From 453b49ed20a0d68173cfbe740eb8a3068f62121a Mon Sep 17 00:00:00 2001 From: Dmitry Stogov Date: Tue, 20 Apr 2010 11:16:39 +0000 Subject: [PATCH] Added a number of small performance tweaks and optimizations . ZEND_RECV now always has IS_CV as its result . ZEND_CATCH now has to be used only with constant class names . ZEND_FETCH_DIM_? may fetch array and dimension operans in a different order --- NEWS | 4 + Zend/tests/isset_003.phpt | 2 + Zend/tests/isset_003_2_4.phpt | 42 + Zend/zend.h | 57 +- Zend/zend_API.h | 75 +- Zend/zend_compile.c | 47 +- Zend/zend_compile.h | 3 +- Zend/zend_execute.c | 444 +- Zend/zend_execute.h | 59 +- Zend/zend_execute_API.c | 36 +- Zend/zend_iterators.c | 4 +- Zend/zend_language_parser.y | 16 +- Zend/zend_objects_API.h | 2 +- Zend/zend_ptr_stack.h | 12 +- Zend/zend_variables.h | 4 +- Zend/zend_vm_def.h | 1839 +++-- Zend/zend_vm_execute.h | 14081 ++++++++++++++++++-------------- Zend/zend_vm_execute.skl | 17 +- Zend/zend_vm_gen.php | 187 +- ext/mbstring/mbstring.c | 4 +- ext/standard/cyr_convert.c | 2 +- 21 files changed, 9944 insertions(+), 6993 deletions(-) create mode 100644 Zend/tests/isset_003_2_4.phpt diff --git a/NEWS b/NEWS index 7c302b58b8..22a9a60e7a 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,10 @@ - Upgraded bundled sqlite to version 3.6.23.1. (Ilia) - Upgraded bundled PCRE to version 8.02. (Ilia) +- Added a number of small performance tweaks and optimizations (Dmitry) + . ZEND_RECV now always has IS_CV as its result + . ZEND_CATCH now has to be used only with constant class names + . ZEND_FETCH_DIM_? may fetch array and dimension operans in a different order - Added concept of interned strings. All strings constants known at compile time are allocated in a single copy and never changed. (Dmitry) - Added an optimization which saves memory and emalloc/efree calls for empty diff --git a/Zend/tests/isset_003.phpt b/Zend/tests/isset_003.phpt index 68c26f80f0..8232405bee 100644 --- a/Zend/tests/isset_003.phpt +++ b/Zend/tests/isset_003.phpt @@ -1,5 +1,7 @@ --TEST-- Testing isset accessing undefined array itens and properties +--SKIPIF-- +=')) die('skip ZendEngine 2.3 or below needed'); ?> --FILE-- +--FILE-- +a)); + +var_dump(isset($c[0][1][2]->a->b->c->d)); + +var_dump(isset(${$a}->{$b->$c[$d]})); + +var_dump(isset($GLOBALS)); + +var_dump(isset($GLOBALS[1])); + +var_dump(isset($GLOBALS[1]->$GLOBALS)); + +?> +--EXPECTF-- +bool(true) +bool(true) +bool(false) +bool(false) + +Notice: Undefined variable: c in %s on line %d + +Notice: Undefined variable: d in %s on line %d + +Notice: Trying to get property of non-object in %s on line %d +bool(false) +bool(true) +bool(false) +bool(false) diff --git a/Zend/zend.h b/Zend/zend.h index 6348e5997c..98c36e8d24 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -352,17 +352,21 @@ struct _zval_struct { #if defined(__GNUC__) #if __GNUC__ >= 3 #define zend_always_inline inline __attribute__((always_inline)) +#define zend_never_inline __attribute__((noinline)) #else #define zend_always_inline inline +#define zend_never_inline #endif #elif defined(_MSC_VER) #define zend_always_inline __forceinline +#define zend_never_inline #else #define zend_always_inline inline +#define zend_never_inline #endif -#if (defined (__GNUC__) && __GNUC__ > 2 ) && !defined(__INTEL_COMPILER) && !defined(DARWIN) && !defined(__hpux) && !defined(_AIX) +#if (defined (__GNUC__) && __GNUC__ > 2 ) && !defined(DARWIN) && !defined(__hpux) && !defined(_AIX) # define EXPECTED(condition) __builtin_expect(condition, 1) # define UNEXPECTED(condition) __builtin_expect(condition, 0) #else @@ -677,19 +681,30 @@ END_EXTERN_C() #define PZVAL_IS_REF(z) Z_ISREF_P(z) -#define SEPARATE_ZVAL(ppzv) \ - { \ - zval *orig_ptr = *(ppzv); \ - \ - if (Z_REFCOUNT_P(orig_ptr) > 1) { \ - Z_DELREF_P(orig_ptr); \ - ALLOC_ZVAL(*(ppzv)); \ - **(ppzv) = *orig_ptr; \ - zval_copy_ctor(*(ppzv)); \ - Z_SET_REFCOUNT_PP(ppzv, 1); \ - Z_UNSET_ISREF_PP((ppzv)); \ - } \ - } +#define ZVAL_COPY_VALUE(z, v) \ + do { \ + (z)->value = (v)->value; \ + Z_TYPE_P(z) = Z_TYPE_P(v); \ + } while (0) + +#define INIT_PZVAL_COPY(z, v) \ + do { \ + ZVAL_COPY_VALUE(z, v); \ + Z_SET_REFCOUNT_P(z, 1); \ + Z_UNSET_ISREF_P(z); \ + } while (0) + +#define SEPARATE_ZVAL(ppzv) \ + do { \ + if (Z_REFCOUNT_PP((ppzv)) > 1) { \ + zval *new_zv; \ + Z_DELREF_PP(ppzv); \ + ALLOC_ZVAL(new_zv); \ + INIT_PZVAL_COPY(new_zv, *(ppzv)); \ + *(ppzv) = new_zv; \ + zval_copy_ctor(new_zv); \ + } \ + } while (0) #define SEPARATE_ZVAL_IF_NOT_REF(ppzv) \ if (!PZVAL_IS_REF(*ppzv)) { \ @@ -712,10 +727,9 @@ END_EXTERN_C() } \ INIT_PZVAL(&(zv)); -#define MAKE_COPY_ZVAL(ppzv, pzv) \ - *(pzv) = **(ppzv); \ - zval_copy_ctor((pzv)); \ - INIT_PZVAL((pzv)); +#define MAKE_COPY_ZVAL(ppzv, pzv) \ + INIT_PZVAL_COPY(pzv, *(ppzv)); \ + zval_copy_ctor((pzv)); #define REPLACE_ZVAL_VALUE(ppzv_dest, pzv_src, copy) { \ int is_ref, refcount; \ @@ -724,7 +738,7 @@ END_EXTERN_C() is_ref = Z_ISREF_PP(ppzv_dest); \ refcount = Z_REFCOUNT_PP(ppzv_dest); \ zval_dtor(*ppzv_dest); \ - **ppzv_dest = *pzv_src; \ + ZVAL_COPY_VALUE(*ppzv_dest, pzv_src); \ if (copy) { \ zval_copy_ctor(*ppzv_dest); \ } \ @@ -736,10 +750,7 @@ END_EXTERN_C() if (PZVAL_IS_REF(varptr)) { \ zval *original_var = varptr; \ ALLOC_ZVAL(varptr); \ - varptr->value = original_var->value; \ - Z_TYPE_P(varptr) = Z_TYPE_P(original_var); \ - Z_UNSET_ISREF_P(varptr); \ - Z_SET_REFCOUNT_P(varptr, 1); \ + INIT_PZVAL_COPY(varptr, original_var); \ zval_copy_ctor(varptr); \ } else { \ Z_ADDREF_P(varptr); \ diff --git a/Zend/zend_API.h b/Zend/zend_API.h index 868344669b..a722b0c7a3 100644 --- a/Zend/zend_API.h +++ b/Zend/zend_API.h @@ -488,8 +488,12 @@ ZEND_API int zend_call_function(zend_fcall_info *fci, zend_fcall_info_cache *fci ZEND_API int zend_set_hash_symbol(zval *symbol, const char *name, int name_length, zend_bool is_ref, int num_symbol_tables, ...); +ZEND_API void zend_delete_variable(zend_execute_data *ex, HashTable *ht, char *name, int name_len, ulong hash_value TSRMLS_DC); + ZEND_API int zend_delete_global_variable(char *name, int name_len TSRMLS_DC); +ZEND_API int zend_delete_global_variable_ex(char *name, int name_len, ulong hash_value TSRMLS_DC); + ZEND_API void zend_reset_all_cv(HashTable *symbol_table TSRMLS_DC); ZEND_API void zend_rebuild_symbol_table(TSRMLS_D); @@ -510,54 +514,61 @@ END_EXTERN_C() #define CHECK_ZVAL_STRING_REL(z) #endif -#define ZVAL_RESOURCE(z, l) { \ - Z_TYPE_P(z) = IS_RESOURCE; \ - Z_LVAL_P(z) = l; \ - } +#define ZVAL_RESOURCE(z, l) do { \ + zval *__z = (z); \ + Z_LVAL_P(__z) = l; \ + Z_TYPE_P(__z) = IS_RESOURCE;\ + } while (0) -#define ZVAL_BOOL(z, b) { \ - Z_TYPE_P(z) = IS_BOOL; \ - Z_LVAL_P(z) = ((b) != 0); \ - } +#define ZVAL_BOOL(z, b) do { \ + zval *__z = (z); \ + Z_LVAL_P(__z) = ((b) != 0); \ + Z_TYPE_P(__z) = IS_BOOL; \ + } while (0) #define ZVAL_NULL(z) { \ Z_TYPE_P(z) = IS_NULL; \ } #define ZVAL_LONG(z, l) { \ - Z_TYPE_P(z) = IS_LONG; \ - Z_LVAL_P(z) = l; \ + zval *__z = (z); \ + Z_LVAL_P(__z) = l; \ + Z_TYPE_P(__z) = IS_LONG; \ } #define ZVAL_DOUBLE(z, d) { \ - Z_TYPE_P(z) = IS_DOUBLE; \ - Z_DVAL_P(z) = d; \ + zval *__z = (z); \ + Z_DVAL_P(__z) = d; \ + Z_TYPE_P(__z) = IS_DOUBLE; \ } -#define ZVAL_STRING(z, s, duplicate) { \ - const char *__s=(s); \ - Z_STRLEN_P(z) = strlen(__s); \ - Z_STRVAL_P(z) = (duplicate?estrndup(__s, Z_STRLEN_P(z)):(char*)__s);\ - Z_TYPE_P(z) = IS_STRING; \ - } - -#define ZVAL_STRINGL(z, s, l, duplicate) { \ - const char *__s=(s); int __l=l; \ - Z_STRLEN_P(z) = __l; \ - Z_STRVAL_P(z) = (duplicate?estrndup(__s, __l):(char*)__s);\ - Z_TYPE_P(z) = IS_STRING; \ - } - -#define ZVAL_EMPTY_STRING(z) { \ - Z_STRLEN_P(z) = 0; \ - Z_STRVAL_P(z) = STR_EMPTY_ALLOC();\ - Z_TYPE_P(z) = IS_STRING; \ - } +#define ZVAL_STRING(z, s, duplicate) do { \ + const char *__s=(s); \ + zval *__z = (z); \ + Z_STRLEN_P(__z) = strlen(__s); \ + Z_STRVAL_P(__z) = (duplicate?estrndup(__s, Z_STRLEN_P(__z)):(char*)__s);\ + Z_TYPE_P(__z) = IS_STRING; \ + } while (0) + +#define ZVAL_STRINGL(z, s, l, duplicate) do { \ + const char *__s=(s); int __l=l; \ + zval *__z = (z); \ + Z_STRLEN_P(__z) = __l; \ + Z_STRVAL_P(__z) = (duplicate?estrndup(__s, __l):(char*)__s);\ + Z_TYPE_P(__z) = IS_STRING; \ + } while (0) + +#define ZVAL_EMPTY_STRING(z) do { \ + zval *__z = (z); \ + Z_STRLEN_P(__z) = 0; \ + Z_STRVAL_P(__z) = STR_EMPTY_ALLOC();\ + Z_TYPE_P(__z) = IS_STRING; \ + } while (0) #define ZVAL_ZVAL(z, zv, copy, dtor) { \ zend_uchar is_ref = Z_ISREF_P(z); \ zend_uint refcount = Z_REFCOUNT_P(z); \ - *(z) = *(zv); \ + ZVAL_COPY_VALUE(z, zv); \ if (copy) { \ zval_copy_ctor(z); \ } \ diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c index 339d92a9cb..978a458d58 100644 --- a/Zend/zend_compile.c +++ b/Zend/zend_compile.c @@ -1571,10 +1571,11 @@ void zend_do_end_function_declaration(const znode *function_token TSRMLS_DC) /* } /* }}} */ -void zend_do_receive_arg(zend_uchar op, const znode *var, const znode *offset, const znode *initialization, znode *class_type, const znode *varname, zend_uchar pass_by_reference TSRMLS_DC) /* {{{ */ +void zend_do_receive_arg(zend_uchar op, znode *varname, const znode *offset, const znode *initialization, znode *class_type, zend_uchar pass_by_reference TSRMLS_DC) /* {{{ */ { zend_op *opline; zend_arg_info *cur_arg_info; + znode var; if (class_type->op_type == IS_CONST && Z_TYPE(class_type->u.constant) == IS_STRING && @@ -1585,23 +1586,27 @@ void zend_do_receive_arg(zend_uchar op, const znode *var, const znode *offset, c return; } - if (var->op_type == IS_CV && - var->u.op.var == CG(active_op_array)->this_var && - (CG(active_op_array)->fn_flags & ZEND_ACC_STATIC) == 0) { - zend_error(E_COMPILE_ERROR, "Cannot re-assign $this"); - } else if (var->op_type == IS_VAR && - CG(active_op_array)->scope && - ((CG(active_op_array)->fn_flags & ZEND_ACC_STATIC) == 0) && - (Z_TYPE(varname->u.constant) == IS_STRING) && - (Z_STRLEN(varname->u.constant) == sizeof("this")-1) && - (memcmp(Z_STRVAL(varname->u.constant), "this", sizeof("this")) == 0)) { - zend_error(E_COMPILE_ERROR, "Cannot re-assign $this"); + if (zend_is_auto_global(Z_STRVAL(varname->u.constant), Z_STRLEN(varname->u.constant) TSRMLS_CC)) { + zend_error(E_COMPILE_ERROR, "Cannot re-assign auto-global variable %s", Z_STRVAL(varname->u.constant)); + } else { + var.op_type = IS_CV; + var.u.op.var = lookup_cv(CG(active_op_array), varname->u.constant.value.str.val, varname->u.constant.value.str.len TSRMLS_CC); + varname->u.constant.value.str.val = CG(active_op_array)->vars[var.u.op.var].name; + var.EA = 0; + if (Z_STRLEN(varname->u.constant) == sizeof("this")-1 && + !memcmp(Z_STRVAL(varname->u.constant), "this", sizeof("this")-1)) { + if (CG(active_op_array)->scope && + (CG(active_op_array)->fn_flags & ZEND_ACC_STATIC) == 0) { + zend_error(E_COMPILE_ERROR, "Cannot re-assign $this"); + } + CG(active_op_array)->this_var = var.u.op.var; + } } opline = get_next_op(CG(active_op_array) TSRMLS_CC); CG(active_op_array)->num_args++; opline->opcode = op; - SET_NODE(opline->result, var); + SET_NODE(opline->result, &var); SET_NODE(opline->op1, offset); if (op == ZEND_RECV_INIT) { SET_NODE(opline->op2, initialization); @@ -2498,16 +2503,17 @@ void zend_do_begin_catch(znode *try_token, znode *class_name, znode *catch_var, zend_op *opline; znode catch_class; - zend_do_fetch_class(&catch_class, class_name TSRMLS_CC); + if (class_name->op_type == IS_CONST && + ZEND_FETCH_CLASS_DEFAULT == zend_get_class_fetch_type(Z_STRVAL(class_name->u.constant), Z_STRLEN(class_name->u.constant))) { + ulong fetch_type = ZEND_FETCH_CLASS_GLOBAL; - catch_op_number = get_next_op_number(CG(active_op_array)); - if (catch_op_number > 0) { - opline = &CG(active_op_array)->opcodes[catch_op_number-1]; - if (opline->opcode == ZEND_FETCH_CLASS) { - opline->extended_value |= ZEND_FETCH_CLASS_NO_AUTOLOAD; - } + zend_resolve_class_name(class_name, &fetch_type, 1 TSRMLS_CC); + catch_class = *class_name; + } else { + zend_error(E_COMPILE_ERROR, "Bad