY(zv, ce->name);
8660 }
8661 } else {
8662 ZVAL_EMPTY_STRING(zv);
8663 }
8664 break;
8665 case T_TRAIT_C:
8666 if (ce && (ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
8667 ZVAL_STR_COPY(zv, ce->name);
8668 } else {
8669 ZVAL_EMPTY_STRING(zv);
8670 }
8671 break;
8672 case T_NS_C:
8673 if (FC(current_namespace)) {
8674 ZVAL_STR_COPY(zv, FC(current_namespace));
8675 } else {
8676 ZVAL_EMPTY_STRING(zv);
8677 }
8678 break;
8679 EMPTY_SWITCH_DEFAULT_CASE()
8680 }
8681
8682 return 1;
8683 }
8684 /* }}} */
8685
zend_is_op_long_compatible(const zval * op)8686 ZEND_API bool zend_is_op_long_compatible(const zval *op)
8687 {
8688 if (Z_TYPE_P(op) == IS_ARRAY) {
8689 return false;
8690 }
8691
8692 if (Z_TYPE_P(op) == IS_DOUBLE
8693 && !zend_is_long_compatible(Z_DVAL_P(op), zend_dval_to_lval(Z_DVAL_P(op)))) {
8694 return false;
8695 }
8696
8697 if (Z_TYPE_P(op) == IS_STRING) {
8698 double dval = 0;
8699 uint8_t is_num = is_numeric_str_function(Z_STR_P(op), NULL, &dval);
8700 if (is_num == 0 || (is_num == IS_DOUBLE && !zend_is_long_compatible(dval, zend_dval_to_lval(dval)))) {
8701 return false;
8702 }
8703 }
8704
8705 return true;
8706 }
8707
zend_binary_op_produces_error(uint32_t opcode,const zval * op1,const zval * op2)8708 ZEND_API bool zend_binary_op_produces_error(uint32_t opcode, const zval *op1, const zval *op2) /* {{{ */
8709 {
8710 if ((opcode == ZEND_CONCAT || opcode == ZEND_FAST_CONCAT)) {
8711 /* Array to string warning. */
8712 return Z_TYPE_P(op1) == IS_ARRAY || Z_TYPE_P(op2) == IS_ARRAY;
8713 }
8714
8715 if (!(opcode == ZEND_ADD || opcode == ZEND_SUB || opcode == ZEND_MUL || opcode == ZEND_DIV
8716 || opcode == ZEND_POW || opcode == ZEND_MOD || opcode == ZEND_SL || opcode == ZEND_SR
8717 || opcode == ZEND_BW_OR || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR)) {
8718 /* Only the numeric operations throw errors. */
8719 return 0;
8720 }
8721
8722 if (Z_TYPE_P(op1) == IS_ARRAY || Z_TYPE_P(op2) == IS_ARRAY) {
8723 if (opcode == ZEND_ADD && Z_TYPE_P(op1) == IS_ARRAY && Z_TYPE_P(op2) == IS_ARRAY) {
8724 /* Adding two arrays is allowed. */
8725 return 0;
8726 }
8727
8728 /* Numeric operators throw when one of the operands is an array. */
8729 return 1;
8730 }
8731
8732 /* While basic arithmetic operators always produce numeric string errors,
8733 * bitwise operators don't produce errors if both operands are strings */
8734 if ((opcode == ZEND_BW_OR || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR)
8735 && Z_TYPE_P(op1) == IS_STRING && Z_TYPE_P(op2) == IS_STRING) {
8736 return 0;
8737 }
8738
8739 if (Z_TYPE_P(op1) == IS_STRING
8740 && !is_numeric_string(Z_STRVAL_P(op1), Z_STRLEN_P(op1), NULL, NULL, 0)) {
8741 return 1;
8742 }
8743
8744 if (Z_TYPE_P(op2) == IS_STRING
8745 && !is_numeric_string(Z_STRVAL_P(op2), Z_STRLEN_P(op2), NULL, NULL, 0)) {
8746 return 1;
8747 }
8748
8749 if ((opcode == ZEND_MOD && zval_get_long(op2) == 0)
8750 || (opcode == ZEND_DIV && zval_get_double(op2) == 0.0)) {
8751 /* Division by zero throws an error. */
8752 return 1;
8753 }
8754 if ((opcode == ZEND_SL || opcode == ZEND_SR) && zval_get_long(op2) < 0) {
8755 /* Shift by negative number throws an error. */
8756 return 1;
8757 }
8758
8759 /* Operation which cast float/float-strings to integers might produce incompatible float to int errors */
8760 if (opcode == ZEND_SL || opcode == ZEND_SR || opcode == ZEND_BW_OR
8761 || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR || opcode == ZEND_MOD) {
8762 return !zend_is_op_long_compatible(op1) || !zend_is_op_long_compatible(op2);
8763 }
8764
8765 return 0;
8766 }
8767 /* }}} */
8768
zend_try_ct_eval_binary_op(zval * result,uint32_t opcode,zval * op1,zval * op2)8769 static inline bool zend_try_ct_eval_binary_op(zval *result, uint32_t opcode, zval *op1, zval *op2) /* {{{ */
8770 {
8771 if (zend_binary_op_produces_error(opcode, op1, op2)) {
8772 return 0;
8773 }
8774
8775 binary_op_type fn = get_binary_op(opcode);
8776 fn(result, op1, op2);
8777 return 1;
8778 }
8779 /* }}} */
8780
zend_unary_op_produces_error(uint32_t opcode,const zval * op)8781 ZEND_API bool zend_unary_op_produces_error(uint32_t opcode, const zval *op)
8782 {
8783 if (opcode == ZEND_BW_NOT) {
8784 /* BW_NOT on string does not convert the string into an integer. */
8785 if (Z_TYPE_P(op) == IS_STRING) {
8786 return 0;
8787 }
8788 return Z_TYPE_P(op) <= IS_TRUE || !zend_is_op_long_compatible(op);
8789 }
8790
8791 return 0;
8792 }
8793
zend_try_ct_eval_unary_op(zval * result,uint32_t opcode,zval * op)8794 static inline bool zend_try_ct_eval_unary_op(zval *result, uint32_t opcode, zval *op) /* {{{ */
8795 {
8796 if (zend_unary_op_produces_error(opcode, op)) {
8797 return 0;
8798 }
8799
8800 unary_op_type fn = get_unary_op(opcode);
8801 fn(result, op);
8802 return 1;
8803 }
8804 /* }}} */
8805
zend_try_ct_eval_unary_pm(zval * result,zend_ast_kind kind,zval * op)8806 static inline bool zend_try_ct_eval_unary_pm(zval *result, zend_ast_kind kind, zval *op) /* {{{ */
8807 {
8808 zval right;
8809 ZVAL_LONG(&right, (kind == ZEND_AST_UNARY_PLUS) ? 1 : -1);
8810 return zend_try_ct_eval_binary_op(result, ZEND_MUL, op, &right);
8811 }
8812 /* }}} */
8813
zend_ct_eval_greater(zval * result,zend_ast_kind kind,zval * op1,zval * op2)8814 static inline void zend_ct_eval_greater(zval *result, zend_ast_kind kind, zval *op1, zval *op2) /* {{{ */
8815 {
8816 binary_op_type fn = kind == ZEND_AST_GREATER
8817 ? is_smaller_function : is_smaller_or_equal_function;
8818 fn(result, op2, op1);
8819 }
8820 /* }}} */
8821
zend_try_ct_eval_array(zval * result,zend_ast * ast)8822 static bool zend_try_ct_eval_array(zval *result, zend_ast *ast) /* {{{ */
8823 {
8824 zend_ast_list *list = zend_ast_get_list(ast);
8825 zend_ast *last_elem_ast = NULL;
8826 uint32_t i;
8827 bool is_constant = 1;
8828
8829 if (ast->attr == ZEND_ARRAY_SYNTAX_LIST) {
8830 zend_error(E_COMPILE_ERROR, "Cannot use list() as standalone expression");
8831 }
8832
8833 /* First ensure that *all* child nodes are constant and by-val */
8834 for (i = 0; i < list->children; ++i) {
8835 zend_ast *elem_ast = list->child[i];
8836
8837 if (elem_ast == NULL) {
8838 /* Report error at line of last non-empty element */
8839 if (last_elem_ast) {
8840 CG(zend_lineno) = zend_ast_get_lineno(last_elem_ast);
8841 }
8842 zend_error(E_COMPILE_ERROR, "Cannot use empty array elements in arrays");
8843 }
8844
8845 if (elem_ast->kind != ZEND_AST_UNPACK) {
8846 zend_eval_const_expr(&elem_ast->child[0]);
8847 zend_eval_const_expr(&elem_ast->child[1]);
8848
8849 if (elem_ast->attr /* by_ref */ || elem_ast->child[0]->kind != ZEND_AST_ZVAL
8850 || (elem_ast->child[1] && elem_ast->child[1]->kind != ZEND_AST_ZVAL)
8851 ) {
8852 is_constant = 0;
8853 }
8854 } else {
8855 zend_eval_const_expr(&elem_ast->child[0]);
8856
8857 if (elem_ast->child[0]->kind != ZEND_AST_ZVAL) {
8858 is_constant = 0;
8859 }
8860 }
8861
8862 last_elem_ast = elem_ast;
8863 }
8864
8865 if (!is_constant) {
8866 return 0;
8867 }
8868
8869 if (!list->children) {
8870 ZVAL_EMPTY_ARRAY(result);
8871 return 1;
8872 }
8873
8874 array_init_size(result, list->children);
8875 for (i = 0; i < list->children; ++i) {
8876 zend_ast *elem_ast = list->child[i];
8877 zend_ast *value_ast = elem_ast->child[0];
8878 zend_ast *key_ast;
8879
8880 zval *value = zend_ast_get_zval(value_ast);
8881 if (elem_ast->kind == ZEND_AST_UNPACK) {
8882 if (Z_TYPE_P(value) == IS_ARRAY) {
8883 HashTable *ht = Z_ARRVAL_P(value);
8884 zval *val;
8885 zend_string *key;
8886
8887 ZEND_HASH_FOREACH_STR_KEY_VAL(ht, key, val) {
8888 if (key) {
8889 zend_hash_update(Z_ARRVAL_P(result), key, val);
8890 } else if (!zend_hash_next_index_insert(Z_ARRVAL_P(result), val)) {
8891 zval_ptr_dtor(result);
8892 return 0;
8893 }
8894 Z_TRY_ADDREF_P(val);
8895 } ZEND_HASH_FOREACH_END();
8896
8897 continue;
8898 } else {
8899 zend_error_noreturn(E_COMPILE_ERROR, "Only arrays and Traversables can be unpacked");
8900 }
8901 }
8902
8903 Z_TRY_ADDREF_P(value);
8904
8905 key_ast = elem_ast->child[1];
8906 if (key_ast) {
8907 zval *key = zend_ast_get_zval(key_ast);
8908 switch (Z_TYPE_P(key)) {
8909 case IS_LONG:
8910 zend_hash_index_update(Z_ARRVAL_P(result), Z_LVAL_P(key), value);
8911 break;
8912 case IS_STRING:
8913 zend_symtable_update(Z_ARRVAL_P(result), Z_STR_P(key), value);
8914 break;
8915 case IS_DOUBLE: {
8916 zend_long lval = zend_dval_to_lval(Z_DVAL_P(key));
8917 /* Incompatible float will generate an error, leave this to run-time */
8918 if (!zend_is_long_compatible(Z_DVAL_P(key), lval)) {
8919 zval_ptr_dtor_nogc(value);
8920 zval_ptr_dtor(result);
8921 return 0;
8922 }
8923 zend_hash_index_update(Z_ARRVAL_P(result), lval, value);
8924 break;
8925 }
8926 case IS_FALSE:
8927 zend_hash_index_update(Z_ARRVAL_P(result), 0, value);
8928 break;
8929 case IS_TRUE:
8930 zend_hash_index_update(Z_ARRVAL_P(result), 1, value);
8931 break;
8932 case IS_NULL:
8933 zend_hash_update(Z_ARRVAL_P(result), ZSTR_EMPTY_ALLOC(), value);
8934 break;
8935 default:
8936 zend_error_noreturn(E_COMPILE_ERROR, "Illegal offset type");
8937 break;
8938 }
8939 } else if (!zend_hash_next_index_insert(Z_ARRVAL_P(result), value)) {
8940 zval_ptr_dtor_nogc(value);
8941 zval_ptr_dtor(result);
8942 return 0;
8943 }
8944 }
8945
8946 return 1;
8947 }
8948 /* }}} */
8949
zend_compile_binary_op(znode * result,zend_ast * ast)8950 static void zend_compile_binary_op(znode *result, zend_ast *ast) /* {{{ */
8951 {
8952 zend_ast *left_ast = ast->child[0];
8953 zend_ast *right_ast = ast->child[1];
8954 uint32_t opcode = ast->attr;
8955
8956 znode left_node, right_node;
8957
8958 zend_compile_expr(&left_node, left_ast);
8959 zend_compile_expr(&right_node, right_ast);
8960
8961 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
8962 if (zend_try_ct_eval_binary_op(&result->u.constant, opcode,
8963 &left_node.u.constant, &right_node.u.constant)
8964 ) {
8965 result->op_type = IS_CONST;
8966 zval_ptr_dtor(&left_node.u.constant);
8967 zval_ptr_dtor(&right_node.u.constant);
8968 return;
8969 }
8970 }
8971
8972 do {
8973 if (opcode == ZEND_IS_EQUAL || opcode == ZEND_IS_NOT_EQUAL) {
8974 if (left_node.op_type == IS_CONST) {
8975 if (Z_TYPE(left_node.u.constant) == IS_FALSE) {
8976 opcode = (opcode == ZEND_IS_NOT_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8977 zend_emit_op_tmp(result, opcode, &right_node, NULL);
8978 break;
8979 } else if (Z_TYPE(left_node.u.constant) == IS_TRUE) {
8980 opcode = (opcode == ZEND_IS_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8981 zend_emit_op_tmp(result, opcode, &right_node, NULL);
8982 break;
8983 }
8984 } else if (right_node.op_type == IS_CONST) {
8985 if (Z_TYPE(right_node.u.constant) == IS_FALSE) {
8986 opcode = (opcode == ZEND_IS_NOT_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8987 zend_emit_op_tmp(result, opcode, &left_node, NULL);
8988 break;
8989 } else if (Z_TYPE(right_node.u.constant) == IS_TRUE) {
8990 opcode = (opcode == ZEND_IS_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8991 zend_emit_op_tmp(result, opcode, &left_node, NULL);
8992 break;
8993 }
8994 }
8995 } else if (opcode == ZEND_IS_IDENTICAL || opcode == ZEND_IS_NOT_IDENTICAL) {
8996 /* convert $x === null to is_null($x) (i.e. ZEND_TYPE_CHECK opcode). Do the same thing for false/true. (covers IS_NULL, IS_FALSE, and IS_TRUE) */
8997 if (left_node.op_type == IS_CONST) {
8998 if (Z_TYPE(left_node.u.constant) <= IS_TRUE && Z_TYPE(left_node.u.constant) >= IS_NULL) {
8999 zend_op *opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &right_node, NULL);
9000 opline->extended_value =
9001 (opcode == ZEND_IS_IDENTICAL) ?
