Such exceptions shouldn't be caught in the same function.
try {
return $class; // invalid return type
} catch (TypeError $e) {
- return "no leak or segfault";
+ return "BAG!";
}
}
}
-print foo();
-
+try {
+ print foo();
+} catch (TypeError $e) {
+ print "no leak or segfault";
+}
?>
--EXPECT--
no leak or segfault
--- /dev/null
+--TEST--
+Return types must not double free loop variables
+--FILE--
+<?php
+
+function foo(): string {
+ $a = [];
+ try {
+ return $a; // invalid return type
+ } catch (TypeError $e) {
+ echo "BAG!\n";
+ return "ops!\n";
+ }
+}
+try {
+ echo foo();
+} catch (TypeError $e) {
+ echo "OK\n";
+}
+
+?>
+--EXPECT--
+OK
--- /dev/null
+--TEST--
+Exception inside a foreach loop with on an object with destructor
+--FILE--
+<?php
+class bar {
+ public $foo = 1;
+ public $bar = 2;
+ function __destruct() {
+ throw new Exception("test");
+ }
+}
+function foo(): string {
+ foreach (new bar() as $foo) {
+ try {
+ $foo = new Exception;
+ return;
+ } catch (Exception $e) {
+ echo "Exception1: " . $e->getMessage() . "\n";
+ } catch (Error $e) {
+ echo "Error1: " . $e->getMessage() . "\n";
+ }
+ }
+ echo "bag!\n";
+}
+try {
+ foo();
+} catch (Throwable $e) {
+ echo (($e instanceof Exception) ? "Exception2: " : "Error2: ") .
+ $e->getMessage() . "\n";
+ $e = $e->getPrevious();
+ while ($e instanceof Throwable) {
+ echo "\tPrev " . (($e instanceof Exception) ? "Exception2: " : "Error2: ") .
+ $e->getMessage() . "\n";
+ $e = $e->getPrevious();
+ }
+}
+echo "ok\n";
+?>
+--EXPECTF--
+Exception2: test
+ Prev Error2: Return value of foo() must be of the type string, none returned in %stemporary_cleaning_008.php on line %d
+ok
--- /dev/null
+--TEST--
+Exception inside a foreach loop with on an object with destructor
+--FILE--
+<?php
+class bar {
+ public $foo = 1;
+ function __destruct() {
+ throw new Exception;
+ }
+}
+
+function foo() {
+ foreach (new bar() as &$foo) {
+ try {
+ $foo = new Exception;
+ return;
+ } catch (Exception $e) {
+ echo "Exception1\n";
+ }
+ }
+}
+try {
+ foo();
+} catch (Exception $e) {
+ echo "Exception2\n";
+}
+?>
+--EXPECT--
+Exception2
&& opline->opcode != ZEND_CASE
&& opline->opcode != ZEND_FE_FETCH_R
&& opline->opcode != ZEND_FE_FETCH_RW
- /* the following opcodes are not the "final" */
+ /* the following opcodes are parts of "return" statement */
+ && opline->opcode != ZEND_VERIFY_RETURN_TYPE
&& (opline->opcode != ZEND_FREE || !(opline->extended_value & ZEND_FREE_ON_RETURN))
&& (opline->opcode != ZEND_FE_FREE || !(opline->extended_value & ZEND_FREE_ON_RETURN))
) {
ZEND_VM_HANDLER(70, ZEND_FREE, TMPVAR, ANY)
{
+ zval *var;
USE_OPLINE
SAVE_OPLINE();
- zval_ptr_dtor_nogc(EX_VAR(opline->op1.var));
+ var = EX_VAR(opline->op1.var);
+ zval_ptr_dtor_nogc(var);
+ ZVAL_NULL(var);
ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
}
var = EX_VAR(opline->op1.var);
if (Z_TYPE_P(var) != IS_ARRAY && Z_FE_ITER_P(var) != (uint32_t)-1) {