class name in the catch statement"); } + catch_op_number = get_next_op_number(CG(active_op_array)); if (first_catch) { first_catch->u.op.opline_num = catch_op_number; } @@ -2515,6 +2521,7 @@ void zend_do_begin_catch(znode *try_token, znode *class_name, znode *catch_var, opline = get_next_op(CG(active_op_array) TSRMLS_CC); opline->opcode = ZEND_CATCH; SET_NODE(opline->op1, &catch_class); + add_lowercased_class_name(opline->op1.constant TSRMLS_CC); opline->op2_type = IS_CV; opline->op2.var = lookup_cv(CG(active_op_array), catch_var->u.constant.value.str.val, catch_var->u.constant.value.str.len TSRMLS_CC); catch_var->u.constant.value.str.val = CG(active_op_array)->vars[opline->op2.var].name; diff --git a/Zend/zend_compile.h b/Zend/zend_compile.h index 33e60aeb06..eda42ab767 100644 --- a/Zend/zend_compile.h +++ b/Zend/zend_compile.h @@ -342,7 +342,6 @@ struct _zend_execute_data { zend_class_entry *current_called_scope; zval *current_this; zval *current_object; - struct _zend_op *call_opline; }; #define EX(element) execute_data.element @@ -440,7 +439,7 @@ void zend_do_add_variable(znode *result, const znode *op1, const znode *op2 TSRM int zend_do_verify_access_types(const znode *current_access_type, const znode *new_modifier); void zend_do_begin_function_declaration(znode *function_token, znode *function_name, int is_method, int return_reference, znode *fn_flags_znode TSRMLS_DC); void zend_do_end_function_declaration(const znode *function_token TSRMLS_DC); -void zend_do_receive_arg(zend_uchar op, const znode *var, const znode *offset, const znode *initialization, znode *class_type, const znode *varname, zend_bool pass_by_reference TSRMLS_DC); +void zend_do_receive_arg(zend_uchar op, znode *varname, const znode *offset, const znode *initialization, znode *class_type, zend_bool pass_by_reference TSRMLS_DC); int zend_do_begin_function_call(znode *function_name, zend_bool check_namespace TSRMLS_DC); void zend_do_begin_method_call(znode *left_bracket TSRMLS_DC); void zend_do_clone(znode *result, const znode *expr TSRMLS_DC); diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c index 7966ed144c..d4c923447e 100644 --- a/Zend/zend_execute.c +++ b/Zend/zend_execute.c @@ -60,8 +60,8 @@ static void zend_extension_fcall_end_handler(const zend_extension *extension, ze #define RETURN_VALUE_USED(opline) (!((opline)->result_type & EXT_TYPE_UNUSED)) -#define EX_T(offset) (*(temp_variable *)((char *) EX(Ts) + offset)) #define T(offset) (*(temp_variable *)((char *) Ts + offset)) +#define CV(var) CVs[var] #define TEMP_VAR_STACK_LIMIT 2000 @@ -92,23 +92,37 @@ static zend_always_inline void zend_pzval_unlock_free_func(zval *z TSRMLS_DC) } } +static zend_never_inline void __zval_ptr_dtor(zval *zval_ptr ZEND_FILE_LINE_DC) +{ + __zval_ptr_dtor(zval_ptr ZEND_FILE_LINE_RELAY_CC); +} + +#undef zval_ptr_dtor +#define zval_ptr_dtor(pzv) i_zval_ptr_dtor(*(pzv) ZEND_FILE_LINE_CC) + #define PZVAL_UNLOCK(z, f) zend_pzval_unlock_func(z, f, 1 TSRMLS_CC) #define PZVAL_UNLOCK_EX(z, f, u) zend_pzval_unlock_func(z, f, u TSRMLS_CC) #define PZVAL_UNLOCK_FREE(z) zend_pzval_unlock_free_func(z TSRMLS_CC) #define PZVAL_LOCK(z) Z_ADDREF_P((z)) #define SELECTIVE_PZVAL_LOCK(pzv, opline) if (RETURN_VALUE_USED(opline)) { PZVAL_LOCK(pzv); } -#define AI_USE_PTR(ai) \ - if ((ai).ptr_ptr) { \ - (ai).ptr = *((ai).ptr_ptr); \ - (ai).ptr_ptr = &((ai).ptr); \ - } else { \ - (ai).ptr = NULL; \ - } +#define EXTRACT_ZVAL_PTR(t) do { \ + temp_variable *__t = (t); \ + if (__t->var.ptr_ptr) { \ + __t->var.ptr = *__t->var.ptr_ptr; \ + __t->var.ptr_ptr = &__t->var.ptr; \ + if (!PZVAL_IS_REF(__t->var.ptr) && \ + Z_REFCOUNT_P(__t->var.ptr) > 2) { \ + SEPARATE_ZVAL(__t->var.ptr_ptr); \ + } \ + } \ + } while (0) -#define AI_SET_PTR(ai, val) \ - (ai).ptr = (val); \ - (ai).ptr_ptr = &((ai).ptr); +#define AI_SET_PTR(t, val) do { \ + temp_variable *__t = (t); \ + __t->var.ptr = (val); \ + __t->var.ptr_ptr = &__t->var.ptr; \ + } while (0) #define FREE_OP(should_free) \ if (should_free.var) { \ @@ -133,21 +147,12 @@ static zend_always_inline void zend_pzval_unlock_free_func(zval *z TSRMLS_DC) #define IS_TMP_FREE(should_free) ((zend_uintptr_t)should_free.var & 1L) -#define INIT_PZVAL_COPY(z,v) \ - (z)->value = (v)->value; \ - Z_TYPE_P(z) = Z_TYPE_P(v); \ - Z_SET_REFCOUNT_P(z, 1); \ - Z_UNSET_ISREF_P(z); - #define MAKE_REAL_ZVAL_PTR(val) \ do { \ zval *_tmp; \ ALLOC_ZVAL(_tmp); \ - _tmp->value = (val)->value; \ - Z_TYPE_P(_tmp) = Z_TYPE_P(val); \ - Z_SET_REFCOUNT_P(_tmp, 1); \ - Z_UNSET_ISREF_P(_tmp); \ - val = _tmp; \ + INIT_PZVAL_COPY(_tmp, (val)); \ + (val) = _tmp; \ } while (0) /* End of zend_execute_locks.h */ @@ -214,7 +219,7 @@ static zend_always_inline zval *_get_zval_ptr_var(zend_uint var, const temp_vari } } -static zval **_get_zval_cv_lookup(zval ***ptr, zend_uint var, int type TSRMLS_DC) +static zend_never_inline zval **_get_zval_cv_lookup(zval ***ptr, zend_uint var, int type TSRMLS_DC) { zend_compiled_variable *cv = &CV_DEF_OF(var); @@ -245,6 +250,73 @@ static zval **_get_zval_cv_lookup(zval ***ptr, zend_uint var, int type TSRMLS_DC return *ptr; } +static zend_never_inline zval **_get_zval_cv_lookup_BP_VAR_R(zval ***ptr, zend_uint var TSRMLS_DC) +{ + zend_compiled_variable *cv = &CV_DEF_OF(var); + + if (!EG(active_symbol_table) || + zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **)ptr)==FAILURE) { + zend_error(E_NOTICE, "Undefined variable: %s", cv->name); + return &EG(uninitialized_zval_ptr); + } + return *ptr; +} + +static zend_never_inline zval **_get_zval_cv_lookup_BP_VAR_UNSET(zval ***ptr, zend_uint var TSRMLS_DC) +{ + zend_compiled_variable *cv = &CV_DEF_OF(var); + + if (!EG(active_symbol_table) || + zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **)ptr)==FAILURE) { + zend_error(E_NOTICE, "Undefined variable: %s", cv->name); + return &EG(uninitialized_zval_ptr); + } + return *ptr; +} + +static zend_never_inline zval **_get_zval_cv_lookup_BP_VAR_IS(zval ***ptr, zend_uint var TSRMLS_DC) +{ + zend_compiled_variable *cv = &CV_DEF_OF(var); + + if (!EG(active_symbol_table) || + zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **)ptr)==FAILURE) { + return &EG(uninitialized_zval_ptr); + } + return *ptr; +} + +static zend_never_inline zval **_get_zval_cv_lookup_BP_VAR_RW(zval ***ptr, zend_uint var TSRMLS_DC) +{ + zend_compiled_variable *cv = &CV_DEF_OF(var); + + if (!EG(active_symbol_table)) { + Z_ADDREF(EG(uninitialized_zval)); + *ptr = (zval**)EG(current_execute_data)->CVs + (EG(active_op_array)->last_var + var); + **ptr = &EG(uninitialized_zval); + zend_error(E_NOTICE, "Undefined variable: %s", cv->name); + } else if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **)ptr)==FAILURE) { + Z_ADDREF(EG(uninitialized_zval)); + zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **)ptr); + zend_error(E_NOTICE, "Undefined variable: %s", cv->name); + } + return *ptr; +} + +static zend_never_inline zval **_get_zval_cv_lookup_BP_VAR_W(zval ***ptr, zend_uint var TSRMLS_DC) +{ + zend_compiled_variable *cv = &CV_DEF_OF(var); + + if (!EG(active_symbol_table)) { + Z_ADDREF(EG(uninitialized_zval)); + *ptr = (zval**)EG(current_execute_data)->CVs + (EG(active_op_array)->last_var + var); + **ptr = &EG(uninitialized_zval); + } else if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **)ptr)==FAILURE) { + Z_ADDREF(EG(uninitialized_zval)); + zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **)ptr); + } + return *ptr; +} + static zend_always_inline zval *_get_zval_ptr_cv(zend_uint var, int type TSRMLS_DC) { zval ***ptr = &CV_OF(var); @@ -255,6 +327,56 @@ static zend_always_inline zval *_get_zval_ptr_cv(zend_uint var, int type TSRMLS_ return **ptr; } +static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_R(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return *_get_zval_cv_lookup_BP_VAR_R(ptr, var TSRMLS_CC); + } + return **ptr; +} + +static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_UNSET(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return *_get_zval_cv_lookup_BP_VAR_UNSET(ptr, var TSRMLS_CC); + } + return **ptr; +} + +static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_IS(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return *_get_zval_cv_lookup_BP_VAR_IS(ptr, var TSRMLS_CC); + } + return **ptr; +} + +static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_RW(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return *_get_zval_cv_lookup_BP_VAR_RW(ptr, var TSRMLS_CC); + } + return **ptr; +} + +static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_W(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return *_get_zval_cv_lookup_BP_VAR_W(ptr, var TSRMLS_CC); + } + return **ptr; +} + static inline zval *_get_zval_ptr(int op_type, const znode_op *node, const temp_variable *Ts, zend_free_op *should_free, int type TSRMLS_DC) { /* should_free->is_var = 0; */ @@ -306,6 +428,56 @@ static zend_always_inline zval **_get_zval_ptr_ptr_cv(zend_uint var, int type TS return *ptr; } +static zend_always_inline zval **_get_zval_ptr_ptr_cv_BP_VAR_R(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return _get_zval_cv_lookup_BP_VAR_R(ptr, var TSRMLS_CC); + } + return *ptr; +} + +static zend_always_inline zval **_get_zval_ptr_ptr_cv_BP_VAR_UNSET(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return _get_zval_cv_lookup_BP_VAR_UNSET(ptr, var TSRMLS_CC); + } + return *ptr; +} + +static zend_always_inline zval **_get_zval_ptr_ptr_cv_BP_VAR_IS(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return _get_zval_cv_lookup_BP_VAR_IS(ptr, var TSRMLS_CC); + } + return *ptr; +} + +static zend_always_inline zval **_get_zval_ptr_ptr_cv_BP_VAR_RW(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return _get_zval_cv_lookup_BP_VAR_RW(ptr, var TSRMLS_CC); + } + return *ptr; +} + +static zend_always_inline zval **_get_zval_ptr_ptr_cv_BP_VAR_W(zval ***CVs, zend_uint var TSRMLS_DC) +{ + zval ***ptr = &CV(var); + + if (UNEXPECTED(*ptr == NULL)) { + return _get_zval_cv_lookup_BP_VAR_W(ptr, var TSRMLS_CC); + } + return *ptr; +} + static inline zval **_get_zval_ptr_ptr(int op_type, const znode_op *node, const temp_variable *Ts, zend_free_op *should_free, int type TSRMLS_DC) { if (op_type == IS_CV) { @@ -387,7 +559,7 @@ static void zend_assign_to_variable_reference(zval **variable_ptr_ptr, zval **va zval *variable_ptr = *variable_ptr_ptr; zval *value_ptr = *value_ptr_ptr; - if (variable_ptr == EG(error_zval_ptr) || value_ptr==EG(error_zval_ptr)) { + if (variable_ptr == &EG(error_zval) || value_ptr == &EG(error_zval)) { variable_ptr_ptr = &EG(uninitialized_zval_ptr); } else if (variable_ptr != value_ptr) { if (!PZVAL_IS_REF(value_ptr)) { @@ -395,7 +567,7 @@ static void zend_assign_to_variable_reference(zval **variable_ptr_ptr, zval **va Z_DELREF_P(value_ptr); if (Z_REFCOUNT_P(value_ptr)>0) { ALLOC_ZVAL(*value_ptr_ptr); - **value_ptr_ptr = *value_ptr; + ZVAL_COPY_VALUE(*value_ptr_ptr, value_ptr); value_ptr = *value_ptr_ptr; zendi_zval_copy_ctor(*value_ptr); } @@ -410,12 +582,12 @@ static void zend_assign_to_variable_reference(zval **variable_ptr_ptr, zval **va } else if (!Z_ISREF_P(variable_ptr)) { if (variable_ptr_ptr == value_ptr_ptr) { SEPARATE_ZVAL(variable_ptr_ptr); - } else if (variable_ptr==EG(uninitialized_zval_ptr) + } else if (variable_ptr==&EG(uninitialized_zval) || Z_REFCOUNT_P(variable_ptr)>2) { /* we need to separate */ Z_SET_REFCOUNT_P(variable_ptr, Z_REFCOUNT_P(variable_ptr) - 2); ALLOC_ZVAL(*variable_ptr_ptr); - **variable_ptr_ptr = *variable_ptr; + ZVAL_COPY_VALUE(*variable_ptr_ptr, variable_ptr); zval_copy_ctor(*variable_ptr_ptr); *value_ptr_ptr = *variable_ptr_ptr; Z_SET_REFCOUNT_PP(variable_ptr_ptr, 2); @@ -451,7 +623,7 @@ static inline char * zend_verify_arg_class_kind(const zend_arg_info *cur_arg_inf } } -static inline int zend_verify_arg_error(const zend_function *zf, zend_uint arg_num, const zend_arg_info *cur_arg_info, const char *need_msg, const char *need_kind, const char *given_msg, char *given_kind TSRMLS_DC) +static inline int zend_verify_arg_error(const zend_function *zf, zend_uint arg_num, const char *need_msg, const char *need_kind, const char *given_msg, char *given_kind TSRMLS_DC) { zend_execute_data *ptr = EG(current_execute_data)->prev_execute_data; char *fname = zf->common.function_name; @@ -492,23 +664,23 @@ static inline int zend_verify_arg_type(zend_function *zf, zend_uint arg_num, zva if (!arg) { need_msg = zend_verify_arg_class_kind(cur_arg_info, fetch_type, &class_name, &ce TSRMLS_CC); - return zend_verify_arg_error(zf, arg_num, cur_arg_info, need_msg, class_name, "none", "" TSRMLS_CC); + return zend_verify_arg_error(zf, arg_num, need_msg, class_name, "none", "" TSRMLS_CC); } if (Z_TYPE_P(arg) == IS_OBJECT) { need_msg = zend_verify_arg_class_kind(cur_arg_info, fetch_type, &class_name, &ce TSRMLS_CC); if (!ce || !instanceof_function(Z_OBJCE_P(arg), ce TSRMLS_CC)) { - return zend_verify_arg_error(zf, arg_num, cur_arg_info, need_msg, class_name, "instance of ", Z_OBJCE_P(arg)->name TSRMLS_CC); + return zend_verify_arg_error(zf, arg_num, need_msg, class_name, "instance of ", Z_OBJCE_P(arg)->name TSRMLS_CC); } } else if (Z_TYPE_P(arg) != IS_NULL || !cur_arg_info->allow_null) { need_msg = zend_verify_arg_class_kind(cur_arg_info, fetch_type, &class_name, &ce TSRMLS_CC); - return zend_verify_arg_error(zf, arg_num, cur_arg_info, need_msg, class_name, zend_zval_type_name(arg), "" TSRMLS_CC); + return zend_verify_arg_error(zf, arg_num, need_msg, class_name, zend_zval_type_name(arg), "" TSRMLS_CC); } } else if (cur_arg_info->array_type_hint) { if (!arg) { - return zend_verify_arg_error(zf, arg_num, cur_arg_info, "be an array", "", "none", "" TSRMLS_CC); + return zend_verify_arg_error(zf, arg_num, "be an array", "", "none", "" TSRMLS_CC); } if (Z_TYPE_P(arg) != IS_ARRAY && (Z_TYPE_P(arg) != IS_NULL || !cur_arg_info->allow_null)) { - return zend_verify_arg_error(zf, arg_num, cur_arg_info, "be an array", "", zend_zval_type_name(arg), "" TSRMLS_CC); + return zend_verify_arg_error(zf, arg_num, "be an array", "", zend_zval_type_name(arg), "" TSRMLS_CC); } } return 1; @@ -521,9 +693,9 @@ static inline void zend_assign_to_object(zval **retval, zval **object_ptr, zval zval *value = get_zval_ptr(value_type, value_op, Ts, &free_value, BP_VAR_R); if (Z_TYPE_P(object) != IS_OBJECT) { - if (object == EG(error_zval_ptr)) { + if (object == &EG(error_zval)) { if (retval) { - *retval = EG(uninitialized_zval_ptr); + *retval = &EG(uninitialized_zval); PZVAL_LOCK(*retval); } FREE_OP(free_value); @@ -540,7 +712,7 @@ static inline void zend_assign_to_object(zval **retval, zval **object_ptr, zval } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (retval) { - *retval = EG(uninitialized_zval_ptr); + *retval = &EG(uninitialized_zval); PZVAL_LOCK(*retval); } FREE_OP(free_value); @@ -553,14 +725,14 @@ static inline void zend_assign_to_object(zval **retval, zval **object_ptr, zval zval *orig_value = value; ALLOC_ZVAL(value); - *value = *orig_value; + ZVAL_COPY_VALUE(value, orig_value); Z_UNSET_ISREF_P(value); Z_SET_REFCOUNT_P(value, 0); } else if (value_type == IS_CONST) { zval *orig_value = value; ALLOC_ZVAL(value); - *value = *orig_value; + ZVAL_COPY_VALUE(value, orig_value); Z_UNSET_ISREF_P(value); Z_SET_REFCOUNT_P(value, 0); zval_copy_ctor(value); @@ -572,8 +744,8 @@ static inline void zend_assign_to_object(zval **retval, zval **object_ptr, zval if (!Z_OBJ_HT_P(object)->write_property) { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (retval) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + *retval = &EG(uninitialized_zval); + PZVAL_LOCK(&EG(uninitialized_zval)); } if (value_type == IS_TMP_VAR) { FREE_ZVAL(value); @@ -631,8 +803,9 @@ static inline int zend_assign_to_string_offset(const temp_variable *T, const zva } if (Z_TYPE_P(value) != IS_STRING) { - zval tmp = *value; - + zval tmp; + + ZVAL_COPY_VALUE(&tmp, value); if (value_type != IS_TMP_VAR) { zval_copy_ctor(&tmp); } @@ -656,88 +829,104 @@ static inline int zend_assign_to_string_offset(const temp_variable *T, const zva return 1; } -static inline zval* zend_assign_to_variable(zval **variable_ptr_ptr, zval *value, int is_tmp_var TSRMLS_DC) + +static inline zval* zend_assign_tmp_to_variable(zval **variable_ptr_ptr, zval *value TSRMLS_DC) { zval *variable_ptr = *variable_ptr_ptr; zval garbage; - if (variable_ptr == EG(error_zval_ptr)) { - if (is_tmp_var) { - zval_dtor(value); - } - return EG(uninitialized_zval_ptr); - } - - if (Z_TYPE_P(variable_ptr) == IS_OBJECT && Z_OBJ_HANDLER_P(variable_ptr, set)) { + if (Z_TYPE_P(variable_ptr) == IS_OBJECT && + UNEXPECTED(Z_OBJ_HANDLER_P(variable_ptr, set) != NULL)) { Z_OBJ_HANDLER_P(variable_ptr, set)(variable_ptr_ptr, value TSRMLS_CC); return variable_ptr; } - if (PZVAL_IS_REF(variable_ptr)) { - if (variable_ptr!=value) { + if (EXPECTED(!PZVAL_IS_REF(variable_ptr))) { + if (Z_DELREF_P(variable_ptr)==0) { + ZVAL_COPY_VALUE(&garbage, variable_ptr); + INIT_PZVAL_COPY(variable_ptr, value); + zendi_zval_dtor(garbage); + return variable_ptr; + } else { /* we need to split */ + ALLOC_ZVAL(variable_ptr); + INIT_PZVAL_COPY(variable_ptr, value); + *variable_ptr_ptr = variable_ptr; + return variable_ptr; + } + } else { + if (EXPECTED(variable_ptr != value)) { zend_uint refcount = Z_REFCOUNT_P(variable_ptr); - garbage = *variable_ptr; - *variable_ptr = *value; + ZVAL_COPY_VALUE(&garbage, variable_ptr); + ZVAL_COPY_VALUE(variable_ptr, value); Z_SET_REFCOUNT_P(variable_ptr, refcount); Z_SET_ISREF_P(variable_ptr); - if (!is_tmp_var) { - zendi_zval_copy_ctor(*variable_ptr); - } zendi_zval_dtor(garbage); - return variable_ptr; } - } else { + return variable_ptr; + } +} + + +static inline zval* zend_assign_to_variable(zval **variable_ptr_ptr, zval *value TSRMLS_DC) +{ + zval *variable_ptr = *variable_ptr_ptr; + zval garbage; + + if (Z_TYPE_P(variable_ptr) == IS_OBJECT && + UNEXPECTED(Z_OBJ_HANDLER_P(variable_ptr, set) != NULL)) { + Z_OBJ_HANDLER_P(variable_ptr, set)(variable_ptr_ptr, value TSRMLS_CC); + return variable_ptr; + } + + if (EXPECTED(!PZVAL_IS_REF(variable_ptr))) { if (Z_DELREF_P(variable_ptr)==0) { - if (!is_tmp_var) { - if (variable_ptr==value) { - Z_ADDREF_P(variable_ptr); - } else if (PZVAL_IS_REF(value)) { - garbage = *variable_ptr; - *variable_ptr = *value; - INIT_PZVAL(variable_ptr); - zval_copy_ctor(variable_ptr); - zendi_zval_dtor(garbage); - return variable_ptr; - } else { - Z_ADDREF_P(value); - *variable_ptr_ptr = value; - if (variable_ptr != &EG(uninitialized_zval)) { - GC_REMOVE_ZVAL_FROM_BUFFER(variable_ptr); - zval_dtor(variable_ptr); - efree(variable_ptr); - } - return value; - } - } else { - garbage = *variable_ptr; - *variable_ptr = *value; - INIT_PZVAL(variable_ptr); + if (variable_ptr==value) { + Z_ADDREF_P(variable_ptr); + return variable_ptr; + } else if (PZVAL_IS_REF(value)) { + ZVAL_COPY_VALUE(&garbage, variable_ptr); + INIT_PZVAL_COPY(variable_ptr, value); + zval_copy_ctor(variable_ptr); zendi_zval_dtor(garbage); return variable_ptr; + } else { + Z_ADDREF_P(value); + *variable_ptr_ptr = value; + if (variable_ptr != &EG(uninitialized_zval)) { + GC_REMOVE_ZVAL_FROM_BUFFER(variable_ptr); + zval_dtor(variable_ptr); + efree(variable_ptr); + } + return value; } } else { /* we need to split */ - if (!is_tmp_var) { - if (PZVAL_IS_REF(value) && Z_REFCOUNT_P(value) > 0) { - ALLOC_ZVAL(variable_ptr); - *variable_ptr_ptr = variable_ptr; - *variable_ptr = *value; - zval_copy_ctor(variable_ptr); - Z_SET_REFCOUNT_P(variable_ptr, 1); - } else { - *variable_ptr_ptr = value; - Z_ADDREF_P(value); - } + if (PZVAL_IS_REF(value) && Z_REFCOUNT_P(value) > 0) { + ALLOC_ZVAL(variable_ptr); + INIT_PZVAL_COPY(variable_ptr, value); + zval_copy_ctor(variable_ptr); + *variable_ptr_ptr = variable_ptr; + return variable_ptr; } else { - ALLOC_ZVAL(*variable_ptr_ptr); - Z_SET_REFCOUNT_P(value, 1); - **variable_ptr_ptr = *value; + *variable_ptr_ptr = value; + Z_ADDREF_P(value); + Z_UNSET_ISREF_P(value); + return value; } } - Z_UNSET_ISREF_PP(variable_ptr_ptr); - } + } else { + if (EXPECTED(variable_ptr != value)) { + zend_uint refcount = Z_REFCOUNT_P(variable_ptr); - return *variable_ptr_ptr; + ZVAL_COPY_VALUE(&garbage, variable_ptr); + ZVAL_COPY_VALUE(variable_ptr, value); + Z_SET_REFCOUNT_P(variable_ptr, refcount); + Z_SET_ISREF_P(variable_ptr); + zendi_zval_copy_ctor(*variable_ptr); + zendi_zval_dtor(garbage); + } + return variable_ptr; + } } @@ -916,7 +1105,7 @@ fetch_from_array: break; case IS_NULL: - if (container == EG(error_zval_ptr)) { + if (container == &EG(error_zval)) { result->var.ptr_ptr = &EG(error_zval_ptr); PZVAL_LOCK(EG(error_zval_ptr)); } else if (type != BP_VAR_UNSET) { @@ -997,7 +1186,7 @@ convert_to_array: zval *tmp = overloaded_result; ALLOC_ZVAL(overloaded_result); - *overloaded_result = *tmp; + ZVAL_COPY_VALUE(overloaded_result, tmp); zval_copy_ctor(overloaded_result); Z_UNSET_ISREF_P(overloaded_result); Z_SET_REFCOUNT_P(overloaded_result, 0); @@ -1011,7 +1200,7 @@ convert_to_array: } else { retval = &EG(error_zval_ptr); } - AI_SET_PTR(result->var, *retval); + AI_SET_PTR(result, *retval); PZVAL_LOCK(*retval); if (dim_type == IS_TMP_VAR) { zval_ptr_dtor(&dim); @@ -1029,8 +1218,8 @@ convert_to_array: default: if (type == BP_VAR_UNSET) { zend_error(E_WARNING, "Cannot unset offset in a non-array variable"); - AI_SET_PTR(result->var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + AI_SET_PTR(result, &EG(uninitialized_zval)); + PZVAL_LOCK(&EG(uninitialized_zval)); } else { zend_error(E_WARNING, "Cannot use a scalar value as an array"); result->var.ptr_ptr = &EG(error_zval_ptr); @@ -1050,7 +1239,7 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont case IS_ARRAY: retval = zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, dim_type, type TSRMLS_CC); if (result) { - AI_SET_PTR(result->var, *retval); + AI_SET_PTR(result, *retval); PZVAL_LOCK(*retval); } return; @@ -1058,8 +1247,8 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont case IS_NULL: if (result) { - AI_SET_PTR(result->var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + AI_SET_PTR(result, &EG(uninitialized_zval)); + PZVAL_LOCK(&EG(uninitialized_zval)); } return; break; @@ -1081,7 +1270,7 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont break; } - tmp = *dim; + ZVAL_COPY_VALUE(&tmp, dim); zval_copy_ctor(&tmp); convert_to_long(&tmp); dim = &tmp; @@ -1115,7 +1304,7 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont if (overloaded_result) { if (result) { - AI_SET_PTR(result->var, overloaded_result); + AI_SET_PTR(result, overloaded_result); PZVAL_LOCK(overloaded_result); } else if (Z_REFCOUNT_P(overloaded_result) == 0) { /* Destroy unused result from offsetGet() magic method */ @@ -1123,8 +1312,8 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont zval_ptr_dtor(&overloaded_result); } } else if (result) { - AI_SET_PTR(result->var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + AI_SET_PTR(result, &EG(uninitialized_zval)); + PZVAL_LOCK(&EG(uninitialized_zval)); } if (dim_type == IS_TMP_VAR) { zval_ptr_dtor(&dim); @@ -1135,8 +1324,8 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont default: if (result) { - AI_SET_PTR(result->var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + AI_SET_PTR(result, &EG(uninitialized_zval)); + PZVAL_LOCK(&EG(uninitialized_zval)); } return; break; @@ -1148,9 +1337,9 @@ static void zend_fetch_property_address(temp_variable *result, zval **container_ zval *container = *container_ptr;; if (Z_TYPE_P(container) != IS_OBJECT) { - if (container == EG(error_zval_ptr)) { + if (container == &EG(error_zval)) { result->var.ptr_ptr = &EG(error_zval_ptr); - PZVAL_LOCK(*result->var.ptr_ptr); + PZVAL_LOCK(EG(error_zval_ptr)); return; } @@ -1179,7 +1368,7 @@ static void zend_fetch_property_address(temp_variable *result, zval **container_ if (Z_OBJ_HT_P(container)->read_property && (ptr = Z_OBJ_HT_P(container)->read_property(container, prop_ptr, type, key