9002 (1 << Z_TYPE(left_node.u.constant)) :
9003 (MAY_BE_ANY - (1 << Z_TYPE(left_node.u.constant)));
9004 return;
9005 }
9006 } else if (right_node.op_type == IS_CONST) {
9007 if (Z_TYPE(right_node.u.constant) <= IS_TRUE && Z_TYPE(right_node.u.constant) >= IS_NULL) {
9008 zend_op *opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &left_node, NULL);
9009 opline->extended_value =
9010 (opcode == ZEND_IS_IDENTICAL) ?
9011 (1 << Z_TYPE(right_node.u.constant)) :
9012 (MAY_BE_ANY - (1 << Z_TYPE(right_node.u.constant)));
9013 return;
9014 }
9015 }
9016 } else if (opcode == ZEND_CONCAT) {
9017 /* convert constant operands to strings at compile-time */
9018 if (left_node.op_type == IS_CONST) {
9019 if (Z_TYPE(left_node.u.constant) == IS_ARRAY) {
9020 zend_emit_op_tmp(&left_node, ZEND_CAST, &left_node, NULL)->extended_value = IS_STRING;
9021 } else {
9022 convert_to_string(&left_node.u.constant);
9023 }
9024 }
9025 if (right_node.op_type == IS_CONST) {
9026 if (Z_TYPE(right_node.u.constant) == IS_ARRAY) {
9027 zend_emit_op_tmp(&right_node, ZEND_CAST, &right_node, NULL)->extended_value = IS_STRING;
9028 } else {
9029 convert_to_string(&right_node.u.constant);
9030 }
9031 }
9032 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
9033 opcode = ZEND_FAST_CONCAT;
9034 }
9035 }
9036 zend_emit_op_tmp(result, opcode, &left_node, &right_node);
9037 } while (0);
9038 }
9039 /* }}} */
9040
9041 /* We do not use zend_compile_binary_op for this because we want to retain the left-to-right
9042 * evaluation order. */
zend_compile_greater(znode * result,zend_ast * ast)9043 static void zend_compile_greater(znode *result, zend_ast *ast) /* {{{ */
9044 {
9045 zend_ast *left_ast = ast->child[0];
9046 zend_ast *right_ast = ast->child[1];
9047 znode left_node, right_node;
9048
9049 ZEND_ASSERT(ast->kind == ZEND_AST_GREATER || ast->kind == ZEND_AST_GREATER_EQUAL);
9050
9051 zend_compile_expr(&left_node, left_ast);
9052 zend_compile_expr(&right_node, right_ast);
9053
9054 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
9055 result->op_type = IS_CONST;
9056 zend_ct_eval_greater(&result->u.constant, ast->kind,
9057 &left_node.u.constant, &right_node.u.constant);
9058 zval_ptr_dtor(&left_node.u.constant);
9059 zval_ptr_dtor(&right_node.u.constant);
9060 return;
9061 }
9062
9063 zend_emit_op_tmp(result,
9064 ast->kind == ZEND_AST_GREATER ? ZEND_IS_SMALLER : ZEND_IS_SMALLER_OR_EQUAL,
9065 &right_node, &left_node);
9066 }
9067 /* }}} */
9068
zend_compile_unary_op(znode * result,zend_ast * ast)9069 static void zend_compile_unary_op(znode *result, zend_ast *ast) /* {{{ */
9070 {
9071 zend_ast *expr_ast = ast->child[0];
9072 uint32_t opcode = ast->attr;
9073
9074 znode expr_node;
9075 zend_compile_expr(&expr_node, expr_ast);
9076
9077 if (expr_node.op_type == IS_CONST
9078 && zend_try_ct_eval_unary_op(&result->u.constant, opcode, &expr_node.u.constant)) {
9079 result->op_type = IS_CONST;
9080 zval_ptr_dtor(&expr_node.u.constant);
9081 return;
9082 }
9083
9084 zend_emit_op_tmp(result, opcode, &expr_node, NULL);
9085 }
9086 /* }}} */
9087
zend_compile_unary_pm(znode * result,zend_ast * ast)9088 static void zend_compile_unary_pm(znode *result, zend_ast *ast) /* {{{ */
9089 {
9090 zend_ast *expr_ast = ast->child[0];
9091 znode expr_node, right_node;
9092
9093 ZEND_ASSERT(ast->kind == ZEND_AST_UNARY_PLUS || ast->kind == ZEND_AST_UNARY_MINUS);
9094
9095 zend_compile_expr(&expr_node, expr_ast);
9096
9097 if (expr_node.op_type == IS_CONST
9098 && zend_try_ct_eval_unary_pm(&result->u.constant, ast->kind, &expr_node.u.constant)) {
9099 result->op_type = IS_CONST;
9100 zval_ptr_dtor(&expr_node.u.constant);
9101 return;
9102 }
9103
9104 right_node.op_type = IS_CONST;
9105 ZVAL_LONG(&right_node.u.constant, (ast->kind == ZEND_AST_UNARY_PLUS) ? 1 : -1);
9106 zend_emit_op_tmp(result, ZEND_MUL, &expr_node, &right_node);
9107 }
9108 /* }}} */
9109
zend_compile_short_circuiting(znode * result,zend_ast * ast)9110 static void zend_compile_short_circuiting(znode *result, zend_ast *ast) /* {{{ */
9111 {
9112 zend_ast *left_ast = ast->child[0];
9113 zend_ast *right_ast = ast->child[1];
9114
9115 znode left_node, right_node;
9116 zend_op *opline_jmpz, *opline_bool;
9117 uint32_t opnum_jmpz;
9118
9119 ZEND_ASSERT(ast->kind == ZEND_AST_AND || ast->kind == ZEND_AST_OR);
9120
9121 zend_compile_expr(&left_node, left_ast);
9122
9123 if (left_node.op_type == IS_CONST) {
9124 if ((ast->kind == ZEND_AST_AND && !zend_is_true(&left_node.u.constant))
9125 || (ast->kind == ZEND_AST_OR && zend_is_true(&left_node.u.constant))) {
9126 result->op_type = IS_CONST;
9127 ZVAL_BOOL(&result->u.constant, zend_is_true(&left_node.u.constant));
9128 } else {
9129 zend_compile_expr(&right_node, right_ast);
9130
9131 if (right_node.op_type == IS_CONST) {
9132 result->op_type = IS_CONST;
9133 ZVAL_BOOL(&result->u.constant, zend_is_true(&right_node.u.constant));
9134
9135 zval_ptr_dtor(&right_node.u.constant);
9136 } else {
9137 zend_emit_op_tmp(result, ZEND_BOOL, &right_node, NULL);
9138 }
9139 }
9140
9141 zval_ptr_dtor(&left_node.u.constant);
9142 return;
9143 }
9144
9145 opnum_jmpz = get_next_op_number();
9146 opline_jmpz = zend_emit_op(NULL, ast->kind == ZEND_AST_AND ? ZEND_JMPZ_EX : ZEND_JMPNZ_EX,
9147 &left_node, NULL);
9148
9149 if (left_node.op_type == IS_TMP_VAR) {
9150 SET_NODE(opline_jmpz->result, &left_node);
9151 GET_NODE(result, opline_jmpz->result);
9152 } else {
9153 zend_make_tmp_result(result, opline_jmpz);
9154 }
9155
9156 zend_compile_expr(&right_node, right_ast);
9157
9158 opline_bool = zend_emit_op(NULL, ZEND_BOOL, &right_node, NULL);
9159 SET_NODE(opline_bool->result, result);
9160
9161 zend_update_jump_target_to_next(opnum_jmpz);
9162 }
9163 /* }}} */
9164
zend_compile_post_incdec(znode * result,zend_ast * ast)9165 static void zend_compile_post_incdec(znode *result, zend_ast *ast) /* {{{ */
9166 {
9167 zend_ast *var_ast = ast->child[0];
9168 ZEND_ASSERT(ast->kind == ZEND_AST_POST_INC || ast->kind == ZEND_AST_POST_DEC);
9169
9170 zend_ensure_writable_variable(var_ast);
9171
9172 if (var_ast->kind == ZEND_AST_PROP || var_ast->kind == ZEND_AST_NULLSAFE_PROP) {
9173 zend_op *opline = zend_compile_prop(NULL, var_ast, BP_VAR_RW, 0);
9174 opline->opcode = ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC_OBJ : ZEND_POST_DEC_OBJ;
9175 zend_make_tmp_result(result, opline);
9176 } else if (var_ast->kind == ZEND_AST_STATIC_PROP) {
9177 zend_op *opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_RW, 0, 0);
9178 opline->opcode = ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC_STATIC_PROP : ZEND_POST_DEC_STATIC_PROP;
9179 zend_make_tmp_result(result, opline);
9180 } else {
9181 znode var_node;
9182 zend_op *opline = zend_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
9183 if (opline && opline->opcode == ZEND_FETCH_DIM_RW) {
9184 opline->extended_value = ZEND_FETCH_DIM_INCDEC;
9185 }
9186 zend_emit_op_tmp(result, ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC : ZEND_POST_DEC,
9187 &var_node, NULL);
9188 }
9189 }
9190 /* }}} */
9191
zend_compile_pre_incdec(znode * result,zend_ast * ast)9192 static void zend_compile_pre_incdec(znode *result, zend_ast *ast) /* {{{ */
9193 {
9194 zend_ast *var_ast = ast->child[0];
9195 ZEND_ASSERT(ast->kind == ZEND_AST_PRE_INC || ast->kind == ZEND_AST_PRE_DEC);
9196
9197 zend_ensure_writable_variable(var_ast);
9198
9199 if (var_ast->kind == ZEND_AST_PROP || var_ast->kind == ZEND_AST_NULLSAFE_PROP) {
9200 zend_op *opline = zend_compile_prop(result, var_ast, BP_VAR_RW, 0);
9201 opline->opcode = ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC_OBJ : ZEND_PRE_DEC_OBJ;
9202 opline->result_type = IS_TMP_VAR;
9203 result->op_type = IS_TMP_VAR;
9204 } else if (var_ast->kind == ZEND_AST_STATIC_PROP) {
9205 zend_op *opline = zend_compile_static_prop(result, var_ast, BP_VAR_RW, 0, 0);
9206 opline->opcode = ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC_STATIC_PROP : ZEND_PRE_DEC_STATIC_PROP;
9207 opline->result_type = IS_TMP_VAR;
9208 result->op_type = IS_TMP_VAR;
9209 } else {
9210 znode var_node;
9211 zend_op *opline = zend_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
9212 if (opline && opline->opcode == ZEND_FETCH_DIM_RW) {
9213 opline->extended_value = ZEND_FETCH_DIM_INCDEC;
9214 }
9215 zend_emit_op_tmp(result, ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC : ZEND_PRE_DEC,
9216 &var_node, NULL);
9217 }
9218 }
9219 /* }}} */
9220
zend_compile_cast(znode * result,zend_ast * ast)9221 static void zend_compile_cast(znode *result, zend_ast *ast) /* {{{ */
9222 {
9223 zend_ast *expr_ast = ast->child[0];
9224 znode expr_node;
9225 zend_op *opline;
9226
9227 zend_compile_expr(&expr_node, expr_ast);
9228
9229 if (ast->attr == _IS_BOOL) {
9230 opline = zend_emit_op_tmp(result, ZEND_BOOL, &expr_node, NULL);
9231 } else if (ast->attr == IS_NULL) {
9232 zend_error(E_COMPILE_ERROR, "The (unset) cast is no longer supported");
9233 } else {
9234 opline = zend_emit_op_tmp(result, ZEND_CAST, &expr_node, NULL);
9235 opline->extended_value = ast->attr;
9236 }
9237 }
9238 /* }}} */
9239
zend_compile_shorthand_conditional(znode * result,zend_ast * ast)9240 static void zend_compile_shorthand_conditional(znode *result, zend_ast *ast) /* {{{ */
9241 {
9242 zend_ast *cond_ast = ast->child[0];
9243 zend_ast *false_ast = ast->child[2];
9244
9245 znode cond_node, false_node;
9246 zend_op *opline_qm_assign;
9247 uint32_t opnum_jmp_set;
9248
9249 ZEND_ASSERT(ast->child[1] == NULL);
9250
9251 zend_compile_expr(&cond_node, cond_ast);
9252
9253 opnum_jmp_set = get_next_op_number();
9254 zend_emit_op_tmp(result, ZEND_JMP_SET, &cond_node, NULL);
9255