zend_hash_iterator_del(Z_FE_ITER_P(var));
+ Z_FE_ITER_P(var) = (uint32_t)-1;
}
zval_ptr_dtor_nogc(var);
+ ZVAL_NULL(var);
ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
}
if (UNEXPECTED(EG(exception) != NULL)) {
FREE_OP1();
+ if (OP1_TYPE == IS_TMP_VAR || OP1_TYPE == IS_VAR) {
+ ZVAL_NULL(retval_ref);
+ }
}
#endif
}
}
}
+ if (catch_op_num || finally_op_num) {
+ if (EX(func)->op_array.opcodes[op_num].opcode == ZEND_VERIFY_RETURN_TYPE
+ || (EX(func)->op_array.opcodes[op_num].opcode == ZEND_FREE && (EX(func)->op_array.opcodes[op_num].extended_value & ZEND_FREE_ON_RETURN))
+ || (EX(func)->op_array.opcodes[op_num].opcode == ZEND_FE_FREE && (EX(func)->op_array.opcodes[op_num].extended_value & ZEND_FREE_ON_RETURN))
+ ) {
+ catch_op_num = finally_op_num = 0;
+ }
+ }
+
i_cleanup_unfinished_execution(execute_data, op_num, catch_op_num);
if (finally_op_num && (!catch_op_num || catch_op_num >= finally_op_num)) {
}
}
+ if (catch_op_num || finally_op_num) {
+ if (EX(func)->op_array.opcodes[op_num].opcode == ZEND_VERIFY_RETURN_TYPE
+ || (EX(func)->op_array.opcodes[op_num].opcode == ZEND_FREE && (EX(func)->op_array.opcodes[op_num].extended_value & ZEND_FREE_ON_RETURN))
+ || (EX(func)->op_array.opcodes[op_num].opcode == ZEND_FE_FREE && (EX(func)->op_array.opcodes[op_num].extended_value & ZEND_FREE_ON_RETURN))
+ ) {
+ catch_op_num = finally_op_num = 0;
+ }
+ }
+
i_cleanup_unfinished_execution(execute_data, op_num, catch_op_num);
if (finally_op_num && (!catch_op_num || catch_op_num >= finally_op_num)) {
if (UNEXPECTED(EG(exception) != NULL)) {
+ if (IS_CONST == IS_TMP_VAR || IS_CONST == IS_VAR) {
+ ZVAL_NULL(retval_ref);
+ }
}
#endif
}
if (UNEXPECTED(EG(exception) != NULL)) {
zval_ptr_dtor_nogc(free_op1);
+ if (IS_TMP_VAR == IS_TMP_VAR || IS_TMP_VAR == IS_VAR) {
+ ZVAL_NULL(retval_ref);
+ }
}
#endif
}
if (UNEXPECTED(EG(exception) != NULL)) {
zval_ptr_dtor_nogc(free_op1);
+ if (IS_VAR == IS_TMP_VAR || IS_VAR == IS_VAR) {
+ ZVAL_NULL(retval_ref);
+ }
}
#endif
}
if (UNEXPECTED(EG(exception) != NULL)) {
+ if (IS_UNUSED == IS_TMP_VAR || IS_UNUSED == IS_VAR) {
+ ZVAL_NULL(retval_ref);
+ }
}
#endif
}
if (UNEXPECTED(EG(exception) != NULL)) {
+ if (IS_CV == IS_TMP_VAR || IS_CV == IS_VAR) {
+ ZVAL_NULL(retval_ref);
+ }
}
#endif
}
static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FREE_SPEC_TMPVAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
{
+ zval *var;
USE_OPLINE
SAVE_OPLINE();
- zval_ptr_dtor_nogc(EX_VAR(opline->op1.var));
+ var = EX_VAR(opline->op1.var);
+ zval_ptr_dtor_nogc(var);
+ ZVAL_NULL(var);
ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
}
var = EX_VAR(opline->op1.var);
if (Z_TYPE_P(var) != IS_ARRAY && Z_FE_ITER_P(var) != (uint32_t)-1) {
zend_hash_iterator_del(Z_FE_ITER_P(var));
+ Z_FE_ITER_P(var) = (uint32_t)-1;
}
zval_ptr_dtor_nogc(var);
+ ZVAL_NULL(var);
ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
}
projects / php / commitdiff