TSRMLS_CC)) != NULL) { - AI_SET_PTR(result->var, ptr); + AI_SET_PTR(result, ptr); PZVAL_LOCK(ptr); } else { zend_error_noreturn(E_ERROR, "Cannot access undefined property for object with overloaded property access"); @@ -1191,7 +1380,7 @@ static void zend_fetch_property_address(temp_variable *result, zval **container_ } else if (Z_OBJ_HT_P(container)->read_property) { zval *ptr = Z_OBJ_HT_P(container)->read_property(container, prop_ptr, type, key TSRMLS_CC); - AI_SET_PTR(result->var, ptr); + AI_SET_PTR(result, ptr); PZVAL_LOCK(ptr); } else { zend_error(E_WARNING, "This object doesn't support property references"); @@ -1283,22 +1472,29 @@ ZEND_API void execute_internal(zend_execute_data *execute_data_ptr, int return_v #define ZEND_VM_NEXT_OPCODE() \ CHECK_SYMBOL_TABLES() \ - EX(opline)++; \ + ZEND_VM_INC_OPCODE(); \ ZEND_VM_CONTINUE() #define ZEND_VM_SET_OPCODE(new_op) \ CHECK_SYMBOL_TABLES() \ - EX(opline) = new_op + OPLINE = new_op #define ZEND_VM_JMP(new_op) \ - CHECK_SYMBOL_TABLES() \ if (EXPECTED(!EG(exception))) { \ - EX(opline) = new_op; \ + ZEND_VM_SET_OPCODE(new_op); \ + } else { \ + LOAD_OPLINE(); \ } \ ZEND_VM_CONTINUE() #define ZEND_VM_INC_OPCODE() \ - EX(opline)++ + OPLINE++ + +#ifdef __GNUC__ +# define ZEND_VM_GUARD(name) __asm__("#" #name) +#else +# define ZEND_VM_GUARD(name) +#endif #include "zend_vm_execute.h" diff --git a/Zend/zend_execute.h b/Zend/zend_execute.h index 368875c03c..28e26d3932 100644 --- a/Zend/zend_execute.h +++ b/Zend/zend_execute.h @@ -62,7 +62,7 @@ ZEND_API void execute(zend_op_array *op_array TSRMLS_DC); ZEND_API void execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC); ZEND_API int zend_is_true(zval *op); #define safe_free_zval_ptr(p) safe_free_zval_ptr_rel(p ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC) -static inline void safe_free_zval_ptr_rel(zval *p ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) +static zend_always_inline void safe_free_zval_ptr_rel(zval *p ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) { TSRMLS_FETCH(); @@ -77,7 +77,28 @@ ZEND_API int zend_eval_stringl(char *str, int str_len, zval *retval_ptr, char *s ZEND_API int zend_eval_string_ex(char *str, zval *retval_ptr, char *string_name, int handle_exceptions TSRMLS_DC); ZEND_API int zend_eval_stringl_ex(char *str, int str_len, zval *retval_ptr, char *string_name, int handle_exceptions TSRMLS_DC); -static inline int i_zend_is_true(zval *op) +static zend_always_inline void i_zval_ptr_dtor(zval *zval_ptr ZEND_FILE_LINE_DC) +{ + if (!Z_DELREF_P(zval_ptr)) { + TSRMLS_FETCH(); + + if (zval_ptr != &EG(uninitialized_zval)) { + GC_REMOVE_ZVAL_FROM_BUFFER(zval_ptr); + zval_dtor(zval_ptr); + efree_rel(zval_ptr); + } + } else { + TSRMLS_FETCH(); + + if (Z_REFCOUNT_P(zval_ptr) == 1) { + Z_UNSET_ISREF_P(zval_ptr); + } + + GC_ZVAL_CHECK_POSSIBLE_ROOT(zval_ptr); + } +} + +static zend_always_inline int i_zend_is_true(zval *op) { int result; @@ -157,7 +178,7 @@ struct _zend_vm_stack { } \ } while (0) -static inline zend_vm_stack zend_vm_stack_new_page(int count) { +static zend_always_inline zend_vm_stack zend_vm_stack_new_page(int count) { zend_vm_stack page = (zend_vm_stack)emalloc(ZEND_MM_ALIGNED_SIZE(sizeof(*page)) + sizeof(void*) * count); page->top = ZEND_VM_STACK_ELEMETS(page); @@ -166,12 +187,12 @@ static inline zend_vm_stack zend_vm_stack_new_page(int count) { return page; } -static inline void zend_vm_stack_init(TSRMLS_D) +static zend_always_inline void zend_vm_stack_init(TSRMLS_D) { EG(argument_stack) = zend_vm_stack_new_page(ZEND_VM_STACK_PAGE_SIZE); } -static inline void zend_vm_stack_destroy(TSRMLS_D) +static zend_always_inline void zend_vm_stack_destroy(TSRMLS_D) { zend_vm_stack stack = EG(argument_stack); @@ -182,30 +203,30 @@ static inline void zend_vm_stack_destroy(TSRMLS_D) } } -static inline void zend_vm_stack_extend(int count TSRMLS_DC) +static zend_always_inline void zend_vm_stack_extend(int count TSRMLS_DC) { zend_vm_stack p = zend_vm_stack_new_page(count >= ZEND_VM_STACK_PAGE_SIZE ? count : ZEND_VM_STACK_PAGE_SIZE); p->prev = EG(argument_stack); EG(argument_stack) = p; } -static inline void **zend_vm_stack_top(TSRMLS_D) +static zend_always_inline void **zend_vm_stack_top(TSRMLS_D) { return EG(argument_stack)->top; } -static inline void zend_vm_stack_push(void *ptr TSRMLS_DC) +static zend_always_inline void zend_vm_stack_push(void *ptr TSRMLS_DC) { ZEND_VM_STACK_GROW_IF_NEEDED(1); *(EG(argument_stack)->top++) = ptr; } -static inline void zend_vm_stack_push_nocheck(void *ptr TSRMLS_DC) +static zend_always_inline void zend_vm_stack_push_nocheck(void *ptr TSRMLS_DC) { *(EG(argument_stack)->top++) = ptr; } -static inline void *zend_vm_stack_pop(TSRMLS_D) +static zend_always_inline void *zend_vm_stack_pop(TSRMLS_D) { void *el = *(--EG(argument_stack)->top); @@ -217,7 +238,7 @@ static inline void *zend_vm_stack_pop(TSRMLS_D) return el; } -static inline void *zend_vm_stack_alloc(size_t size TSRMLS_DC) +static zend_always_inline void *zend_vm_stack_alloc(size_t size TSRMLS_DC) { void *ret; @@ -246,7 +267,7 @@ static inline void *zend_vm_stack_alloc(size_t size TSRMLS_DC) return ret; } -static inline void zend_vm_stack_free_int(void *ptr TSRMLS_DC) +static zend_always_inline void zend_vm_stack_free_int(void *ptr TSRMLS_DC) { if (UNEXPECTED(ZEND_VM_STACK_ELEMETS(EG(argument_stack)) == (void**)ptr)) { zend_vm_stack p = EG(argument_stack); @@ -258,7 +279,7 @@ static inline void zend_vm_stack_free_int(void *ptr TSRMLS_DC) } } -static inline void zend_vm_stack_free(void *ptr TSRMLS_DC) +static zend_always_inline void zend_vm_stack_free(void *ptr TSRMLS_DC) { if (UNEXPECTED(ZEND_VM_STACK_ELEMETS(EG(argument_stack)) == (void**)ptr)) { zend_vm_stack p = EG(argument_stack); @@ -276,7 +297,7 @@ static inline void zend_vm_stack_free(void *ptr TSRMLS_DC) } } -static inline void** zend_vm_stack_push_args(int count TSRMLS_DC) +static zend_always_inline void** zend_vm_stack_push_args(int count TSRMLS_DC) { if (UNEXPECTED(EG(argument_stack)->top - ZEND_VM_STACK_ELEMETS(EG(argument_stack)) < count) || @@ -305,7 +326,7 @@ static inline void** zend_vm_stack_push_args(int count TSRMLS_DC) return EG(argument_stack)->top++; } -static inline void zend_vm_stack_clear_multiple(TSRMLS_D) +static zend_always_inline void zend_vm_stack_clear_multiple(TSRMLS_D) { void **p = EG(argument_stack)->top - 1; int delete_count = (int)(zend_uintptr_t) *p; @@ -313,12 +334,12 @@ static inline void zend_vm_stack_clear_multiple(TSRMLS_D) while (--delete_count>=0) { zval *q = *(zval **)(--p); *p = NULL; - zval_ptr_dtor(&q); + i_zval_ptr_dtor(q ZEND_FILE_LINE_CC); } zend_vm_stack_free_int(p TSRMLS_CC); } -static inline zval** zend_vm_stack_get_arg(int requested_arg TSRMLS_DC) +static zend_always_inline zval** zend_vm_stack_get_arg(int requested_arg TSRMLS_DC) { void **p = EG(current_execute_data)->prev_execute_data->function_state.arguments; int arg_count = (int)(zend_uintptr_t) *p; @@ -329,7 +350,7 @@ static inline zval** zend_vm_stack_get_arg(int requested_arg TSRMLS_DC) return (zval**)p - arg_count + requested_arg - 1; } -static inline void zend_arg_types_stack_2_pop(zend_ptr_stack *stack, zval **object, zend_function **fbc) +static zend_always_inline void zend_arg_types_stack_2_pop(zend_ptr_stack *stack, zval **object, zend_function **fbc) { void *a, *b; @@ -339,7 +360,7 @@ static inline void zend_arg_types_stack_2_pop(zend_ptr_stack *stack, zval **obje *fbc = (zend_function *) b; } -static inline void zend_arg_types_stack_3_pop(zend_ptr_stack *stack, zend_class_entry **called_scope, zval **object, zend_function **fbc) +static zend_always_inline void zend_arg_types_stack_3_pop(zend_ptr_stack *stack, zend_class_entry **called_scope, zval **object, zend_function **fbc) { void *a, *b, *c; diff --git a/Zend/zend_execute_API.c b/Zend/zend_execute_API.c index fd4fb928e4..5203f4fe86 100644 --- a/Zend/zend_execute_API.c +++ b/Zend/zend_execute_API.c @@ -1665,12 +1665,34 @@ ZEND_API void zend_reset_all_cv(HashTable *symbol_table TSRMLS_DC) /* {{{ */ } /* }}} */ -ZEND_API int zend_delete_global_variable(char *name, int name_len TSRMLS_DC) /* {{{ */ +ZEND_API void zend_delete_variable(zend_execute_data *ex, HashTable *ht, char *name, int name_len, ulong hash_value TSRMLS_DC) /* {{{ */ +{ + if (zend_hash_quick_del(ht, name, name_len, hash_value) == SUCCESS) { + name_len--; + while (ex && ex->symbol_table == ht) { + int i; + + if (ex->op_array) { + for (i = 0; i < ex->op_array->last_var; i++) { + if (ex->op_array->vars[i].hash_value == hash_value && + ex->op_array->vars[i].name_len == name_len && + !memcmp(ex->op_array->vars[i].name, name, name_len)) { + ex->CVs[i] = NULL; + break; + } + } + } + ex = ex->prev_execute_data; + } + } +} +/* }}} */ + +ZEND_API int zend_delete_global_variable_ex(char *name, int name_len, ulong hash_value TSRMLS_DC) /* {{{ */ { zend_execute_data *ex; - ulong hash_value = zend_inline_hash_func(name, name_len + 1); - if (zend_hash_quick_exists(&EG(symbol_table), name, name_len + 1, hash_value)) { + if (zend_hash_quick_del(&EG(symbol_table), name, name_len + 1, hash_value) == SUCCESS) { for (ex = EG(current_execute_data); ex; ex = ex->prev_execute_data) { if (ex->op_array && ex->symbol_table == &EG(symbol_table)) { int i; @@ -1685,12 +1707,18 @@ ZEND_API int zend_delete_global_variable(char *name, int name_len TSRMLS_DC) /* } } } - return zend_hash_quick_del(&EG(symbol_table), name, name_len + 1, hash_value); + return SUCCESS; } return FAILURE; } /* }}} */ +ZEND_API int zend_delete_global_variable(char *name, int name_len TSRMLS_DC) /* {{{ */ +{ + return zend_delete_global_variable_ex(name, name_len, zend_inline_hash_func(name, name_len + 1) TSRMLS_CC); +} +/* }}} */ + ZEND_API void zend_rebuild_symbol_table(TSRMLS_D) /* {{{ */ { zend_uint i; diff --git a/Zend/zend_iterators.c b/Zend/zend_iterators.c index 84b3638f0b..533cd5384a 100755 --- a/Zend/zend_iterators.c +++ b/Zend/zend_iterators.c @@ -82,13 +82,13 @@ ZEND_API enum zend_object_iterator_kind zend_iterator_unwrap( *iter = (zend_object_iterator *)zend_object_store_get_object(array_ptr TSRMLS_CC); return ZEND_ITER_OBJECT; } - if (HASH_OF(array_ptr)) { + if (Z_OBJPROP_P(array_ptr)) { return ZEND_ITER_PLAIN_OBJECT; } return ZEND_ITER_INVALID; case IS_ARRAY: - if (HASH_OF(array_ptr)) { + if (Z_ARRVAL_P(array_ptr)) { return ZEND_ITER_PLAIN_ARRAY; } return ZEND_ITER_INVALID; diff --git a/Zend/zend_language_parser.y b/Zend/zend_language_parser.y index 4b891bc335..2c9513182a 100644 --- a/Zend/zend_language_parser.y +++ b/Zend/zend_language_parser.y @@ -450,14 +450,14 @@ parameter_list: non_empty_parameter_list: - optional_class_type T_VARIABLE { znode tmp; fetch_simple_variable(&tmp, &$2, 0 TSRMLS_CC); $$.op_type = IS_UNUSED; $$.u.op.num=1; Z_TYPE($$.u.constant)=IS_LONG; INIT_PZVAL(&$$.u.constant); zend_do_receive_arg(ZEND_RECV, &tmp, &$$, NULL, &$1, &$2, 0 TSRMLS_CC); } - | optional_class_type '&' T_VARIABLE { znode tmp; fetch_simple_variable(&tmp, &$3, 0 TSRMLS_CC); $$.op_type = IS_UNUSED; $$.u.op.num=1; Z_TYPE($$.u.constant)=IS_LONG; INIT_PZVAL(&$$.u.constant); zend_do_receive_arg(ZEND_RECV, &tmp, &$$, NULL, &$1, &$3, 1 TSRMLS_CC); } - | optional_class_type '&' T_VARIABLE '=' static_scalar { znode tmp; fetch_simple_variable(&tmp, &$3, 0 TSRMLS_CC); $$.op_type = IS_UNUSED; $$.u.op.num=1; Z_TYPE($$.u.constant)=IS_LONG; INIT_PZVAL(&$$.u.constant); zend_do_receive_arg(ZEND_RECV_INIT, &tmp, &$$, &$5, &$1, &$3, 1 TSRMLS_CC); } - | optional_class_type T_VARIABLE '=' static_scalar { znode tmp; fetch_simple_variable(&tmp, &$2, 0 TSRMLS_CC); $$.op_type = IS_UNUSED; $$.u.op.num=1; Z_TYPE($$.u.constant)=IS_LONG; INIT_PZVAL(&$$.u.constant); zend_do_receive_arg(ZEND_RECV_INIT, &tmp, &$$, &$4, &$1, &$2, 0 TSRMLS_CC); } - | non_empty_parameter_list ',' optional_class_type T_VARIABLE { znode tmp; fetch_simple_variable(&tmp, &$4, 0 TSRMLS_CC); $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV, &tmp, &$$, NULL, &$3, &$4, 0 