9256 zend_compile_expr(&false_node, false_ast);
9257
9258 opline_qm_assign = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &false_node, NULL);
9259 SET_NODE(opline_qm_assign->result, result);
9260
9261 zend_update_jump_target_to_next(opnum_jmp_set);
9262 }
9263 /* }}} */
9264
zend_compile_conditional(znode * result,zend_ast * ast)9265 static void zend_compile_conditional(znode *result, zend_ast *ast) /* {{{ */
9266 {
9267 zend_ast *cond_ast = ast->child[0];
9268 zend_ast *true_ast = ast->child[1];
9269 zend_ast *false_ast = ast->child[2];
9270
9271 znode cond_node, true_node, false_node;
9272 zend_op *opline_qm_assign2;
9273 uint32_t opnum_jmpz, opnum_jmp;
9274
9275 if (cond_ast->kind == ZEND_AST_CONDITIONAL
9276 && cond_ast->attr != ZEND_PARENTHESIZED_CONDITIONAL) {
9277 if (cond_ast->child[1]) {
9278 if (true_ast) {
9279 zend_error(E_COMPILE_ERROR,
9280 "Unparenthesized `a ? b : c ? d : e` is not supported. "
9281 "Use either `(a ? b : c) ? d : e` or `a ? b : (c ? d : e)`");
9282 } else {
9283 zend_error(E_COMPILE_ERROR,
9284 "Unparenthesized `a ? b : c ?: d` is not supported. "
9285 "Use either `(a ? b : c) ?: d` or `a ? b : (c ?: d)`");
9286 }
9287 } else {
9288 if (true_ast) {
9289 zend_error(E_COMPILE_ERROR,
9290 "Unparenthesized `a ?: b ? c : d` is not supported. "
9291 "Use either `(a ?: b) ? c : d` or `a ?: (b ? c : d)`");
9292 } else {
9293 /* This case is harmless: (a ?: b) ?: c always produces the same result
9294 * as a ?: (b ?: c). */
9295 }
9296 }
9297 }
9298
9299 if (!true_ast) {
9300 zend_compile_shorthand_conditional(result, ast);
9301 return;
9302 }
9303
9304 zend_compile_expr(&cond_node, cond_ast);
9305
9306 opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
9307
9308 zend_compile_expr(&true_node, true_ast);
9309
9310 zend_emit_op_tmp(result, ZEND_QM_ASSIGN, &true_node, NULL);
9311
9312 opnum_jmp = zend_emit_jump(0);
9313
9314 zend_update_jump_target_to_next(opnum_jmpz);
9315
9316 zend_compile_expr(&false_node, false_ast);
9317
9318 opline_qm_assign2 = zend_emit_op(NULL, ZEND_QM_ASSIGN, &false_node, NULL);
9319 SET_NODE(opline_qm_assign2->result, result);
9320
9321 zend_update_jump_target_to_next(opnum_jmp);
9322 }
9323 /* }}} */
9324
zend_compile_coalesce(znode * result,zend_ast * ast)9325 static void zend_compile_coalesce(znode *result, zend_ast *ast) /* {{{ */
9326 {
9327 zend_ast *expr_ast = ast->child[0];
9328 zend_ast *default_ast = ast->child[1];
9329
9330 znode expr_node, default_node;
9331 zend_op *opline;
9332 uint32_t opnum;
9333
9334 zend_compile_var(&expr_node, expr_ast, BP_VAR_IS, 0);
9335
9336 opnum = get_next_op_number();
9337 zend_emit_op_tmp(result, ZEND_COALESCE, &expr_node, NULL);
9338
9339 zend_compile_expr(&default_node, default_ast);
9340
9341 opline = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &default_node, NULL);
9342 SET_NODE(opline->result, result);
9343
9344 opline = &CG(active_op_array)->opcodes[opnum];
9345 opline->op2.opline_num = get_next_op_number();
9346 }
9347 /* }}} */
9348
znode_dtor(zval * zv)9349 static void znode_dtor(zval *zv) {
9350 znode *node = Z_PTR_P(zv);
9351 if (node->op_type == IS_CONST) {
9352 zval_ptr_dtor_nogc(&node->u.constant);
9353 }
9354 efree(node);
9355 }
9356
zend_compile_assign_coalesce(znode * result,zend_ast * ast)9357 static void zend_compile_assign_coalesce(znode *result, zend_ast *ast) /* {{{ */
9358 {
9359 zend_ast *var_ast = ast->child[0];
9360 zend_ast *default_ast = ast->child[1];
9361
9362 znode var_node_is, var_node_w, default_node, assign_node, *node;
9363 zend_op *opline;
9364 uint32_t coalesce_opnum;
9365 bool need_frees = 0;
9366
9367 /* Remember expressions compiled during the initial BP_VAR_IS lookup,
9368 * to avoid double-evaluation when we compile again with BP_VAR_W. */
9369 HashTable *orig_memoized_exprs = CG(memoized_exprs);
9370 const zend_memoize_mode orig_memoize_mode = CG(memoize_mode);
9371
9372 zend_ensure_writable_variable(var_ast);
9373 if (is_this_fetch(var_ast)) {
9374 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
9375 }
9376
9377 ALLOC_HASHTABLE(CG(memoized_exprs));
9378 zend_hash_init(CG(memoized_exprs), 0, NULL, znode_dtor, 0);
9379
9380 CG(memoize_mode) = ZEND_MEMOIZE_COMPILE;
9381 zend_compile_var(&var_node_is, var_ast, BP_VAR_IS, 0);
9382
9383 coalesce_opnum = get_next_op_number();
9384 zend_emit_op_tmp(result, ZEND_COALESCE, &var_node_is, NULL);
9385
9386 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
9387 if (var_ast->kind == ZEND_AST_DIM) {
9388 zend_compile_expr_with_potential_assign_to_self(&default_node, default_ast, var_ast);
9389 } else {
9390 zend_compile_expr(&default_node, default_ast);
9391 }
9392
9393 CG(memoize_mode) = ZEND_MEMOIZE_FETCH;
9394 zend_compile_var(&var_node_w, var_ast, BP_VAR_W, 0);
9395
9396 /* Reproduce some of the zend_compile_assign() opcode fixup logic here. */
9397 opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
9398 /* Treat $GLOBALS['x'] assignment like assignment to variable. */
9399 zend_ast_kind kind = is_global_var_fetch(var_ast) ? ZEND_AST_VAR : var_ast->kind;
9400 switch (kind) {
9401 case ZEND_AST_VAR:
9402 zend_emit_op_tmp(&assign_node, ZEND_ASSIGN, &var_node_w, &default_node);
9403 break;
9404 case ZEND_AST_STATIC_PROP:
9405 opline->opcode = ZEND_ASSIGN_STATIC_PROP;
9406 opline->result_type = IS_TMP_VAR;
9407 var_node_w.op_type = IS_TMP_VAR;
9408 zend_emit_op_data(&default_node);
9409 assign_node = var_node_w;
9410 break;
9411 case ZEND_AST_DIM:
9412 opline->opcode = ZEND_ASSIGN_DIM;
9413 opline->result_type = IS_TMP_VAR;
9414 var_node_w.op_type = IS_TMP_VAR;
9415 zend_emit_op_data(&default_node);
9416 assign_node = var_node_w;
9417 break;
9418 case ZEND_AST_PROP:
9419 case ZEND_AST_NULLSAFE_PROP:
9420 opline->opcode = ZEND_ASSIGN_OBJ;
9421 opline->result_type = IS_TMP_VAR;
9422 var_node_w.op_type = IS_TMP_VAR;
9423 zend_emit_op_data(&default_node);
9424 assign_node = var_node_w;
9425 break;
9426 EMPTY_SWITCH_DEFAULT_CASE();
9427 }
9428
9429 opline = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &assign_node, NULL);
9430 SET_NODE(opline->result, result);
9431
9432 ZEND_HASH_FOREACH_PTR(CG(memoized_exprs), node) {
9433 if (node->op_type == IS_TMP_VAR || node->op_type == IS_VAR) {
9434 need_frees = 1;
9435 break;
9436 }
9437 } ZEND_HASH_FOREACH_END();
9438
9439 /* Free DUPed expressions if there are any */
9440 if (need_frees) {
9441 uint32_t jump_opnum = zend_emit_jump(0);
9442 zend_update_jump_target_to_next(coalesce_opnum);
9443 ZEND_HASH_FOREACH_PTR(CG(memoized_exprs), node) {
9444 if (node->op_type == IS_TMP_VAR || node->op_type == IS_VAR) {
9445 zend_emit_op(NULL, ZEND_FREE, node, NULL);
9446 }
9447 } ZEND_HASH_FOREACH_END();
9448 zend_update_jump_target_to_next(jump_opnum);
9449 } else {
9450 zend_update_jump_target_to_next(coalesce_opnum);
9451 }
9452
9453 zend_hash_destroy(CG(memoized_exprs));
9454 FREE_HASHTABLE(CG(memoized_exprs));
9455 CG(memoized_exprs) = orig_memoized_exprs;
9456 CG(memoize_mode) = orig_memoize_mode;
9457 }
9458 /* }}} */
9459
zend_compile_print(znode * result,zend_ast * ast)9460 static void zend_compile_print(znode *result, zend_ast *ast) /* {{{ */
9461 {
9462 zend_op *opline;
9463 zend_ast *expr_ast = ast->child[0];
9464
9465 znode expr_node;
9466 zend_compile_expr(&expr_node, expr_ast);
9467
9468 opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
9469 opline->extended_value = 1;
9470
9471 result->op_type = IS_CONST;
9472 ZVAL_LONG(&result->u.constant, 1);
9473 }
9474 /* }}} */
9475
zend_compile_exit(znode * result,zend_ast * ast)9476 static void zend_compile_exit(znode *result, zend_ast *ast) /* {{{ */
9477 {
9478 zend_ast *expr_ast = ast->child[0];
9479 znode expr_node;
9480
9481 if (expr_ast) {
9482 zend_compile_expr(&expr_node, expr_ast);
9483 } else {
9484 expr_node.op_type = IS_UNUSED;
9485 }
9486
9487 zend_op *opline = zend_emit_op(NULL, ZEND_EXIT, &expr_node, NULL);
9488 if (result) {
9489 /* Mark this as an "expression throw" for opcache. */
9490 opline->extended_value = ZEND_THROW_IS_EXPR;
9491 result->op_type = IS_CONST;
9492 ZVAL_TRUE(&result->u.constant);
9493 }
9494 }
9495 /* }}} */
9496
zend_compile_yield(znode * result,zend_ast * ast)9497 static void zend_compile_yield(znode *result, zend_ast *ast) /* {{{ */
9498 {
9499 zend_ast *value_ast = ast->child[0];
9500 zend_ast *key_ast = ast->child[1];
9501
9502 znode value_node, key_node;
9503 znode *value_node_ptr = NULL, *key_node_ptr = NULL;
9504 zend_op *opline;
9505 bool returns_by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
9506
9507 zend_mark_function_as_generator();
9508
9509 if (key_ast) {
9510 zend_compile_expr(&key_node, key_ast);
9511 key_node_ptr = &key_node;
9512 }
9513
9514 if (value_ast) {
9515 if (returns_by_ref && zend_is_variable(value_ast)) {
9516 zend_assert_not_short_circuited(value_ast);
9517 zend_compile_var(&value_node, value_ast, BP_VAR_W, 1);
9518 } else {
9519 zend_compile_expr(&value_node, value_ast);
9520 }
9521 value_node_ptr = &value_node;
9522 }
9523
9524 opline = zend_emit_op(result, ZEND_YIELD, value_node_ptr, key_node_ptr);
9525
9526 if (value_ast && returns_by_ref && zend_is_call(value_ast)) {
9527 opline->extended_value = ZEND_RETURNS_FUNCTION;
9528 }
9529 }
9530 /* }}} */
9531
zend_compile_yield_from(znode * result,zend_ast * ast)9532 static void zend_compile_yield_from(znode *result, zend_ast *ast) /* {{{ */
9533 {
9534 zend_ast *expr_ast = ast->child[0];
9535 znode expr_node;
9536
9537 zend_mark_function_as_generator();
9538
9539 if (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) {
9540 zend_error_noreturn(E_COMPILE_ERROR,
9541 "Cannot use \"yield from\" inside a by-reference generator");
9542 }
9543
9544 zend_compile_expr(&expr_node, expr_ast);
9545 zend_emit_op_tmp(result, ZEND_YIELD_FROM, &expr_node, NULL);
9546 }
9547 /* }}} */
9548
zend_compile_instanceof(znode * result,zend_ast * ast)9549 static void zend_compile_instanceof(znode *result, zend_ast *ast) /* {{{ */
9550 {
9551 zend_ast *obj_ast = ast->child[0];
9552 zend_ast *class_ast = ast->child[1];
9553
9554 znode obj_node, class_node;
9555 zend_op *opline;
9556
9557 zend_compile_expr(&obj_node, obj_ast);
9558 if (obj_node.op_type == IS_CONST) {
9559 zend_do_free(&obj_node);
9560 result->op_type = IS_CONST;
9561 ZVAL_FALSE(&result->u.constant);
9562 return;
9563 }
9564
9565 zend_compile_class_ref(&class_node, class_ast,
9566 ZEND_FETCH_CLASS_NO_AUTOLOAD | ZEND_FETCH_CLASS_EXCEPTION | ZEND_FETCH_CLASS_SILENT);
9567
9568 opline = zend_emit_op_tmp(result, ZEND_INSTANCEOF, &obj_node, NULL);
9569
9570 if (class_node.op_type == IS_CONST) {
9571 opline->op2_type = IS_CONST;
9572 opline->op2.constant = zend_add_class_name_literal(
9573 Z_STR(class_node.u.constant));
9574 opline->extended_value = zend_alloc_cache_slot();
9575 } else {
9576 SET_NODE(opline->op2, &class_node);
9577 }
9578 }
9579 /* }}} */
9580
zend_compile_include_or_eval(znode * result,zend_ast * ast)9581 static void zend_compile_include_or_eval(znode *result, zend_ast *ast) /* {{{ */
9582 {
9583 zend_ast *expr_ast = ast->child[0];
9584 znode expr_node;
9585 zend_op *opline;
9586
9587 zend_do_extended_fcall_begin();
9588 zend_compile_expr(&expr_node, expr_ast);
9589
9590 opline = zend_emit_op(result, ZEND_INCLUDE_OR_EVAL, &expr_node, NULL);
9591 opline->extended_value = ast->attr;
9592
9593 zend_do_extended_fcall_end();
9594 }
9595 /* }}} */
9596
zend_compile_isset_or_empty(znode * result,zend_ast * ast)9597 static void zend_compile_isset_or_empty(znode *result, zend_ast *ast) /* {{{ */
9598 {
9599 zend_ast *var_ast = ast->child[0];
9600
9601 znode var_node;
9602 zend_op *opline = NULL;
9603
9604 ZEND_ASSERT(ast->kind == ZEND_AST_ISSET || ast->kind == ZEND_AST_EMPTY);
9605
9606 if (!zend_is_variable(var_ast)) {
9607 if (ast->kind == ZEND_AST_EMPTY) {
9608 /* empty(expr) can be transformed to !expr */
9609 zend_ast *not_ast = zend_ast_create_ex(ZEND_AST_UNARY_OP, ZEND_BOOL_NOT, var_ast);
9610 zend_compile_expr(result, not_ast);
9611 return;
9612 } else {
9613 zend_error_noreturn(E_COMPILE_ERROR,
9614 "Cannot use isset() on the result of an expression "
9615 "(you can use \"null !== expression\" instead)");
9616 }
9617 }
9618
9619 if (is_globals_fetch(var_ast)) {
9620 result->op_type = IS_CONST;
9621 ZVAL_BOOL(&result->u.constant, ast->kind == ZEND_AST_ISSET);
9622 return;
9623 }
9624
9625 if (is_global_var_fetch(var_ast)) {
9626 if (!var_ast->child[1]) {
9627 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
9628 }
9629
9630 zend_compile_expr(&var_node, var_ast->child[1]);
9631 if (var_node.op_type == IS_CONST) {
9632 convert_to_string(&var_node.u.constant);
9633 }
9634
9635 opline = zend_emit_op_tmp(result, ZEND_ISSET_ISEMPTY_VAR, &var_node, NULL);
9636 opline->extended_value =
9637 ZEND_FETCH_GLOBAL | (ast->kind == ZEND_AST_EMPTY ? ZEND_ISEMPTY : 0);
9638 return;
9639 }
9640
9641 zend_short_circuiting_mark_inner(var_ast);
9642 switch (var_ast->kind) {
9643 case ZEND_AST_VAR:
9644 if (is_this_fetch(var_ast)) {
9645 opline = zend_emit_op(result, ZEND_ISSET_ISEMPTY_THIS, NULL, NULL);
9646 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
9647 } else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
9648 opline = zend_emit_op(result, ZEND_ISSET_ISEMPTY_CV, &var_node, NULL);
9649 } else {
9650 opline = zend_compile_simple_var_no_cv(result, var_ast, BP_VAR_IS, 0);
9651 opline->opcode = ZEND_ISSET_ISEMPTY_VAR;
9652 }
9653 break;
9654 case ZEND_AST_DIM:
9655 opline = zend_compile_dim(result, var_ast, BP_VAR_IS, /* by_ref */ false);
9656 opline->opcode = ZEND_ISSET_ISEMPTY_DIM_OBJ;
9657 break;
9658 case ZEND_AST_PROP:
9659 case ZEND_AST_NULLSAFE_PROP:
9660 opline = zend_compile_prop(result, var_ast, BP_VAR_IS, 0);
9661 opline->opcode = ZEND_ISSET_ISEMPTY_PROP_OBJ;
9662 break;
9663 case ZEND_AST_STATIC_PROP:
9664 opline = zend_compile_static_prop(result, var_ast, BP_VAR_IS, 0, 0);
9665 opline->opcode = ZEND_ISSET_ISEMPTY_STATIC_PROP;
9666 break;
9667 EMPTY_SWITCH_DEFAULT_CASE()
9668 }
9669
9670 result->op_type = opline->result_type = IS_TMP_VAR;
9671 if (!(ast->kind == ZEND_AST_ISSET)) {
9672 opline->extended_value |= ZEND_ISEMPTY;
9673 }
9674 }
9675 /* }}} */
9676
zend_compile_silence(znode * result,zend_ast * ast)9677 static void zend_compile_silence(znode *result, zend_ast *ast) /* {{{ */
9678 {
9679 zend_ast *expr_ast = ast->child[0];
9680 znode silence_node;
9681
9682 zend_emit_op_tmp(&silence_node, ZEND_BEGIN_SILENCE, NULL, NULL);
9683
9684 if (expr_ast->kind == ZEND_AST_VAR) {
9685 /* For @$var we need to force a FETCH instruction, otherwise the CV access will
9686 * happen outside the silenced section. */
9687 zend_compile_simple_var_no_cv(result, expr_ast, BP_VAR_R, 0 );
9688 } else {
9689 zend_compile_expr(result, expr_ast);
9690 }
9691
9692 zend_emit_op(NULL, ZEND_END_SILENCE, &silence_node, NULL);
9693 }
9694 /* }}} */
9695
zend_compile_shell_exec(znode * result,zend_ast * ast)9696 static void zend_compile_shell_exec(znode *result, zend_ast *ast) /* {{{ */
9697 {
9698 zend_ast *expr_ast = ast->child[0];
9699
9700 zval fn_name;
9701 zend_ast *name_ast, *args_ast, *call_ast;
9702
9703 ZVAL_STRING(&fn_name, "shell_exec");
9704 name_ast = zend_ast_create_zval(&fn_name);
9705 args_ast = zend_ast_create_list(1, ZEND_AST_ARG_LIST, expr_ast);
9706 call_ast = zend_ast_create(ZEND_AST_CALL, name_ast, args_ast);
9707
9708 zend_compile_expr(result, call_ast);
9709
9710 zval_ptr_dtor(&fn_name);
9711 }
9712 /* }}} */
9713
zend_compile_array(znode * result,zend_ast * ast)9714 static void zend_compile_array(znode *result, zend_ast *ast) /* {{{ */
9715 {
9716 zend_ast_list *list = zend_ast_get_list(ast);
9717 zend_op *opline;
9718 uint32_t i, opnum_init = -1;
9719 bool packed = 1;
9720
9721 if (zend_try_ct_eval_array(&result->u.constant, ast)) {
9722 result->op_type = IS_CONST;
9723 return;
9724 }
9725
9726 /* Empty arrays are handled at compile-time */
9727 ZEND_ASSERT(list->children > 0);
9728
9729 for (i = 0; i < list->children; ++i) {
9730 zend_ast *elem_ast = list->child[i];
9731 zend_ast *value_ast, *key_ast;
9732 bool by_ref;
9733 znode value_node, key_node, *key_node_ptr = NULL;
9734
9735 if (elem_ast == NULL) {
9736 zend_error(E_COMPILE_ERROR, "Cannot use empty array elements in arrays");
9737 }
9738
9739 value_ast = elem_ast->child[0];
9740
9741 if (elem_ast->kind == ZEND_AST_UNPACK) {
9742 zend_compile_expr(&value_node, value_ast);
9743 if (i == 0) {
9744 opnum_init = get_next_op_number();
9745 opline = zend_emit_op_tmp(result, ZEND_INIT_ARRAY, NULL, NULL);
9746 }
9747 opline = zend_emit_op(NULL, ZEND_ADD_ARRAY_UNPACK, &value_node, NULL);
9748 SET_NODE(opline->result, result);
9749 continue;
9750 }
9751
9752 key_ast = elem_ast->child[1];
9753 by_ref = elem_ast->attr;
9754
9755 if (key_ast) {
9756 zend_compile_expr(&key_node, key_ast);
9757 zend_handle_numeric_op(&key_node);
9758 key_node_ptr = &key_node;
9759 }
9760
9761 if (by_ref) {
9762 zend_ensure_writable_variable(value_ast);
9763 zend_compile_var(&value_node, value_ast, BP_VAR_W, 1);
9764 } else {
9765 zend_compile_expr(&value_node, value_ast);
9766 }
9767
9768 if (i == 0) {
9769 opnum_init = get_next_op_number();
9770 opline = zend_emit_op_tmp(result, ZEND_INIT_ARRAY, &value_node, key_node_ptr);
9771 opline->extended_value = list->children << ZEND_ARRAY_SIZE_SHIFT;
9772 } else {
9773 opline = zend_emit_op(NULL, ZEND_ADD_ARRAY_ELEMENT,
9774 &value_node, key_node_ptr);
9775 SET_NODE(opline->result, result);
9776 }
9777 opline->extended_value |= by_ref;
9778
9779 if (key_ast && key_node.op_type == IS_CONST && Z_TYPE(key_node.u.constant) == IS_STRING) {
9780 packed = 0;
9781 }
9782 }
9783
9784 /* Add a flag to INIT_ARRAY if we know this array cannot be packed */
9785 if (!packed) {
9786 ZEND_ASSERT(opnum_init != (uint32_t)-1);
9787 opline = &CG(active_op_array)->opcodes[opnum_init];
9788 opline->extended_value |= ZEND_ARRAY_NOT_PACKED;
9789 }
9790 }
9791 /* }}} */
9792
zend_compile_const(znode * result,zend_ast * ast)9793 static void zend_compile_const(znode *result, zend_ast *ast) /* {{{ */
9794 {
9795 zend_ast *name_ast = ast->child[0];
9796
9797 zend_op *opline;
9798
9799 bool is_fully_qualified;
9800 zend_string *orig_name = zend_ast_get_str(name_ast);
9801 zend_string *resolved_name = zend_resolve_const_name(orig_name, name_ast->attr, &is_fully_qualified);
9802
9803 if (zend_string_equals_literal(resolved_name, "__COMPILER_HALT_OFFSET__") || (name_ast->attr != ZEND_NAME_RELATIVE && zend_string_equals_literal(orig_name, "__COMPILER_HALT_OFFSET__"))) {
9804 zend_ast *last = CG(ast);
9805
9806 while (last && last->kind == ZEND_AST_STMT_LIST) {
9807 zend_ast_list *list = zend_ast_get_list(last);
9808 if (list->children == 0) {
9809 break;
9810 }
9811 last = list->child[list->children-1];
9812 }
9813 if (last && last->kind == ZEND_AST_HALT_COMPILER) {
9814 result->op_type = IS_CONST;
9815 ZVAL_LONG(&result->u.constant, Z_LVAL_P(zend_ast_get_zval(last->child[0])));
9816 zend_string_release_ex(resolved_name, 0);
9817 return;
9818 }
9819 }
9820
9821 if (zend_try_ct_eval_const(&result->u.constant, resolved_name, is_fully_qualified)) {
9822 result->op_type = IS_CONST;
9823 zend_string_release_ex(resolved_name, 0);
9824 return;
9825 }
9826
9827 opline = zend_emit_op_tmp(result, ZEND_FETCH_CONSTANT, NULL, NULL);
9828 opline->op2_type = IS_CONST;
9829
9830 if (is_fully_qualified || !FC(current_namespace)) {
9831 opline->op1.num = 0;
9832 opline->op2.constant = zend_add_const_name_literal(
9833 resolved_name, 0);
9834 } else {
9835 opline->op1.num = IS_CONSTANT_UNQUALIFIED_IN_NAMESPACE;
9836 opline->op2.constant = zend_add_const_name_literal(
9837 resolved_name, 1);
9838 }
9839 opline->extended_value = zend_alloc_cache_slot();
9840 }
9841 /* }}} */
9842
zend_compile_class_const(znode * result,zend_ast * ast)9843 static void zend_compile_class_const(znode *result, zend_ast *ast) /* {{{ */
9844 {
9845 zend_ast *class_ast;
9846 zend_ast *const_ast;
9847 znode class_node, const_node;
9848 zend_op *opline;
9849
9850 zend_eval_const_expr(&ast->child[0]);
9851 zend_eval_const_expr(&ast->child[1]);
9852
9853 class_ast = ast->child[0];
9854 const_ast = ast->child[1];
9855
9856 if (class_ast->kind == ZEND_AST_ZVAL && const_ast->kind == ZEND_AST_ZVAL) {
9857 zval *const_zv = zend_ast_get_zval(const_ast);
9858 if (Z_TYPE_P(const_zv) == IS_STRING) {
9859 zend_string *const_str = Z_STR_P(const_zv);
9860 zend_string *resolved_name = zend_resolve_class_name_ast(class_ast);
9861 if (zend_try_ct_eval_class_const(&result->u.constant, resolved_name, const_str)) {
9862 result->op_type = IS_CONST;
9863 zend_string_release_ex(resolved_name, 0);
9864 return;
9865 }
9866 zend_string_release_ex(resolved_name, 0);
9867 }
9868 }
9869
9870 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
9871
9872 zend_compile_expr(&const_node, const_ast);
9873
9874 opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_CONSTANT, NULL, &const_node);
9875
9876 zend_set_class_name_op1(opline, &class_node);
9877
9878 if (opline->op1_type == IS_CONST || opline->op2_type == IS_CONST) {
9879 opline->extended_value = zend_alloc_cache_slots(2);
9880 }
9881 }
9882 /* }}} */
9883
zend_compile_class_name(znode * result,zend_ast * ast)9884 static void zend_compile_class_name(znode *result, zend_ast *ast) /* {{{ */
9885 {
9886 zend_ast *class_ast = ast->child[0];
9887
9888 if (zend_try_compile_const_expr_resolve_class_name(&result->u.constant, class_ast)) {
9889 result->op_type = IS_CONST;
9890 return;
9891 }
9892
9893 if (class_ast->kind == ZEND_AST_ZVAL) {
9894 zend_op *opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, NULL, NULL);
9895 opline->op1.num = zend_get_class_fetch_type(zend_ast_get_str(class_ast));
9896 } else {
9897 znode expr_node;
9898 zend_compile_expr(&expr_node, class_ast);
9899 if (expr_node.op_type == IS_CONST) {
9900 /* Unlikely case that happen if class_ast is constant folded.
9901 * Handle it here, to avoid needing a CONST specialization in the VM. */
9902 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"::class\" on %s",
9903 zend_zval_value_name(&expr_node.u.constant));
9904 }
9905
9906 zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, &expr_node, NULL);
9907 }
9908 }
9909 /* }}} */
9910
zend_compile_rope_add_ex(zend_op * opline,znode * result,uint32_t num,znode * elem_node)9911 static zend_op *zend_compile_rope_add_ex(zend_op *opline, znode *result, uint32_t num, znode *elem_node) /* {{{ */
9912 {
9913 if (num == 0) {
9914 result->op_type = IS_TMP_VAR;
9915 result->u.op.var = -1;
9916 opline->opcode = ZEND_ROPE_INIT;
9917 } else {
9918 opline->opcode = ZEND_ROPE_ADD;
9919 SET_NODE(opline->op1, result);
9920 }
9921 SET_NODE(opline->op2, elem_node);
9922 SET_NODE(opline->result, result);
9923 opline->extended_value = num;
9924 return opline;
9925 }
9926 /* }}} */
9927
zend_compile_rope_add(znode * result,uint32_t num,znode * elem_node)9928 static zend_op *zend_compile_rope_add(znode *result, uint32_t num, znode *elem_node) /* {{{ */
9929 {
9930 zend_op *opline = get_next_op();
9931
9932 if (num == 0) {
9933 result->op_type = IS_TMP_VAR;
9934 result->u.op.var = -1;
9935 opline->opcode = ZEND_ROPE_INIT;
9936 } else {
9937 opline->opcode = ZEND_ROPE_ADD;
9938 SET_NODE(opline->op1, result);
9939 }
9940 SET_NODE(opline->op2, elem_node);
9941 SET_NODE(opline->result, result);
9942 opline->extended_value = num;
9943 return opline;
9944 }
9945 /* }}} */
9946
zend_compile_encaps_list(znode * result,zend_ast * ast)9947 static void zend_compile_encaps_list(znode *result, zend_ast *ast) /* {{{ */
9948 {
9949 uint32_t i, j;
9950 uint32_t rope_init_lineno = -1;
9951 zend_op *opline = NULL, *init_opline;
9952 znode elem_node, last_const_node;
9953 zend_ast_list *list = zend_ast_get_list(ast);
9954 uint32_t reserved_op_number = -1;
9955
9956 ZEND_ASSERT(list->children > 0);
9957
9958 j = 0;
9959 last_const_node.op_type = IS_UNUSED;
9960 for (i = 0; i < list->children; i++) {
9961 zend_ast *encaps_var = list->child[i];
9962
9963 if (encaps_var->attr & (ZEND_ENCAPS_VAR_DOLLAR_CURLY|ZEND_ENCAPS_VAR_DOLLAR_CURLY_VAR_VAR)) {
9964 if ((encaps_var->kind == ZEND_AST_VAR || encaps_var->kind == ZEND_AST_DIM) && (encaps_var->attr & ZEND_ENCAPS_VAR_DOLLAR_CURLY)) {
9965 zend_error(E_DEPRECATED, "Using ${var} in strings is deprecated, use {$var} instead");
9966 } else if (encaps_var->kind == ZEND_AST_VAR && (encaps_var->attr & ZEND_ENCAPS_VAR_DOLLAR_CURLY_VAR_VAR)) {
9967 zend_error(E_DEPRECATED, "Using ${expr} (variable variables) in strings is deprecated, use {${expr}} instead");
9968 }
9969 }
9970
9971 zend_compile_expr(&elem_node, encaps_var);
9972
9973 if (elem_node.op_type == IS_CONST) {
9974 convert_to_string(&elem_node.u.constant);
9975
9976 if (Z_STRLEN(elem_node.u.constant) == 0) {
9977 zval_ptr_dtor(&elem_node.u.constant);
9978 } else if (last_const_node.op_type == IS_CONST) {
9979 concat_function(&last_const_node.u.constant, &last_const_node.u.constant, &elem_node.u.constant);
9980 zval_ptr_dtor(&elem_node.u.constant);
9981 } else {
9982 last_const_node.op_type = IS_CONST;
9983 ZVAL_COPY_VALUE(&last_const_node.u.constant, &elem_node.u.constant);
9984 /* Reserve place for ZEND_ROPE_ADD instruction */
9985 reserved_op_number = get_next_op_number();
9986 opline = get_next_op();
9987 opline->opcode = ZEND_NOP;
9988 }
9989 continue;
9990 } else {
9991 if (j == 0) {
9992 if (last_const_node.op_type == IS_CONST) {
9993 rope_init_lineno = reserved_op_number;
9994 } else {
9995 rope_init_lineno = get_next_op_number();
9996 }
9997 }
9998 if (last_const_node.op_type == IS_CONST) {
9999 opline = &CG(active_op_array)->opcodes[reserved_op_number];
10000 zend_compile_rope_add_ex(opline, result, j++, &last_const_node);
10001 last_const_node.op_type = IS_UNUSED;
10002 }
10003 opline = zend_compile_rope_add(result, j++, &elem_node);
10004 }
10005 }
10006
10007 if (j == 0) {
10008 result->op_type = IS_CONST;
10009 if (last_const_node.op_type == IS_CONST) {
10010 ZVAL_COPY_VALUE(&result->u.constant, &last_const_node.u.constant);
10011 } else {
10012 ZVAL_EMPTY_STRING(&result->u.constant);
10013 /* empty string */
10014 }
10015 CG(active_op_array)->last = reserved_op_number - 1;
10016 return;
10017 } else if (last_const_node.op_type == IS_CONST) {
10018 opline = &CG(active_op_array)->opcodes[reserved_op_number];
10019 opline = zend_compile_rope_add_ex(opline, result, j++, &last_const_node);
10020 }
10021 init_opline = CG(active_op_array)->opcodes + rope_init_lineno;
10022 if (j == 1) {
10023 if (opline->op2_type == IS_CONST) {
10024 GET_NODE(result, opline->op2);
10025 MAKE_NOP(opline);
10026 } else {
10027 opline->opcode = ZEND_CAST;
10028 opline->extended_value = IS_STRING;
10029 opline->op1_type = opline->op2_type;
10030 opline->op1 = opline->op2;
10031 SET_UNUSED(opline->op2);
10032 zend_make_tmp_result(result, opline);
10033 }
10034 } else if (j == 2) {
10035 opline->opcode = ZEND_FAST_CONCAT;
10036 opline->extended_value = 0;
10037 opline->op1_type = init_opline->op2_type;
10038 opline->op1 = init_opline->op2;
10039 zend_make_tmp_result(result, opline);
10040 MAKE_NOP(init_opline);
10041 } else {
10042 uint32_t var;
10043
10044 init_opline->extended_value = j;
10045 opline->opcode = ZEND_ROPE_END;
10046 zend_make_tmp_result(result, opline);
10047 var = opline->op1.var = get_temporary_variable();
10048
10049 /* Allocates the necessary number of zval slots to keep the rope */
10050 i = ((j * sizeof(zend_string*)) + (sizeof(zval) - 1)) / sizeof(zval);
10051 while (i > 1) {
10052 get_temporary_variable();
10053 i--;
10054 }
10055
10056 /* Update all the previous opcodes to use the same variable */
10057 while (opline != init_opline) {
10058 opline--;
10059 if (opline->opcode == ZEND_ROPE_ADD &&
10060 opline->result.var == (uint32_t)-1) {
10061 opline->op1.var = var;
10062 opline->result.var = var;
10063 } else if (opline->opcode == ZEND_ROPE_INIT &&
10064 opline->result.var == (uint32_t)-1) {
10065 opline->result.var = var;
10066 }
10067 }
10068 }
10069 }
10070 /* }}} */
10071
zend_compile_magic_const(znode * result,zend_ast * ast)10072 static void zend_compile_magic_const(znode *result, zend_ast *ast) /* {{{ */
10073 {
10074 zend_op *opline;
10075
10076 if (zend_try_ct_eval_magic_const(&result->u.constant, ast)) {
10077 result->op_type = IS_CONST;
10078 return;
10079 }
10080
10081 ZEND_ASSERT(ast->attr == T_CLASS_C &&
10082 CG(active_class_entry) &&
10083 (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) != 0);
10084
10085 opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, NULL, NULL);
10086 opline->op1.num = ZEND_FETCH_CLASS_SELF;
10087 }
10088 /* }}} */
10089
zend_is_allowed_in_const_expr(zend_ast_kind kind)10090 static bool zend_is_allowed_in_const_expr(zend_ast_kind kind) /* {{{ */
10091 {
10092 return kind == ZEND_AST_ZVAL || kind == ZEND_AST_BINARY_OP
10093 || kind == ZEND_AST_GREATER || kind == ZEND_AST_GREATER_EQUAL
10094 || kind == ZEND_AST_AND || kind == ZEND_AST_OR
10095 || kind == ZEND_AST_UNARY_OP
10096 || kind == ZEND_AST_UNARY_PLUS || kind == ZEND_AST_UNARY_MINUS
10097 || kind == ZEND_AST_CONDITIONAL || kind == ZEND_AST_DIM
10098 || kind == ZEND_AST_ARRAY || kind == ZEND_AST_ARRAY_ELEM
10099 || kind == ZEND_AST_UNPACK
10100 || kind == ZEND_AST_CONST || kind == ZEND_AST_CLASS_CONST
10101 || kind == ZEND_AST_CLASS_NAME
10102 || kind == ZEND_AST_MAGIC_CONST || kind == ZEND_AST_COALESCE
10103 || kind == ZEND_AST_CONST_ENUM_INIT
10104 || kind == ZEND_AST_NEW || kind == ZEND_AST_ARG_LIST
10105 || kind == ZEND_AST_NAMED_ARG
10106 || kind == ZEND_AST_PROP || kind == ZEND_AST_NULLSAFE_PROP;
10107 }
10108 /* }}} */
10109
zend_compile_const_expr_class_const(zend_ast ** ast_ptr)10110 static void zend_compile_const_expr_class_const(zend_ast **ast_ptr) /* {{{ */
10111 {
10112 zend_ast *ast = *ast_ptr;
10113 zend_ast *class_ast = ast->child[0];
10114 zend_string *class_name;
10115 int fetch_type;
10116
10117 if (class_ast->kind != ZEND_AST_ZVAL) {
10118 zend_error_noreturn(E_COMPILE_ERROR,
10119 "Dynamic class names are not allowed in compile-time class constant references");
10120 }
10121 if (Z_TYPE_P(zend_ast_get_zval(class_ast)) != IS_STRING) {
10122 zend_throw_error(NULL, "Class name must be a valid object or a string");
10123 }
10124
10125 class_name = zend_ast_get_str(class_ast);
10126 fetch_type = zend_get_class_fetch_type(class_name);
10127
10128 if (ZEND_FETCH_CLASS_STATIC == fetch_type) {
10129 zend_error_noreturn(E_COMPILE_ERROR,
10130 "\"static::\" is not allowed in compile-time constants");
10131 }
10132
10133 if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
10134 zend_string *tmp = zend_resolve_class_name_ast(class_ast);
10135
10136 zend_string_release_ex(class_name, 0);
10137 if (tmp != class_name) {
10138 zval *zv = zend_ast_get_zval(class_ast);
10139 ZVAL_STR(zv, tmp);
10140 class_ast->attr = ZEND_NAME_FQ;
10141 }
10142 }
10143
10144 ast->attr |= ZEND_FETCH_CLASS_EXCEPTION;
10145 }
10146 /* }}} */
10147
zend_compile_const_expr_class_name(zend_ast ** ast_ptr)10148 static void zend_compile_const_expr_class_name(zend_ast **ast_ptr) /* {{{ */
10149 {
10150 zend_ast *ast = *ast_ptr;
10151 zend_ast *class_ast = ast->child[0];
10152 if (class_ast->kind != ZEND_AST_ZVAL) {
10153 zend_error_noreturn(E_COMPILE_ERROR,
10154 "(expression)::class cannot be used in constant expressions");
10155 }
10156
10157 zend_string *class_name = zend_ast_get_str(class_ast);
10158 uint32_t fetch_type = zend_get_class_fetch_type(class_name);
10159
10160 switch (fetch_type) {
10161 case ZEND_FETCH_CLASS_SELF:
10162 case ZEND_FETCH_CLASS_PARENT:
10163 /* For the const-eval representation store the fetch type instead of the name. */
10164 zend_string_release(class_name);
10165 ast->child[0] = NULL;
10166 ast->attr = fetch_type;
10167 return;
10168 case ZEND_FETCH_CLASS_STATIC:
10169 zend_error_noreturn(E_COMPILE_ERROR,
10170 "static::class cannot be used for compile-time class name resolution");
10171 return;
10172 EMPTY_SWITCH_DEFAULT_CASE()
10173 }
10174 }
10175
zend_compile_const_expr_const(zend_ast ** ast_ptr)10176 static void zend_compile_const_expr_const(zend_ast **ast_ptr) /* {{{ */
10177 {
10178 zend_ast *ast = *ast_ptr;
10179 zend_ast *name_ast = ast->child[0];
10180 zend_string *orig_name = zend_ast_get_str(name_ast);
10181 bool is_fully_qualified;
10182 zval result;
10183 zend_string *resolved_name;
10184
10185 CG(zend_lineno) = zend_ast_get_lineno(ast);
10186
10187 resolved_name = zend_resolve_const_name(
10188 orig_name, name_ast->attr, &is_fully_qualified);
10189
10190 if (zend_try_ct_eval_const(&result, resolved_name, is_fully_qualified)) {
10191 zend_string_release_ex(resolved_name, 0);
10192 zend_ast_destroy(ast);
10193 *ast_ptr = zend_ast_create_zval(&result);
10194 return;
10195 }
10196
10197 zend_ast_destroy(ast);
10198 *ast_ptr = zend_ast_create_constant(resolved_name,
10199 !is_fully_qualified && FC(current_namespace) ? IS_CONSTANT_UNQUALIFIED_IN_NAMESPACE : 0);
10200 }
10201 /* }}} */
10202
zend_compile_const_expr_magic_const(zend_ast ** ast_ptr)10203 static void zend_compile_const_expr_magic_const(zend_ast **ast_ptr) /* {{{ */
10204 {
10205 zend_ast *ast = *ast_ptr;
10206
10207 /* Other cases already resolved by constant folding */
10208 ZEND_ASSERT(ast->attr == T_CLASS_C);
10209
10210 zend_ast_destroy(ast);
10211 *ast_ptr = zend_ast_create(ZEND_AST_CONSTANT_CLASS);
10212 }
10213 /* }}} */
10214
zend_compile_const_expr_new(zend_ast ** ast_ptr)10215 static void zend_compile_const_expr_new(zend_ast **ast_ptr)
10216 {
10217 zend_ast *class_ast = (*ast_ptr)->child[0];
10218 if (class_ast->kind == ZEND_AST_CLASS) {
10219 zend_error_noreturn(E_COMPILE_ERROR,
10220 "Cannot use anonymous class in constant expression");
10221 }
10222 if (class_ast->kind != ZEND_AST_ZVAL) {
10223 zend_error_noreturn(E_COMPILE_ERROR,
10224 "Cannot use dynamic class name in constant expression");
10225 }
10226
10227 zend_string *class_name = zend_resolve_class_name_ast(class_ast);
10228 int fetch_type = zend_get_class_fetch_type(class_name);
10229 if (ZEND_FETCH_CLASS_STATIC == fetch_type) {
10230 zend_error_noreturn(E_COMPILE_ERROR,
10231 "\"static\" is not allowed in compile-time constants");
10232 }
10233
10234 zval *class_ast_zv = zend_ast_get_zval(class_ast);
10235 zval_ptr_dtor_nogc(class_ast_zv);
10236 ZVAL_STR(class_ast_zv, class_name);
10237 class_ast->attr = fetch_type << ZEND_CONST_EXPR_NEW_FETCH_TYPE_SHIFT;
10238 }
10239
zend_compile_const_expr_args(zend_ast ** ast_ptr)10240 static void zend_compile_const_expr_args(zend_ast **ast_ptr)
10241 {
10242 zend_ast_list *list = zend_ast_get_list(*ast_ptr);
10243 bool uses_named_args = false;
10244 for (uint32_t i = 0; i < list->children; i++) {
10245 zend_ast *arg = list->child[i];
10246 if (arg->kind == ZEND_AST_UNPACK) {
10247 zend_error_noreturn(E_COMPILE_ERROR,
10248 "Argument unpacking in constant expressions is not supported");
10249 }
10250 if (arg->kind == ZEND_AST_NAMED_ARG) {
10251 uses_named_args = true;
10252 } else if (uses_named_args) {
10253 zend_error_noreturn(E_COMPILE_ERROR,
10254 "Cannot use positional argument after named argument");
10255 }
10256 }
10257 if (uses_named_args) {
10258 list->attr = 1;
10259 }
10260 }
10261
10262 typedef struct {
10263 /* Whether the value of this expression may differ on each evaluation. */
10264 bool allow_dynamic;
10265 } const_expr_context;
10266
zend_compile_const_expr(zend_ast ** ast_ptr,void * context)10267 static void zend_compile_const_expr(zend_ast **ast_ptr, void *context) /* {{{ */
10268 {
10269 const_expr_context *ctx = (const_expr_context *) context;
10270 zend_ast *ast = *ast_ptr;
10271 if (ast == NULL || ast->kind == ZEND_AST_ZVAL) {
10272 return;
10273 }
10274
10275 if (!zend_is_allowed_in_const_expr(ast->kind)) {
10276 zend_error_noreturn(E_COMPILE_ERROR, "Constant expression contains invalid operations");
10277 }
10278
10279 switch (ast->kind) {
10280 case ZEND_AST_CLASS_CONST:
10281 zend_compile_const_expr_class_const(ast_ptr);
10282 break;
10283 case ZEND_AST_CLASS_NAME:
10284 zend_compile_const_expr_class_name(ast_ptr);
10285 break;
10286 case ZEND_AST_CONST:
10287 zend_compile_const_expr_const(ast_ptr);
10288 break;
10289 case ZEND_AST_MAGIC_CONST:
10290 zend_compile_const_expr_magic_const(ast_ptr);
10291 break;
10292 case ZEND_AST_NEW:
10293 if (!ctx->allow_dynamic) {
10294 zend_error_noreturn(E_COMPILE_ERROR,
10295 "New expressions are not supported in this context");
10296 }
10297 zend_compile_const_expr_new(ast_ptr);
10298 break;
10299 case ZEND_AST_ARG_LIST:
10300 zend_compile_const_expr_args(ast_ptr);
10301 break;
10302 }
10303
10304 zend_ast_apply(ast, zend_compile_const_expr, context);
10305 }
10306 /* }}} */
10307
zend_const_expr_to_zval(zval * result,zend_ast ** ast_ptr,bool allow_dynamic)10308 void zend_const_expr_to_zval(zval *result, zend_ast **ast_ptr, bool allow_dynamic) /* {{{ */
10309 {
10310 const_expr_context context;
10311 context.allow_dynamic = allow_dynamic;
10312
10313 zend_eval_const_expr(ast_ptr);
10314 zend_compile_const_expr(ast_ptr, &context);
10315 if ((*ast_ptr)->kind != ZEND_AST_ZVAL) {
10316 /* Replace with compiled AST zval representation. */
10317 zval ast_zv;
10318 ZVAL_AST(&ast_zv, zend_ast_copy(*ast_ptr));
10319 zend_ast_destroy(*ast_ptr);
10320 *ast_ptr = zend_ast_create_zval(&ast_zv);
10321 }
10322 ZVAL_COPY(result, zend_ast_get_zval(*ast_ptr));
10323 }
10324 /* }}} */
10325
10326 /* Same as compile_stmt, but with early binding */
zend_compile_top_stmt(zend_ast * ast)10327 void zend_compile_top_stmt(zend_ast *ast) /* {{{ */
10328 {
10329 if (!ast) {
10330 return;
10331 }
10332
10333 if (ast->kind == ZEND_AST_STMT_LIST) {
10334 zend_ast_list *list = zend_ast_get_list(ast);
10335 uint32_t i;
10336 for (i = 0; i < list->children; ++i) {
10337 zend_compile_top_stmt(list->child[i]);
10338 }
10339 return;
10340 }
10341
10342 if (ast->kind == ZEND_AST_FUNC_DECL) {
10343 CG(zend_lineno) = ast->lineno;
10344 zend_compile_func_decl(NULL, ast, 1);
10345 CG(zend_lineno) = ((zend_ast_decl *) ast)->end_lineno;
10346 } else if (ast->kind == ZEND_AST_CLASS) {
10347 CG(zend_lineno) = ast->lineno;
10348 zend_compile_class_decl(NULL, ast, 1);
10349 CG(zend_lineno) = ((zend_ast_decl *) ast)->end_lineno;
10350 } else {
10351 zend_compile_stmt(ast);
10352 }
10353 if (ast->kind != ZEND_AST_NAMESPACE && ast->kind != ZEND_AST_HALT_COMPILER) {
10354 zend_verify_namespace();
10355 }
10356 }
10357 /* }}} */
10358
zend_compile_stmt(zend_ast * ast)10359 static void zend_compile_stmt(zend_ast *ast) /* {{{ */
10360 {
10361 if (!ast) {
10362 return;
10363 }
10364
10365 CG(zend_lineno) = ast->lineno;
10366
10367 if ((CG(compiler_options) & ZEND_COMPILE_EXTENDED_STMT) && !zend_is_unticked_stmt(ast)) {
10368 zend_do_extended_stmt();
10369 }
10370
10371 switch (ast->kind) {
10372 case ZEND_AST_STMT_LIST:
10373 zend_compile_stmt_list(ast);
10374 break;
10375 case ZEND_AST_GLOBAL:
10376 zend_compile_global_var(ast);
10377 break;
10378 case ZEND_AST_STATIC:
10379 zend_compile_static_var(ast);
10380 break;
10381 case ZEND_AST_UNSET:
10382 zend_compile_unset(ast);
10383 break;
10384 case ZEND_AST_RETURN:
10385 zend_compile_return(ast);
10386 break;
10387 case ZEND_AST_ECHO:
10388 zend_compile_echo(ast);
10389 break;
10390 case ZEND_AST_BREAK:
10391 case ZEND_AST_CONTINUE:
10392 zend_compile_break_continue(ast);
10393 break;
10394 case ZEND_AST_GOTO:
10395 zend_compile_goto(ast);
10396 break;
10397 case ZEND_AST_LABEL:
10398 zend_compile_label(ast);
10399 break;
10400 case ZEND_AST_WHILE:
10401 zend_compile_while(ast);
10402 break;
10403 case ZEND_AST_DO_WHILE:
10404 zend_compile_do_while(ast);
10405 break;
10406 case ZEND_AST_FOR:
10407 zend_compile_for(ast);
10408 break;
10409 case ZEND_AST_FOREACH:
10410 zend_compile_foreach(ast);
10411 break;
10412 case ZEND_AST_IF:
10413 zend_compile_if(ast);
10414 break;
10415 case ZEND_AST_SWITCH:
10416 zend_compile_switch(ast);
10417 break;
10418 case ZEND_AST_TRY:
10419 zend_compile_try(ast);
10420 break;
10421 case ZEND_AST_DECLARE:
10422 zend_compile_declare(ast);
10423 break;
10424 case ZEND_AST_FUNC_DECL:
10425 case ZEND_AST_METHOD:
10426 zend_compile_func_decl(NULL, ast, 0);
10427 break;
10428 case ZEND_AST_ENUM_CASE:
10429 zend_compile_enum_case(ast);
10430 break;
10431 case ZEND_AST_PROP_GROUP:
10432 zend_compile_prop_group(ast);
10433 break;
10434 case ZEND_AST_CLASS_CONST_GROUP:
10435 zend_compile_class_const_group(ast);
10436 break;
10437 case ZEND_AST_USE_TRAIT:
10438 zend_compile_use_trait(ast);
10439 break;
10440 case ZEND_AST_CLASS:
10441 zend_compile_class_decl(NULL, ast, 0);
10442 break;
10443 case ZEND_AST_GROUP_USE:
10444 zend_compile_group_use(ast);
10445 break;
10446 case ZEND_AST_USE:
10447 zend_compile_use(ast);
10448 break;
10449 case ZEND_AST_CONST_DECL:
10450 zend_compile_const_decl(ast);
10451 break;
10452 case ZEND_AST_NAMESPACE:
10453 zend_compile_namespace(ast);
10454 break;
10455 case ZEND_AST_HALT_COMPILER:
10456 zend_compile_halt_compiler(ast);
10457 break;
10458 case ZEND_AST_THROW:
10459 case ZEND_AST_EXIT:
10460 zend_compile_expr(NULL, ast);
10461 break;
10462 default:
10463 {
10464 znode result;
10465 zend_compile_expr(&result, ast);
10466 zend_do_free(&result);
10467 }
10468 }
10469
10470 if (FC(declarables).ticks && !zend_is_unticked_stmt(ast)) {
10471 zend_emit_tick();
10472 }
10473 }
10474 /* }}} */
10475
zend_compile_expr_inner(znode * result,zend_ast * ast)10476 static void zend_compile_expr_inner(znode *result, zend_ast *ast) /* {{{ */
10477 {
10478 /* CG(zend_lineno) = ast->lineno; */
10479 CG(zend_lineno) = zend_ast_get_lineno(ast);
10480
10481 if (CG(memoize_mode) != ZEND_MEMOIZE_NONE) {
10482 zend_compile_memoized_expr(result, ast);
10483 return;
10484 }
10485
10486 switch (ast->kind) {
10487 case ZEND_AST_ZVAL:
10488 ZVAL_COPY(&result->u.constant, zend_ast_get_zval(ast));
10489 result->op_type = IS_CONST;
10490 return;
10491 case ZEND_AST_ZNODE:
10492 *result = *zend_ast_get_znode(ast);
10493 return;
10494 case ZEND_AST_VAR:
10495 case ZEND_AST_DIM:
10496 case ZEND_AST_PROP:
10497 case ZEND_AST_NULLSAFE_PROP:
10498 case ZEND_AST_STATIC_PROP:
10499 case ZEND_AST_CALL:
10500 case ZEND_AST_METHOD_CALL:
10501 case ZEND_AST_NULLSAFE_METHOD_CALL:
10502 case ZEND_AST_STATIC_CALL:
10503 zend_compile_var(result, ast, BP_VAR_R, 0);
10504 return;
10505 case ZEND_AST_ASSIGN:
10506 zend_compile_assign(result, ast);
10507 return;
10508 case ZEND_AST_ASSIGN_REF:
10509 zend_compile_assign_ref(result, ast);
10510 return;
10511 case ZEND_AST_NEW:
10512 zend_compile_new(result, ast);
10513 return;
10514 case ZEND_AST_CLONE:
10515 zend_compile_clone(result, ast);
10516 return;
10517 case ZEND_AST_ASSIGN_OP:
10518 zend_compile_compound_assign(result, ast);
10519 return;
10520 case ZEND_AST_BINARY_OP:
10521 zend_compile_binary_op(result, ast);
10522 return;
10523 case ZEND_AST_GREATER:
10524 case ZEND_AST_GREATER_EQUAL:
10525 zend_compile_greater(result, ast);
10526 return;
10527 case ZEND_AST_UNARY_OP:
10528 zend_compile_unary_op(result, ast);
10529 return;
10530 case ZEND_AST_UNARY_PLUS:
10531 case ZEND_AST_UNARY_MINUS:
10532 zend_compile_unary_pm(result, ast);
10533 return;
10534 case ZEND_AST_AND:
10535 case ZEND_AST_OR:
10536 zend_compile_short_circuiting(result, ast);
10537 return;
10538 case ZEND_AST_POST_INC:
10539 case ZEND_AST_POST_DEC:
10540 zend_compile_post_incdec(result, ast);
10541 return;
10542 case ZEND_AST_PRE_INC:
10543 case ZEND_AST_PRE_DEC:
10544 zend_compile_pre_incdec(result, ast);
10545 return;
10546 case ZEND_AST_CAST:
10547 zend_compile_cast(result, ast);
10548 return;
10549 case ZEND_AST_CONDITIONAL:
10550 zend_compile_conditional(result, ast);
10551 return;
10552 case ZEND_AST_COALESCE:
10553 zend_compile_coalesce(result, ast);
10554 return;
10555 case ZEND_AST_ASSIGN_COALESCE:
10556 zend_compile_assign_coalesce(result, ast);
10557 return;
10558 case ZEND_AST_PRINT:
10559 zend_compile_print(result, ast);
10560 return;
10561 case ZEND_AST_EXIT:
10562 zend_compile_exit(result, ast);
10563 return;
10564 case ZEND_AST_YIELD:
10565 zend_compile_yield(result, ast);
10566 return;
10567 case ZEND_AST_YIELD_FROM:
10568 zend_compile_yield_from(result, ast);
10569 return;
10570 case ZEND_AST_INSTANCEOF:
10571 zend_compile_instanceof(result, ast);
10572 return;
10573 case ZEND_AST_INCLUDE_OR_EVAL:
10574 zend_compile_include_or_eval(result, ast);
10575 return;
10576 case ZEND_AST_ISSET:
10577 case ZEND_AST_EMPTY:
10578 zend_compile_isset_or_empty(result, ast);
10579 return;
10580 case ZEND_AST_SILENCE:
10581 zend_compile_silence(result, ast);
10582 return;
10583 case ZEND_AST_SHELL_EXEC:
10584 zend_compile_shell_exec(result, ast);
10585 return;
10586 case ZEND_AST_ARRAY:
10587 zend_compile_array(result, ast);
10588 return;
10589 case ZEND_AST_CONST:
10590 zend_compile_const(result, ast);
10591 return;
10592 case ZEND_AST_CLASS_CONST:
10593 zend_compile_class_const(result, ast);
10594 return;
10595 case ZEND_AST_CLASS_NAME:
10596 zend_compile_class_name(result, ast);
10597 return;
10598 case ZEND_AST_ENCAPS_LIST:
10599 zend_compile_encaps_list(result, ast);
10600 return;
10601 case ZEND_AST_MAGIC_CONST:
10602 zend_compile_magic_const(result, ast);
10603 return;
10604 case ZEND_AST_CLOSURE:
10605 case ZEND_AST_ARROW_FUNC:
10606 zend_compile_func_decl(result, ast, 0);
10607 return;
10608 case ZEND_AST_THROW:
10609 zend_compile_throw(result, ast);
10610 return;
10611 case ZEND_AST_MATCH:
10612 zend_compile_match(result, ast);
10613 return;
10614 default:
10615 ZEND_ASSERT(0 /* not supported */);
10616 }
10617 }
10618 /* }}} */
10619
zend_compile_expr(znode * result,zend_ast * ast)10620 static void zend_compile_expr(znode *result, zend_ast *ast)
10621 {
10622 zend_check_stack_limit();
10623
10624 uint32_t checkpoint = zend_short_circuiting_checkpoint();
10625 zend_compile_expr_inner(result, ast);
10626 zend_short_circuiting_commit(checkpoint, result, ast);
10627 }
10628
zend_compile_var_inner(znode * result,zend_ast * ast,uint32_t type,bool by_ref)10629 static zend_op *zend_compile_var_inner(znode *result, zend_ast *ast, uint32_t type, bool by_ref)
10630 {
10631 CG(zend_lineno) = zend_ast_get_lineno(ast);
10632
10633 if (CG(memoize_mode) != ZEND_MEMOIZE_NONE) {
10634 switch (ast->kind) {
10635 case ZEND_AST_CALL:
10636 case ZEND_AST_METHOD_CALL:
10637 case ZEND_AST_NULLSAFE_METHOD_CALL:
10638 case ZEND_AST_STATIC_CALL:
10639 zend_compile_memoized_expr(result, ast);
10640 /* This might not actually produce an opcode, e.g. for expressions evaluated at comptime. */
10641 return NULL;
10642 }
10643 }
10644
10645 switch (ast->kind) {
10646 case ZEND_AST_VAR:
10647 return zend_compile_simple_var(result, ast, type, 0);
10648 case ZEND_AST_DIM:
10649 return zend_compile_dim(result, ast, type, by_ref);
10650 case ZEND_AST_PROP:
10651 case ZEND_AST_NULLSAFE_PROP:
10652 return zend_compile_prop(result, ast, type, by_ref);
10653 case ZEND_AST_STATIC_PROP:
10654 return zend_compile_static_prop(result, ast, type, by_ref, 0);
10655 case ZEND_AST_CALL:
10656 zend_compile_call(result, ast, type);
10657 return NULL;
10658 case ZEND_AST_METHOD_CALL:
10659 case ZEND_AST_NULLSAFE_METHOD_CALL:
10660 zend_compile_method_call(result, ast, type);
10661 return NULL;
10662 case ZEND_AST_STATIC_CALL:
10663 zend_compile_static_call(result, ast, type);
10664 return NULL;
10665 case ZEND_AST_ZNODE:
10666 *result = *zend_ast_get_znode(ast);
10667 return NULL;
10668 default:
10669 if (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET) {
10670 zend_error_noreturn(E_COMPILE_ERROR,
10671 "Cannot use temporary expression in write context");
10672 }
10673
10674 zend_compile_expr(result, ast);
10675 return NULL;
10676 }
10677 }
10678
zend_compile_var(znode * result,zend_ast * ast,uint32_t type,bool by_ref)10679 static zend_op *zend_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
10680 {
10681 uint32_t checkpoint = zend_short_circuiting_checkpoint();
10682 zend_op *opcode = zend_compile_var_inner(result, ast, type, by_ref);
10683 zend_short_circuiting_commit(checkpoint, result, ast);
10684 return opcode;
10685 }
10686
zend_delayed_compile_var(znode * result,zend_ast * ast,uint32_t type,bool by_ref)10687 static zend_op *zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
10688 {
10689 switch (ast->kind) {
10690 case ZEND_AST_VAR:
10691 return zend_compile_simple_var(result, ast, type, 1);
10692 case ZEND_AST_DIM:
10693 return zend_delayed_compile_dim(result, ast, type, by_ref);
10694 case ZEND_AST_PROP:
10695 case ZEND_AST_NULLSAFE_PROP:
10696 {
10697 zend_op *opline = zend_delayed_compile_prop(result, ast, type);
10698 if (by_ref) {
10699 opline->extended_value |= ZEND_FETCH_REF;
10700 }
10701 return opline;
10702 }
10703 case ZEND_AST_STATIC_PROP:
10704 return zend_compile_static_prop(result, ast, type, by_ref, 1);
10705 default:
10706 return zend_compile_var(result, ast, type, 0);
10707 }
10708 }
10709 /* }}} */
10710
zend_eval_const_expr(zend_ast ** ast_ptr)10711 static void zend_eval_const_expr(zend_ast **ast_ptr) /* {{{ */
10712 {
10713 zend_ast *ast = *ast_ptr;
10714 zval result;
10715
10716 if (!ast) {
10717 return;
10718 }
10719
10720 zend_check_stack_limit();
10721
10722 switch (ast->kind) {
10723 case ZEND_AST_BINARY_OP:
10724 zend_eval_const_expr(&ast->child[0]);
10725 zend_eval_const_expr(&ast->child[1]);
10726 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
10727 return;
10728 }
10729
10730 if (!zend_try_ct_eval_binary_op(&result, ast->attr,
10731 zend_ast_get_zval(ast->child[0]), zend_ast_get_zval(ast->child[1]))
10732 ) {
10733 return;
10734 }
10735 break;
10736 case ZEND_AST_GREATER:
10737 case ZEND_AST_GREATER_EQUAL:
10738 zend_eval_const_expr(&ast->child[0]);
10739 zend_eval_const_expr(&ast->child[1]);
10740 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
10741 return;
10742 }
10743
10744 zend_ct_eval_greater(&result, ast->kind,
10745 zend_ast_get_zval(ast->child[0]), zend_ast_get_zval(ast->child[1]));
10746 break;
10747 case ZEND_AST_AND:
10748 case ZEND_AST_OR:
10749 {
10750 bool child0_is_true, child1_is_true;
10751 zend_eval_const_expr(&ast->child[0]);
10752 zend_eval_const_expr(&ast->child[1]);
10753 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10754 return;
10755 }
10756
10757 child0_is_true = zend_is_true(zend_ast_get_zval(ast->child[0]));
10758 if (child0_is_true == (ast->kind == ZEND_AST_OR)) {
10759 ZVAL_BOOL(&result, ast->kind == ZEND_AST_OR);
10760 break;
10761 }
10762
10763 if (ast->child[1]->kind != ZEND_AST_ZVAL) {
10764 return;
10765 }
10766
10767 child1_is_true = zend_is_true(zend_ast_get_zval(ast->child[1]));
10768 if (ast->kind == ZEND_AST_OR) {
10769 ZVAL_BOOL(&result, child0_is_true || child1_is_true);
10770 } else {
10771 ZVAL_BOOL(&result, child0_is_true && child1_is_true);
10772 }
10773 break;
10774 }
10775 case ZEND_AST_UNARY_OP:
10776 zend_eval_const_expr(&ast->child[0]);
10777 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10778 return;
10779 }
10780
10781 if (!zend_try_ct_eval_unary_op(&result, ast->attr, zend_ast_get_zval(ast->child[0]))) {
10782 return;
10783 }
10784 break;
10785 case ZEND_AST_UNARY_PLUS:
10786 case ZEND_AST_UNARY_MINUS:
10787 zend_eval_const_expr(&ast->child[0]);
10788 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10789 return;
10790 }
10791
10792 if (!zend_try_ct_eval_unary_pm(&result, ast->kind, zend_ast_get_zval(ast->child[0]))) {
10793 return;
10794 }
10795 break;
10796 case ZEND_AST_COALESCE:
10797 /* Set isset fetch indicator here, opcache disallows runtime altering of the AST */
10798 if (ast->child[0]->kind == ZEND_AST_DIM) {
10799 ast->child[0]->attr |= ZEND_DIM_IS;
10800 }
10801 zend_eval_const_expr(&ast->child[0]);
10802
10803 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10804 /* ensure everything was compile-time evaluated at least once */
10805 zend_eval_const_expr(&ast->child[1]);
10806 return;
10807 }
10808
10809 if (Z_TYPE_P(zend_ast_get_zval(ast->child[0])) == IS_NULL) {
10810 zend_eval_const_expr(&ast->child[1]);
10811 *ast_ptr = ast->child[1];
10812 ast->child[1] = NULL;
10813 zend_ast_destroy(ast);
10814 } else {
10815 *ast_ptr = ast->child[0];
10816 ast->child[0] = NULL;
10817 zend_ast_destroy(ast);
10818 }
10819 return;
10820 case ZEND_AST_CONDITIONAL:
10821 {
10822 zend_ast **child, *child_ast;
10823 zend_eval_const_expr(&ast->child[0]);
10824 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
10825 /* ensure everything was compile-time evaluated at least once */
10826 if (ast->child[1]) {
10827 zend_eval_const_expr(&ast->child[1]);
10828 }
10829 zend_eval_const_expr(&ast->child[2]);
10830 return;
10831 }
10832
10833 child = &ast->child[2 - zend_is_true(zend_ast_get_zval(ast->child[0]))];
10834 if (*child == NULL) {
10835 child--;
10836 }
10837 child_ast = *child;
10838 *child = NULL;
10839 zend_ast_destroy(ast);
10840 *ast_ptr = child_ast;
10841 zend_eval_const_expr(ast_ptr);
10842 return;
10843 }
10844 case ZEND_AST_DIM:
10845 {
10846 /* constant expression should be always read context ... */
10847 zval *container, *dim;
10848
10849 if (ast->child[1] == NULL) {
10850 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
10851 }
10852
10853 if (ast->attr & ZEND_DIM_ALTERNATIVE_SYNTAX) {
10854 ast->attr &= ~ZEND_DIM_ALTERNATIVE_SYNTAX; /* remove flag to avoid duplicate warning */
10855 zend_error(E_COMPILE_ERROR, "Array and string offset access syntax with curly braces is no longer supported");
10856 }
10857
10858 /* Set isset fetch indicator here, opcache disallows runtime altering of the AST */
10859 if ((ast->attr & ZEND_DIM_IS) && ast->child[0]->kind == ZEND_AST_DIM) {
10860 ast->child[0]->attr |= ZEND_DIM_IS;
10861 }
10862
10863 zend_eval_const_expr(&ast->child[0]);
10864 zend_eval_const_expr(&ast->child[1]);
10865 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
10866 return;
10867 }
10868
10869 container = zend_ast_get_zval(ast->child[0]);
10870 dim = zend_ast_get_zval(ast->child[1]);
10871
10872 if (Z_TYPE_P(container) == IS_ARRAY) {
10873 zval *el;
10874 if (Z_TYPE_P(dim) == IS_LONG) {
10875 el = zend_hash_index_find(Z_ARR_P(container), Z_LVAL_P(dim));
10876 if (el) {
10877 ZVAL_COPY(&result, el);
10878 } else {
10879 return;
10880 }
10881 } else if (Z_TYPE_P(dim) == IS_STRING) {
10882 el = zend_symtable_find(Z_ARR_P(container), Z_STR_P(dim));
10883 if (el) {
10884 ZVAL_COPY(&result, el);
10885 } else {
10886 return;
10887 }
10888 } else {
10889 return; /* warning... handle at runtime */
10890 }
10891 } else if (Z_TYPE_P(container) == IS_STRING) {
10892 zend_long offset;
10893 uint8_t c;
10894 if (Z_TYPE_P(dim) == IS_LONG) {
10895 offset = Z_LVAL_P(dim);
10896 } else if (Z_TYPE_P(dim) != IS_STRING || is_numeric_string(Z_STRVAL_P(dim), Z_STRLEN_P(dim), &offset, NULL, 1) != IS_LONG) {
10897 return;
10898 }
10899 if (offset < 0 || (size_t)offset >= Z_STRLEN_P(container)) {
10900 return;
10901 }
10902 c = (uint8_t) Z_STRVAL_P(container)[offset];
10903 ZVAL_CHAR(&result, c);
10904 } else if (Z_TYPE_P(container) <= IS_FALSE) {
10905 return; /* warning... handle at runtime */
10906 } else {
10907 return;
10908 }
10909 break;
10910 }
10911 case ZEND_AST_ARRAY:
10912 if (!zend_try_ct_eval_array(&result, ast)) {
10913 return;
10914 }
10915 break;
10916 case ZEND_AST_MAGIC_CONST:
10917 if (!zend_try_ct_eval_magic_const(&result, ast)) {
10918 return;
10919 }
10920 break;
10921 case ZEND_AST_CONST:
10922 {
10923 zend_ast *name_ast = ast->child[0];
10924 bool is_fully_qualified;
10925 zend_string *resolved_name = zend_resolve_const_name(
10926 zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
10927
10928 if (!zend_try_ct_eval_const(&result, resolved_name, is_fully_qualified)) {
10929 zend_string_release_ex(resolved_name, 0);
10930 return;
10931 }
10932
10933 zend_string_release_ex(resolved_name, 0);
10934 break;
10935 }
10936 case ZEND_AST_CLASS_CONST:
10937 {
10938 zend_ast *class_ast;
10939 zend_ast *name_ast;
10940 zend_string *resolved_name;
10941
10942 zend_eval_const_expr(&ast->child[0]);
10943 zend_eval_const_expr(&ast->child[1]);
10944
10945 if (UNEXPECTED(ast->child[1]->kind != ZEND_AST_ZVAL
10946 || Z_TYPE_P(zend_ast_get_zval(ast->child[1])) != IS_STRING)) {
10947 return;
10948 }
10949
10950 class_ast = ast->child[0];
10951 name_ast = ast->child[1];
10952
10953 if (class_ast->kind != ZEND_AST_ZVAL || name_ast->kind != ZEND_AST_ZVAL) {
10954 return;
10955 }
10956
10957 resolved_name = zend_resolve_class_name_ast(class_ast);
10958 if (!zend_try_ct_eval_class_const(&result, resolved_name, zend_ast_get_str(name_ast))) {
10959 zend_string_release_ex(resolved_name, 0);
10960 return;
10961 }
10962
10963 zend_string_release_ex(resolved_name, 0);
10964 break;
10965 }
10966 case ZEND_AST_CLASS_NAME:
10967 {
10968 zend_ast *class_ast = ast->child[0];
10969 if (!zend_try_compile_const_expr_resolve_class_name(&result, class_ast)) {
10970 return;
10971 }
10972 break;
10973 }
10974 // TODO: We should probably use zend_ast_apply to recursively walk nodes without
10975 // special handling. It is required that all nodes that are part of a const expr
10976 // are visited. Probably we should be distinguishing evaluation of const expr and
10977 // normal exprs here.
10978 case ZEND_AST_ARG_LIST:
10979 {
10980 zend_ast_list *list = zend_ast_get_list(ast);
10981 for (uint32_t i = 0; i < list->children; i++) {
10982 zend_eval_const_expr(&list->child[i]);
10983 }
10984 return;
10985 }
10986 case ZEND_AST_NEW:
10987 zend_eval_const_expr(&ast->child[0]);
10988 zend_eval_const_expr(&ast->child[1]);
10989 return;
10990 case ZEND_AST_NAMED_ARG:
10991 zend_eval_const_expr(&ast->child[1]);
10992 return;
10993 case ZEND_AST_CONST_ENUM_INIT:
10994 zend_eval_const_expr(&ast->child[2]);
10995 return;
10996 case ZEND_AST_PROP:
10997 case ZEND_AST_NULLSAFE_PROP:
10998 zend_eval_const_expr(&ast->child[0]);
10999 zend_eval_const_expr(&ast->child[1]);
11000 return;
11001 default:
11002 return;
11003 }
11004
11005 zend_ast_destroy(ast);
11006 *ast_ptr = zend_ast_create_zval(&result);
11007 }
11008 /* }}} */
11009