TSRMLS_CC); } - | non_empty_parameter_list ',' optional_class_type '&' T_VARIABLE { znode tmp; fetch_simple_variable(&tmp, &$5, 0 TSRMLS_CC); $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV, &tmp, &$$, NULL, &$3, &$5, 1 TSRMLS_CC); } - | non_empty_parameter_list ',' optional_class_type '&' T_VARIABLE '=' static_scalar { znode tmp; fetch_simple_variable(&tmp, &$5, 0 TSRMLS_CC); $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV_INIT, &tmp, &$$, &$7, &$3, &$5, 1 TSRMLS_CC); } - | non_empty_parameter_list ',' optional_class_type T_VARIABLE '=' static_scalar { znode tmp; fetch_simple_variable(&tmp, &$4, 0 TSRMLS_CC); $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV_INIT, &tmp, &$$, &$6, &$3, &$4, 0 TSRMLS_CC); } + optional_class_type T_VARIABLE { $$.op_type = IS_UNUSED; $$.u.op.num=1; zend_do_receive_arg(ZEND_RECV, &$2, &$$, NULL, &$1, 0 TSRMLS_CC); } + | optional_class_type '&' T_VARIABLE { $$.op_type = IS_UNUSED; $$.u.op.num=1; zend_do_receive_arg(ZEND_RECV, &$3, &$$, NULL, &$1, 1 TSRMLS_CC); } + | optional_class_type '&' T_VARIABLE '=' static_scalar { $$.op_type = IS_UNUSED; $$.u.op.num=1; zend_do_receive_arg(ZEND_RECV_INIT, &$3, &$$, &$5, &$1, 1 TSRMLS_CC); } + | optional_class_type T_VARIABLE '=' static_scalar { $$.op_type = IS_UNUSED; $$.u.op.num=1; zend_do_receive_arg(ZEND_RECV_INIT, &$2, &$$, &$4, &$1, 0 TSRMLS_CC); } + | non_empty_parameter_list ',' optional_class_type T_VARIABLE { $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV, &$4, &$$, NULL, &$3, 0 TSRMLS_CC); } + | non_empty_parameter_list ',' optional_class_type '&' T_VARIABLE { $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV, &$5, &$$, NULL, &$3, 1 TSRMLS_CC); } + | non_empty_parameter_list ',' optional_class_type '&' T_VARIABLE '=' static_scalar { $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV_INIT, &$5, &$$, &$7, &$3, 1 TSRMLS_CC); } + | non_empty_parameter_list ',' optional_class_type T_VARIABLE '=' static_scalar { $$=$1; $$.u.op.num++; zend_do_receive_arg(ZEND_RECV_INIT, &$4, &$$, &$6, &$3, 0 TSRMLS_CC); } ; diff --git a/Zend/zend_objects_API.h b/Zend/zend_objects_API.h index 243b6dbc68..5092f61b8b 100644 --- a/Zend/zend_objects_API.h +++ b/Zend/zend_objects_API.h @@ -68,7 +68,7 @@ ZEND_API void zend_objects_store_add_ref(zval *object TSRMLS_DC); ZEND_API void zend_objects_store_del_ref(zval *object TSRMLS_DC); ZEND_API void zend_objects_store_add_ref_by_handle(zend_object_handle handle TSRMLS_DC); ZEND_API void zend_objects_store_del_ref_by_handle_ex(zend_object_handle handle, const zend_object_handlers *handlers TSRMLS_DC); -static inline void zend_objects_store_del_ref_by_handle(zend_object_handle handle TSRMLS_DC) { +static zend_always_inline void zend_objects_store_del_ref_by_handle(zend_object_handle handle TSRMLS_DC) { zend_objects_store_del_ref_by_handle_ex(handle, NULL TSRMLS_CC); } ZEND_API zend_uint zend_objects_store_get_refcount(zval *object TSRMLS_DC); diff --git a/Zend/zend_ptr_stack.h b/Zend/zend_ptr_stack.h index 901d99f312..affe7d037b 100644 --- a/Zend/zend_ptr_stack.h +++ b/Zend/zend_ptr_stack.h @@ -54,7 +54,7 @@ END_EXTERN_C() /* Not doing this with a macro because of the loop unrolling in the element assignment. Just using a macro for 3 in the body for readability sake. */ -static inline void zend_ptr_stack_3_push(zend_ptr_stack *stack, void *a, void *b, void *c) +static zend_always_inline void zend_ptr_stack_3_push(zend_ptr_stack *stack, void *a, void *b, void *c) { #define ZEND_PTR_STACK_NUM_ARGS 3 @@ -68,7 +68,7 @@ static inline void zend_ptr_stack_3_push(zend_ptr_stack *stack, void *a, void *b #undef ZEND_PTR_STACK_NUM_ARGS } -static inline void zend_ptr_stack_2_push(zend_ptr_stack *stack, void *a, void *b) +static zend_always_inline void zend_ptr_stack_2_push(zend_ptr_stack *stack, void *a, void *b) { #define ZEND_PTR_STACK_NUM_ARGS 2 @@ -81,7 +81,7 @@ static inline void zend_ptr_stack_2_push(zend_ptr_stack *stack, void *a, void *b #undef ZEND_PTR_STACK_NUM_ARGS } -static inline void zend_ptr_stack_3_pop(zend_ptr_stack *stack, void **a, void **b, void **c) +static zend_always_inline void zend_ptr_stack_3_pop(zend_ptr_stack *stack, void **a, void **b, void **c) { *a = *(--stack->top_element); *b = *(--stack->top_element); @@ -89,14 +89,14 @@ static inline void zend_ptr_stack_3_pop(zend_ptr_stack *stack, void **a, void ** stack->top -= 3; } -static inline void zend_ptr_stack_2_pop(zend_ptr_stack *stack, void **a, void **b) +static zend_always_inline void zend_ptr_stack_2_pop(zend_ptr_stack *stack, void **a, void **b) { *a = *(--stack->top_element); *b = *(--stack->top_element); stack->top -= 2; } -static inline void zend_ptr_stack_push(zend_ptr_stack *stack, void *ptr) +static zend_always_inline void zend_ptr_stack_push(zend_ptr_stack *stack, void *ptr) { ZEND_PTR_STACK_RESIZE_IF_NEEDED(stack, 1) @@ -104,7 +104,7 @@ static inline void zend_ptr_stack_push(zend_ptr_stack *stack, void *ptr) *(stack->top_element++) = ptr; } -static inline void *zend_ptr_stack_pop(zend_ptr_stack *stack) +static zend_always_inline void *zend_ptr_stack_pop(zend_ptr_stack *stack) { stack->top--; return *(--stack->top_element); diff --git a/Zend/zend_variables.h b/Zend/zend_variables.h index 9304a67c0e..8701643333 100644 --- a/Zend/zend_variables.h +++ b/Zend/zend_variables.h @@ -27,7 +27,7 @@ BEGIN_EXTERN_C() ZEND_API void _zval_dtor_func(zval *zvalue ZEND_FILE_LINE_DC); -static inline void _zval_dtor(zval *zvalue ZEND_FILE_LINE_DC) +static zend_always_inline void _zval_dtor(zval *zvalue ZEND_FILE_LINE_DC) { if (zvalue->type <= IS_BOOL) { return; @@ -37,7 +37,7 @@ static inline void _zval_dtor(zval *zvalue ZEND_FILE_LINE_DC) ZEND_API void _zval_copy_ctor_func(zval *zvalue ZEND_FILE_LINE_DC); -static inline void _zval_copy_ctor(zval *zvalue ZEND_FILE_LINE_DC) +static zend_always_inline void _zval_copy_ctor(zval *zvalue ZEND_FILE_LINE_DC) { if (zvalue->type <= IS_BOOL) { return; diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h index 735c9daaa8..8fb3f85530 100644 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@ -27,299 +27,337 @@ ZEND_VM_HANDLER(1, ZEND_ADD, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(2, ZEND_SUB, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(3, ZEND_MUL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(4, ZEND_DIV, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(5, ZEND_MOD, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(6, ZEND_SL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(7, ZEND_SR, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(8, ZEND_CONCAT, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(15, ZEND_IS_IDENTICAL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(16, ZEND_IS_NOT_IDENTICAL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(17, ZEND_IS_EQUAL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(18, ZEND_IS_NOT_EQUAL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(19, ZEND_IS_SMALLER, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(20, ZEND_IS_SMALLER_OR_EQUAL, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(9, ZEND_BW_OR, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(10, ZEND_BW_AND, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(11, ZEND_BW_XOR, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(14, ZEND_BOOL_XOR, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R), GET_OP2_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(12, ZEND_BW_NOT, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_not_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(13, ZEND_BOOL_NOT, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_not_function(&EX_T(opline->result.var).tmp_var, GET_OP1_ZVAL_PTR(BP_VAR_R) TSRMLS_CC); FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HELPER_EX(zend_binary_assign_op_obj_helper, VAR|UNUSED|CV, CONST|TMP|VAR|UNUSED|CV, int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC)) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op2, free_op_data1; zval **object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); zval *object; zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (OP1_TYPE == IS_VAR && !object_ptr) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP2(); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -337,9 +375,9 @@ ZEND_VM_HELPER_EX(zend_binary_assign_op_obj_helper, VAR|UNUSED|CV, CONST|TMP|VAR have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -376,17 +414,17 @@ ZEND_VM_HELPER_EX(zend_binary_assign_op_obj_helper, VAR|UNUSED|CV, CONST|TMP|VAR Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -401,17 +439,19 @@ ZEND_VM_HELPER_EX(zend_binary_assign_op_obj_helper, VAR|UNUSED|CV, CONST|TMP|VAR FREE_OP1_VAR_PTR(); /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HELPER_EX(zend_binary_assign_op_helper, VAR|UNUSED|CV, CONST|TMP|VAR|UNUSED|CV, int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC)) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: ZEND_VM_DISPATCH_TO_HELPER_EX(zend_binary_assign_op_obj_helper, binary_op, binary_op); @@ -419,21 +459,19 @@ ZEND_VM_HELPER_EX(zend_binary_assign_op_helper, VAR|UNUSED|CV, CONST|TMP|VAR|UNU case ZEND_ASSIGN_DIM: { zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_RW); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (OP1_TYPE == IS_VAR && !OP1_FREE) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } ZEND_VM_DISPATCH_TO_HELPER_EX(zend_binary_assign_op_obj_helper, binary_op, binary_op); } else { - zend_op *op_data = opline+1; zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, OP2_TYPE, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, OP2_TYPE, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; @@ -444,23 +482,28 @@ ZEND_VM_HELPER_EX(zend_binary_assign_op_helper, VAR|UNUSED|CV, CONST|TMP|VAR|UNU break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } FREE_OP2(); FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -473,16 +516,21 @@ ZEND_VM_HELPER_EX(zend_binary_assign_op_helper, VAR|UNUSED|CV, CONST|TMP|VAR|UNU } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } FREE_OP2(); if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); + FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); } - FREE_OP1_VAR_PTR(); ZEND_VM_NEXT_OPCODE(); } @@ -543,29 +591,35 @@ ZEND_VM_HANDLER(33, ZEND_ASSIGN_BW_XOR, VAR|UNUSED|CV, CONST|TMP|VAR|UNUSED|CV) ZEND_VM_HELPER_EX(zend_pre_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR|CV, incdec_t incdec_op) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); + zval **object_ptr; zval *object; - zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (OP1_TYPE == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); + property = GET_OP2_ZVAL_PTR(BP_VAR_R); + retval = &EX_T(opline->result.var).var.ptr; + + if (OP1_TYPE == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); FREE_OP2(); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -593,7 +647,7 @@ ZEND_VM_HELPER_EX(zend_pre_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR| if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -613,8 +667,8 @@ ZEND_VM_HELPER_EX(zend_pre_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR| } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -625,6 +679,7 @@ ZEND_VM_HELPER_EX(zend_pre_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR| FREE_OP2(); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -640,26 +695,32 @@ ZEND_VM_HANDLER(133, ZEND_PRE_DEC_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|CV) ZEND_VM_HELPER_EX(zend_post_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR|CV, incdec_t incdec_op) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); + zval **object_ptr; zval *object; - zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (OP1_TYPE == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); + property = GET_OP2_ZVAL_PTR(BP_VAR_R); + retval = &EX_T(opline->result.var).tmp_var; + + if (OP1_TYPE == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); FREE_OP2(); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -675,7 +736,7 @@ ZEND_VM_HELPER_EX(zend_post_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -688,7 +749,7 @@ ZEND_VM_HELPER_EX(zend_post_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -698,12 +759,11 @@ ZEND_VM_HELPER_EX(zend_post_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -711,7 +771,7 @@ ZEND_VM_HELPER_EX(zend_post_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -721,6 +781,7 @@ ZEND_VM_HELPER_EX(zend_post_incdec_property_helper, VAR|UNUSED|CV, CONST|TMP|VAR FREE_OP2(); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -736,25 +797,30 @@ ZEND_VM_HANDLER(135, ZEND_POST_DEC_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|CV) ZEND_VM_HANDLER(34, ZEND_PRE_INC, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + zval **var_ptr; - if (OP1_TYPE == IS_VAR && !var_ptr) { + SAVE_OPLINE(); + var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + + if (OP1_TYPE == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (OP1_TYPE == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -767,35 +833,41 @@ ZEND_VM_HANDLER(34, ZEND_PRE_INC, VAR|CV, ANY) } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(35, ZEND_PRE_DEC, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + zval **var_ptr; - if (OP1_TYPE == IS_VAR && !var_ptr) { + SAVE_OPLINE(); + var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + + if (OP1_TYPE == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (OP1_TYPE == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -808,37 +880,44 @@ ZEND_VM_HANDLER(35, ZEND_PRE_DEC, VAR|CV, ANY) } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(36, ZEND_POST_INC, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + zval **var_ptr, *retval; + + SAVE_OPLINE(); + var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); - if (OP1_TYPE == IS_VAR && !var_ptr) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (OP1_TYPE == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).tmp_var = *EG(uninitialized_zval_ptr); + ZVAL_NULL(&EX_T(opline->result.var).tmp_var); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - EX_T(opline->result.var).tmp_var = **var_ptr; - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + retval = &EX_T(opline->result.var).tmp_var; + ZVAL_COPY_VALUE(retval, *var_ptr); + zendi_zval_copy_ctor(*retval); SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -851,32 +930,39 @@ ZEND_VM_HANDLER(36, ZEND_POST_INC, VAR|CV, ANY) } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(37, ZEND_POST_DEC, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + zval **var_ptr, *retval; - if (OP1_TYPE == IS_VAR && !var_ptr) { + SAVE_OPLINE(); + var_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + + if (OP1_TYPE == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (OP1_TYPE == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).tmp_var = *EG(uninitialized_zval_ptr); + ZVAL_NULL(&EX_T(opline->result.var).tmp_var); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - EX_T(opline->result.var).tmp_var = **var_ptr; - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + retval = &EX_T(opline->result.var).tmp_var; + ZVAL_COPY_VALUE(retval, *var_ptr); + zendi_zval_copy_ctor(*retval); SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -889,18 +975,23 @@ ZEND_VM_HANDLER(37, ZEND_POST_DEC, VAR|CV, ANY) } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(40, ZEND_ECHO, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval z_copy; - zval *z = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *z; + + SAVE_OPLINE(); + z = GET_OP1_ZVAL_PTR(BP_VAR_R); if (OP1_TYPE != IS_CONST && - Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get_method != NULL && + UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && + Z_OBJ_HT_P(z)->get_method != NULL && zend_std_cast_object_tostring(z, &z_copy, IS_STRING TSRMLS_CC) == SUCCESS) { zend_print_variable(&z_copy); zval_dtor(&z_copy); @@ -909,31 +1000,33 @@ ZEND_VM_HANDLER(40, ZEND_ECHO, CONST|TMP|VAR|CV, ANY) } FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(41, ZEND_PRINT, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); - - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; + USE_OPLINE + ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); ZEND_VM_DISPATCH_TO_HANDLER(ZEND_ECHO); } ZEND_VM_HELPER_EX(zend_fetch_var_address_helper, CONST|TMP|VAR|CV, ANY, int type) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *varname = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *varname; zval **retval; zval tmp_varname; HashTable *target_symbol_table; ulong hash_value; - if (OP1_TYPE != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp_varname = *varname; + SAVE_OPLINE(); + varname = GET_OP1_ZVAL_PTR(BP_VAR_R); + + if (OP1_TYPE != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { + ZVAL_COPY_VALUE(&tmp_varname, varname); zval_copy_ctor(&tmp_varname); convert_to_string(&tmp_varname); varname = &tmp_varname; @@ -946,6 +1039,7 @@ ZEND_VM_HELPER_EX(zend_fetch_var_address_helper, CONST|TMP|VAR|CV, ANY, int type target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); /* if (!target_symbol_table) { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } */ @@ -969,12 +1063,9 @@ ZEND_VM_HELPER_EX(zend_fetch_var_address_helper, CONST|TMP|VAR|CV, ANY, int type case BP_VAR_RW: zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); /* break missing intentionally */ - case BP_VAR_W: { - zval *new_zval = &EG(uninitialized_zval); - - Z_ADDREF_P(new_zval); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &new_zval, sizeof(zval *), (void **) &retval); - } + case BP_VAR_W: + Z_ADDREF_P(&EG(uninitialized_zval)); + zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); break; EMPTY_SWITCH_DEFAULT_CASE() } @@ -1001,7 +1092,7 @@ ZEND_VM_HELPER_EX(zend_fetch_var_address_helper, CONST|TMP|VAR|CV, ANY, int type if (OP1_TYPE != IS_CONST && varname == &tmp_varname) { - zval_dtor(varname); + zval_dtor(&tmp_varname); } if (RETURN_VALUE_USED(opline)) { if (opline->extended_value & ZEND_FETCH_MAKE_REF) { @@ -1011,25 +1102,25 @@ ZEND_VM_HELPER_EX(zend_fetch_var_address_helper, CONST|TMP|VAR|CV, ANY, int type switch (type) { case BP_VAR_R: case BP_VAR_IS: - AI_SET_PTR(EX_T(opline->result.var).var, *retval); + AI_SET_PTR(&EX_T(opline->result.var), *retval); break; case BP_VAR_UNSET: { zend_free_op free_res; - EX_T(opline->result.var).var.ptr_ptr = retval; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval, &free_res); + if (retval != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval); FREE_OP_VAR_PTR(free_res); - break; + } + /* break missing intentionally */ default: EX_T(opline->result.var).var.ptr_ptr = retval; break; - } } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -1050,8 +1141,10 @@ ZEND_VM_HANDLER(86, ZEND_FETCH_RW, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(92, ZEND_FETCH_FUNC_ARG, CONST|TMP|VAR|CV, ANY) { + USE_OPLINE + ZEND_VM_DISPATCH_TO_HELPER_EX(zend_fetch_var_address_helper, type, - ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (EX(opline)->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R); + ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R); } ZEND_VM_HANDLER(95, ZEND_FETCH_UNSET, CONST|TMP|VAR|CV, ANY) @@ -1066,195 +1159,194 @@ ZEND_VM_HANDLER(89, ZEND_FETCH_IS, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(81, ZEND_FETCH_DIM_R, VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && OP1_TYPE != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_R); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_R TSRMLS_CC); FREE_OP2(); FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(84, ZEND_FETCH_DIM_W, VAR|CV, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + zval **container; - if (OP1_TYPE == IS_VAR && !container) { + SAVE_OPLINE(); + container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_W TSRMLS_CC); FREE_OP2(); - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(87, ZEND_FETCH_DIM_RW, VAR|CV, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); + zval **container; + + SAVE_OPLINE(); + container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_RW); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_RW TSRMLS_CC); FREE_OP2(); - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(90, ZEND_FETCH_DIM_IS, VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_IS); + zval **container; + + SAVE_OPLINE(); + container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_IS); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_IS TSRMLS_CC); FREE_OP2(); FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(93, ZEND_FETCH_DIM_FUNC_ARG, VAR|CV, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_W TSRMLS_CC); - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_W TSRMLS_CC); + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (OP2_TYPE == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_R); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_R TSRMLS_CC); } FREE_OP2(); FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(96, ZEND_FETCH_DIM_UNSET, VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_UNSET); - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval **container; + + SAVE_OPLINE(); + container = GET_OP1_ZVAL_PTR_PTR(BP_VAR_UNSET); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (OP1_TYPE == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, OP2_TYPE, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_UNSET TSRMLS_CC); FREE_OP2(); - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -ZEND_VM_HELPER_EX(zend_fetch_property_address_read_helper, VAR|UNUSED|CV, CONST|TMP|VAR|CV, int type) +ZEND_VM_HELPER(zend_fetch_property_address_read_helper, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = GET_OP1_OBJ_ZVAL_PTR(type); + zval *container; zend_free_op free_op2; - zval *offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = GET_OP1_OBJ_ZVAL_PTR(BP_VAR_R); + offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } FREE_OP2(); } else { @@ -1265,7 +1357,7 @@ ZEND_VM_HELPER_EX(zend_fetch_property_address_read_helper, VAR|UNUSED|CV, CONST| } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -1274,8 +1366,8 @@ ZEND_VM_HELPER_EX(zend_fetch_property_address_read_helper, VAR|UNUSED|CV, CONST| FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (IS_OP2_TMP_FREE()) { @@ -1286,70 +1378,77 @@ ZEND_VM_HELPER_EX(zend_fetch_property_address_read_helper, VAR|UNUSED|CV, CONST| } FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(82, ZEND_FETCH_OBJ_R, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - ZEND_VM_DISPATCH_TO_HELPER_EX(zend_fetch_property_address_read_helper, type, BP_VAR_R); + ZEND_VM_DISPATCH_TO_HELPER(zend_fetch_property_address_read_helper); } ZEND_VM_HANDLER(85, ZEND_FETCH_OBJ_W, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval *property; zval **container; + SAVE_OPLINE(); + property = GET_OP2_ZVAL_PTR(BP_VAR_R); + if (OP1_TYPE == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; } - + if (IS_OP2_TMP_FREE()) { MAKE_REAL_ZVAL_PTR(property); } container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (IS_OP2_TMP_FREE()) { zval_ptr_dtor(&property); } else { FREE_OP2(); } - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(88, ZEND_FETCH_OBJ_RW, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_RW); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = GET_OP2_ZVAL_PTR(BP_VAR_R); + container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_RW); if (IS_OP2_TMP_FREE()) { MAKE_REAL_ZVAL_PTR(property); } - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -1358,37 +1457,84 @@ ZEND_VM_HANDLER(88, ZEND_FETCH_OBJ_RW, VAR|UNUSED|CV, CONST|TMP|VAR|CV) } else { FREE_OP2(); } - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(91, ZEND_FETCH_OBJ_IS, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - ZEND_VM_DISPATCH_TO_HELPER_EX(zend_fetch_property_address_read_helper, type, BP_VAR_IS); + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = GET_OP1_OBJ_ZVAL_PTR(BP_VAR_IS); + offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + FREE_OP2(); + } else { + zval *retval; + + if (IS_OP2_TMP_FREE()) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (IS_OP2_TMP_FREE()) { + zval_ptr_dtor(&offset); + } else { + FREE_OP2(); + } + } + + FREE_OP1(); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(94, ZEND_FETCH_OBJ_FUNC_ARG, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = GET_OP2_ZVAL_PTR(BP_VAR_R); + container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); if (IS_OP2_TMP_FREE()) { MAKE_REAL_ZVAL_PTR(property); } - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -1397,27 +1543,27 @@ ZEND_VM_HANDLER(94, ZEND_FETCH_OBJ_FUNC_ARG, VAR|UNUSED|CV, CONST|TMP|VAR|CV) } else { FREE_OP2(); } - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - ZEND_VM_DISPATCH_TO_HELPER_EX(zend_fetch_property_address_read_helper, type, BP_VAR_R); + ZEND_VM_DISPATCH_TO_HELPER(zend_fetch_property_address_read_helper); } } ZEND_VM_HANDLER(97, ZEND_FETCH_OBJ_UNSET, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_R); - zval *property = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_R); + property = GET_OP2_ZVAL_PTR(BP_VAR_R); if (OP1_TYPE == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -1427,7 +1573,7 @@ ZEND_VM_HANDLER(97, ZEND_FETCH_OBJ_UNSET, VAR|UNUSED|CV, CONST|TMP|VAR|CV) if (IS_OP2_TMP_FREE()) { MAKE_REAL_ZVAL_PTR(property); } - if (OP1_TYPE == IS_VAR && !container) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -1436,13 +1582,8 @@ ZEND_VM_HANDLER(97, ZEND_FETCH_OBJ_UNSET, VAR|UNUSED|CV, CONST|TMP|VAR|CV) } else { FREE_OP2(); } - if (OP1_TYPE == IS_VAR && OP1_FREE && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (OP1_TYPE == IS_VAR && OP1_FREE && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } FREE_OP1_VAR_PTR(); @@ -1452,46 +1593,54 @@ ZEND_VM_HANDLER(97, ZEND_FETCH_OBJ_UNSET, VAR|UNUSED|CV, CONST|TMP|VAR|CV) } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(98, ZEND_FETCH_DIM_TMP_VAR, CONST|TMP, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *container; + + SAVE_OPLINE(); + container = GET_OP1_ZVAL_PTR(BP_VAR_R); - if (Z_TYPE_P(container) != IS_ARRAY) { + if (UNEXPECTED(Z_TYPE_P(container) != IS_ARRAY)) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { zend_free_op free_op2; - zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval *value = *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), GET_OP2_ZVAL_PTR(BP_VAR_R), OP2_TYPE, BP_VAR_R TSRMLS_CC); - AI_SET_PTR(EX_T(opline->result.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, OP2_TYPE, BP_VAR_R TSRMLS_CC)); - SELECTIVE_PZVAL_LOCK(EX_T(opline->result.var).var.ptr, opline); + SELECTIVE_PZVAL_LOCK(value, opline); + AI_SET_PTR(&EX_T(opline->result.var), value); FREE_OP2(); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(136, ZEND_ASSIGN_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); - zval *property_name = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_W); + property_name = GET_OP2_ZVAL_PTR(BP_VAR_R); if (IS_OP2_TMP_FREE()) { MAKE_REAL_ZVAL_PTR(property_name); } - if (OP1_TYPE == IS_VAR && !object_ptr) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (IS_OP2_TMP_FREE()) { zval_ptr_dtor(&property_name); } else { @@ -1499,18 +1648,21 @@ ZEND_VM_HANDLER(136, ZEND_ASSIGN_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|CV) } FREE_OP1_VAR_PTR(); /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(147, ZEND_ASSIGN_DIM, VAR|CV, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + zval **object_ptr; - if (OP1_TYPE == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + + if (OP1_TYPE == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { @@ -1520,7 +1672,7 @@ ZEND_VM_HANDLER(147, ZEND_ASSIGN_DIM, VAR|CV, CONST|TMP|VAR|UNUSED|CV) if (IS_OP2_TMP_FREE()) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((OP2_TYPE == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (IS_OP2_TMP_FREE()) { zval_ptr_dtor(&property_name); } else { @@ -1532,28 +1684,42 @@ ZEND_VM_HANDLER(147, ZEND_ASSIGN_DIM, VAR|CV, CONST|TMP|VAR|UNUSED|CV) zval *dim = GET_OP2_ZVAL_PTR(BP_VAR_R); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, OP2_TYPE, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, OP2_TYPE, BP_VAR_W TSRMLS_CC); FREE_OP2(); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -1561,34 +1727,53 @@ ZEND_VM_HANDLER(147, ZEND_ASSIGN_DIM, VAR|CV, CONST|TMP|VAR|UNUSED|CV) } FREE_OP1_VAR_PTR(); /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(38, ZEND_ASSIGN, VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *value = GET_OP2_ZVAL_PTR(BP_VAR_R); - zval **variable_ptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + zval *value; + zval **variable_ptr_ptr; - if (OP1_TYPE == IS_VAR && !variable_ptr_ptr) { + SAVE_OPLINE(); + value = GET_OP2_ZVAL_PTR(BP_VAR_R); + variable_ptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + + if (OP1_TYPE == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, OP2_TYPE TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (OP1_TYPE == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_OP2_TMP_FREE()) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_OP2_TMP_FREE() TSRMLS_CC); + if (IS_OP2_TMP_FREE()) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } @@ -1597,15 +1782,19 @@ ZEND_VM_HANDLER(38, ZEND_ASSIGN, VAR|CV, CONST|TMP|VAR|CV) /* zend_assign_to_variable() always takes care of op2, never free it! */ FREE_OP2_IF_VAR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(39, ZEND_ASSIGN_REF, VAR|CV, VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval **variable_ptr_ptr; - zval **value_ptr_ptr = GET_OP2_ZVAL_PTR_PTR(BP_VAR_W); + zval **value_ptr_ptr; + + SAVE_OPLINE(); + value_ptr_ptr = GET_OP2_ZVAL_PTR_PTR(BP_VAR_W); if (OP2_TYPE == IS_VAR && value_ptr_ptr && @@ -1618,19 +1807,19 @@ ZEND_VM_HANDLER(39, ZEND_ASSIGN_REF, VAR|CV, VAR|CV) zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { FREE_OP2_VAR_PTR(); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } ZEND_VM_DISPATCH_TO_HANDLER(ZEND_ASSIGN); } else if (OP2_TYPE == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { PZVAL_LOCK(*value_ptr_ptr); } - if (OP1_TYPE == IS_VAR && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } variable_ptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); - if ((OP2_TYPE == IS_VAR && !value_ptr_ptr) || - (OP1_TYPE == IS_VAR && !variable_ptr_ptr)) { + if ((OP2_TYPE == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || + (OP1_TYPE == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); @@ -1640,39 +1829,45 @@ ZEND_VM_HANDLER(39, ZEND_ASSIGN_REF, VAR|CV, VAR|CV) } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *variable_ptr_ptr); PZVAL_LOCK(*variable_ptr_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); } FREE_OP1_VAR_PTR(); FREE_OP2_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(42, ZEND_JMP, ANY, ANY) { + USE_OPLINE + #if DEBUG_ZEND>=2 - printf("Jumping to %d\n", EX(opline)->op1.opline_num); + printf("Jumping to %d\n", opline->op1.opline_num); #endif - ZEND_VM_SET_OPCODE(EX(opline)->op1.jmp_addr); + ZEND_VM_SET_OPCODE(opline->op1.jmp_addr); ZEND_VM_CONTINUE(); /* CHECK_ME */ } ZEND_VM_HANDLER(43, ZEND_JMPZ, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *val; int ret; - if (OP1_TYPE == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = GET_OP1_ZVAL_PTR(BP_VAR_R); + + if (OP1_TYPE == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); FREE_OP1(); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (!ret) { @@ -1688,18 +1883,21 @@ ZEND_VM_HANDLER(43, ZEND_JMPZ, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(44, ZEND_JMPNZ, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *val; int ret; - if (OP1_TYPE == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = GET_OP1_ZVAL_PTR(BP_VAR_R); + + if (OP1_TYPE == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); FREE_OP1(); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (ret) { @@ -1715,18 +1913,21 @@ ZEND_VM_HANDLER(44, ZEND_JMPNZ, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(45, ZEND_JMPZNZ, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *val; int retval; - if (OP1_TYPE == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = GET_OP1_ZVAL_PTR(BP_VAR_R); + + if (OP1_TYPE == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); FREE_OP1(); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (EXPECTED(retval != 0)) { @@ -1746,18 +1947,21 @@ ZEND_VM_HANDLER(45, ZEND_JMPZNZ, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(46, ZEND_JMPZ_EX, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *val; int retval; - if (OP1_TYPE == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = GET_OP1_ZVAL_PTR(BP_VAR_R); + + if (OP1_TYPE == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); FREE_OP1(); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -1774,18 +1978,21 @@ ZEND_VM_HANDLER(46, ZEND_JMPZ_EX, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(47, ZEND_JMPNZ_EX, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *val; int retval; - if (OP1_TYPE == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = GET_OP1_ZVAL_PTR(BP_VAR_R); + + if (OP1_TYPE == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); FREE_OP1(); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -1802,28 +2009,37 @@ ZEND_VM_HANDLER(47, ZEND_JMPNZ_EX, CONST|TMP|VAR|CV, ANY) ZEND_VM_HANDLER(70, ZEND_FREE, TMP, ANY) { - zendi_zval_dtor(EX_T(EX(opline)->op1.var).tmp_var); + USE_OPLINE + + SAVE_OPLINE(); + zendi_zval_dtor(EX_T(opline->op1.var).tmp_var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(53, ZEND_INIT_STRING, ANY, ANY) { - zval *tmp = &EX_T(EX(opline)->result.var).tmp_var; + USE_OPLINE + zval *tmp = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); tmp->value.str.val = emalloc(1); tmp->value.str.val[0] = 0; tmp->value.str.len = 0; Z_SET_REFCOUNT_P(tmp, 1); tmp->type = IS_STRING; Z_UNSET_ISREF_P(tmp); + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(54, ZEND_ADD_CHAR, TMP|UNUSED, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + if (OP1_TYPE == IS_UNUSED) { /* Initialize for erealloc in add_char_to_string */ Z_STRVAL_P(str) = NULL; @@ -1836,14 +2052,17 @@ ZEND_VM_HANDLER(54, ZEND_ADD_CHAR, TMP|UNUSED, CONST) add_char_to_string(str, str, opline->op2.zv); /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(55, ZEND_ADD_STRING, TMP|UNUSED, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + if (OP1_TYPE == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -1856,18 +2075,22 @@ ZEND_VM_HANDLER(55, ZEND_ADD_STRING, TMP|UNUSED, CONST) add_string_to_string(str, str, opline->op2.zv); /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(56, ZEND_ADD_VAR, TMP|UNUSED, TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = GET_OP2_ZVAL_PTR(BP_VAR_R); + if (OP1_TYPE == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -1897,16 +2120,19 @@ ZEND_VM_HANDLER(56, ZEND_ADD_VAR, TMP|UNUSED, TMP|VAR|CV) */ FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(109, ZEND_FETCH_CLASS, ANY, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); - + USE_OPLINE + SAVE_OPLINE(); + EG(exception) = NULL; if (OP2_TYPE == IS_UNUSED) { EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_free_op free_op2; @@ -1923,23 +2149,26 @@ ZEND_VM_HANDLER(109, ZEND_FETCH_CLASS, ANY, CONST|TMP|VAR|UNUSED|CV) } FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } ZEND_VM_HANDLER(112, ZEND_INIT_METHOD_CALL, TMP|VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); function_name = GET_OP2_ZVAL_PTR(BP_VAR_R); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (OP2_TYPE != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } @@ -1948,14 +2177,15 @@ ZEND_VM_HANDLER(112, ZEND_INIT_METHOD_CALL, TMP|VAR|UNUSED|CV, CONST|TMP|VAR|CV) EX(object) = GET_OP1_OBJ_ZVAL_PTR(BP_VAR_R); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((OP2_TYPE == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -1981,21 +2211,23 @@ ZEND_VM_HANDLER(112, ZEND_INIT_METHOD_CALL, TMP|VAR|UNUSED|CV, CONST|TMP|VAR|CV) FREE_OP2(); FREE_OP1_IF_VAR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(113, ZEND_INIT_STATIC_METHOD_CALL, CONST|VAR, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (OP1_TYPE == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -2019,7 +2251,7 @@ ZEND_VM_HANDLER(113, ZEND_INIT_STATIC_METHOD_CALL, CONST|VAR, CONST|TMP|VAR|UNUS } else { function_name = GET_OP2_ZVAL_PTR(BP_VAR_R); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -2033,7 +2265,7 @@ ZEND_VM_HANDLER(113, ZEND_INIT_STATIC_METHOD_CALL, CONST|VAR, CONST|TMP|VAR|UNUS } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((OP2_TYPE == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -2042,11 +2274,11 @@ ZEND_VM_HANDLER(113, ZEND_INIT_STATIC_METHOD_CALL, CONST|VAR, CONST|TMP|VAR|UNUS FREE_OP2(); } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -2078,77 +2310,83 @@ ZEND_VM_HANDLER(113, ZEND_INIT_STATIC_METHOD_CALL, CONST|VAR, CONST|TMP|VAR|UNUS } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(59, ZEND_INIT_FCALL_BY_NAME, ANY, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; - char *function_name_strval, *lcname; - int function_name_strlen; - zend_free_op free_op2; - zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (OP2_TYPE == IS_CONST) { - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc)) == FAILURE) { + function_name = opline->op1.zv; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &EX(fbc)) == FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } + EX(object) = NULL; + /*CHECK_EXCEPTION();*/ + ZEND_VM_NEXT_OPCODE(); } else { + char *function_name_strval, *lcname; + int function_name_strlen; + zend_free_op free_op2; + + SAVE_OPLINE(); function_name = GET_OP2_ZVAL_PTR(BP_VAR_R); - if (OP2_TYPE != IS_CONST && - Z_TYPE_P(function_name) == IS_OBJECT && + if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { + function_name_strval = Z_STRVAL_P(function_name); + function_name_strlen = Z_STRLEN_P(function_name); + if (function_name_strval[0] == '\\') { + function_name_strlen -= 1; + lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + } else { + lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + } + if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + } + efree(lcname); + FREE_OP2(); + EX(object) = NULL; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else if (OP2_TYPE != IS_CONST && + EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) { if (EX(object)) { Z_ADDREF_P(EX(object)); } FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); - } - - if (Z_TYPE_P(function_name) != IS_STRING) { - zend_error_noreturn(E_ERROR, "Function name must be a string"); - } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); - } - if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + zend_error_noreturn(E_ERROR, "Function name must be a string"); } - efree(lcname); - FREE_OP2(); } - - EX(object) = NULL; - ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(69, ZEND_INIT_NS_FCALL_BY_NAME, ANY, CONST) { - zend_op *opline = EX(opline); - zend_op *op_data = opline + 1; + USE_OPLINE - ZEND_VM_INC_OPCODE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc))==FAILURE) { - char *short_name = Z_STRVAL_P(opline->op1.zv)+op_data->op1.num; - if (zend_hash_quick_find(EG(function_table), short_name, Z_STRLEN_P(opline->op1.zv)-op_data->op1.num+1, op_data->extended_value, (void **) &EX(fbc))==FAILURE) { + char *short_name = Z_STRVAL_P(opline->op1.zv) + (opline+1)->op1.num; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), short_name, Z_STRLEN_P(opline->op1.zv) - (opline+1)->op1.num+1, (opline+1)->extended_value, (void **) &EX(fbc))==FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } } EX(object) = NULL; + ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } @@ -2160,8 +2398,8 @@ ZEND_VM_HELPER(zend_leave_helper, ANY, ANY) EG(current_execute_data) = EX(prev_execute_data); EG(opline_ptr) = NULL; if (!EG(active_symbol_table)) { - zval ***cv = EX(CVs); - zval ***end = cv + EX(op_array)->last_var; + zval ***cv = EX_CVs(); + zval ***end = cv + op_array->last_var; while (cv != end) { if (*cv) { zval_ptr_dtor(*cv); @@ -2176,32 +2414,38 @@ ZEND_VM_HELPER(zend_leave_helper, ANY, ANY) if (nested) { execute_data = EG(current_execute_data); + } + if (nested) { + USE_OPLINE - if (EX(call_opline)->opcode == ZEND_INCLUDE_OR_EVAL) { + LOAD_REGS(); + LOAD_OPLINE(); + if (UNEXPECTED(opline->opcode == ZEND_INCLUDE_OR_EVAL)) { EX(function_state).function = (zend_function *) EX(op_array); EX(function_state).arguments = NULL; EX(object) = EX(current_object); - if (RETURN_VALUE_USED(EX(call_opline))) { - if (!EX_T(EX(call_opline)->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(EX(call_opline)->result.var).var.ptr); - INIT_PZVAL(EX_T(EX(call_opline)->result.var).var.ptr); - Z_LVAL_P(EX_T(EX(call_opline)->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(EX(call_opline)->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(op_array TSRMLS_CC); efree(op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION_LEAVE(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - EX(opline)++; + ZEND_VM_INC_OPCODE(); ZEND_VM_LEAVE(); } else { @@ -2225,7 +2469,7 @@ ZEND_VM_HELPER(zend_leave_helper, ANY, ANY) EX(function_state).arguments = NULL; if (EG(This)) { - if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) { + if (UNEXPECTED(EG(exception) != NULL) && IS_CTOR_CALL(EX(called_scope))) { if (IS_CTOR_USED(EX(called_scope))) { Z_DELREF_P(EG(This)); } @@ -2244,14 +2488,15 @@ ZEND_VM_HELPER(zend_leave_helper, ANY, ANY) zend_vm_stack_clear_multiple(TSRMLS_C); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); - if (RETURN_VALUE_USED(EX(call_opline)) && EX_T(EX(call_opline)->result.var).var.ptr) { - zval_ptr_dtor(&EX_T(EX(call_opline)->result.var).var.ptr); + if (RETURN_VALUE_USED(opline) && EX_T(opline->result.var).var.ptr) { + zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); } + HANDLE_EXCEPTION_LEAVE(); } - EX(opline)++; + ZEND_VM_INC_OPCODE(); ZEND_VM_LEAVE(); } } @@ -2260,89 +2505,99 @@ ZEND_VM_HELPER(zend_leave_helper, ANY, ANY) ZEND_VM_HELPER(zend_do_fcall_common_helper, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_bool should_change_scope = 0; + zend_function *fbc = EX(function_state).function; - if (EX(function_state).function->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) { - if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) { - zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + SAVE_OPLINE(); + if (UNEXPECTED((fbc->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) != 0)) { + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_ABSTRACT) != 0)) { + zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", fbc->common.scope->name, fbc->common.function_name); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); /* Never reached */ } - if (EX(function_state).function->common.fn_flags & ZEND_ACC_DEPRECATED) { + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_DEPRECATED) != 0)) { zend_error(E_DEPRECATED, "Function %s%s%s() is deprecated", - EX(function_state).function->common.scope ? EX(function_state).function->common.scope->name : "", - EX(function_state).function->common.scope ? "::" : "", - EX(function_state).function->common.function_name); + fbc->common.scope ? fbc->common.scope->name : "", + fbc->common.scope ? "::" : "", + fbc->common.function_name); } } - if (EX(function_state).function->common.scope && - !(EX(function_state).function->common.fn_flags & ZEND_ACC_STATIC) && + if (fbc->common.scope && + !(fbc->common.fn_flags & ZEND_ACC_STATIC) && !EX(object)) { - if (EX(function_state).function->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { /* FIXME: output identifiers properly */ - zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", fbc->common.scope->name, fbc->common.function_name); } else { /* FIXME: output identifiers properly */ /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", fbc->common.scope->name, fbc->common.function_name); } } - if (EX(function_state).function->type == ZEND_USER_FUNCTION || - EX(function_state).function->common.scope) { + if (fbc->type == ZEND_USER_FUNCTION || fbc->common.scope) { should_change_scope = 1; EX(current_this) = EG(This); EX(current_scope) = EG(scope); EX(current_called_scope) = EG(called_scope); EG(This) = EX(object); - EG(scope) = (EX(function_state).function->type == ZEND_USER_FUNCTION || !EX(object)) ? EX(function_state).function->common.scope : NULL; + EG(scope) = (fbc->type == ZEND_USER_FUNCTION || !EX(object)) ? fbc->common.scope : NULL; EG(called_scope) = EX(called_scope); } zend_arg_types_stack_3_pop(&EG(arg_types_stack), &EX(called_scope), &EX(current_object), &EX(fbc)); EX(function_state).arguments = zend_vm_stack_push_args(opline->extended_value TSRMLS_CC); + LOAD_OPLINE(); - if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION) { - ALLOC_INIT_ZVAL(EX_T(opline->result.var).var.ptr); - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EX_T(opline->result.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference; + if (fbc->type == ZEND_INTERNAL_FUNCTION) { + temp_variable *ret = &EX_T(opline->result.var); - if (EX(function_state).function->common.arg_info) { + MAKE_STD_ZVAL(ret->var.ptr); + ZVAL_NULL(ret->var.ptr); + ret->var.ptr_ptr = &ret->var.ptr; + ret->var.fcall_returned_reference = fbc->common.return_reference; + + if (fbc->common.arg_info) { zend_uint i=0; zval **p = (zval**)EX(function_state).arguments; ulong arg_count = opline->extended_value; while (arg_count>0) { - zend_verify_arg_type(EX(function_state).function, ++i, *(p-arg_count), 0 TSRMLS_CC); + zend_verify_arg_type(fbc, ++i, *(p-arg_count), 0 TSRMLS_CC); arg_count--; } } + if (!zend_execute_internal) { /* saves one function call if zend_execute_internal is not used */ - ((zend_internal_function *) EX(function_state).function)->handler(opline->extended_value, EX_T(opline->result.var).var.ptr, EX(function_state).function->common.return_reference?&EX_T(opline->result.var).var.ptr:NULL, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); + fbc->internal_function.handler(opline->extended_value, ret->var.ptr, fbc->common.return_reference ? &ret->var.ptr : NULL, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); } else { zend_execute_internal(EXECUTE_DATA, RETURN_VALUE_USED(opline) TSRMLS_CC); } if (!RETURN_VALUE_USED(opline)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + zval_ptr_dtor(&ret->var.ptr); } - } else if (EX(function_state).function->type == ZEND_USER_FUNCTION) { + } else if (fbc->type == ZEND_USER_FUNCTION) { EX(original_return_value) = EG(return_value_ptr_ptr); EG(active_symbol_table) = NULL; - EG(active_op_array) = &EX(function_state).function->op_array; + EG(active_op_array) = &fbc->op_array; EG(return_value_ptr_ptr) = NULL; - if (RETURN_VALUE_USED(opline)) { - EG(return_value_ptr_ptr) = &EX_T(opline->result.var).var.ptr; - EX_T(opline->result.var).var.ptr = NULL; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EX_T(opline->result.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference; + if (RETURN_VALUE_USED(opline)) { + temp_variable *ret = &EX_T(opline->result.var); + + ret->var.ptr = NULL; + EG(return_value_ptr_ptr) = &ret->var.ptr; + ret->var.ptr_ptr = &ret->var.ptr; + ret->var.fcall_returned_reference = fbc->common.return_reference; } - if (zend_execute == execute && !EG(exception)) { - EX(call_opline) = opline; - ZEND_VM_ENTER(); + if (EXPECTED(zend_execute == execute)) { + if (EXPECTED(EG(exception) == NULL)) { + ZEND_VM_ENTER(); + } } else { zend_execute(EG(active_op_array) TSRMLS_CC); } @@ -2363,19 +2618,20 @@ ZEND_VM_HELPER(zend_do_fcall_common_helper, ANY, ANY) } EG(active_symbol_table) = EX(symbol_table); } else { /* ZEND_OVERLOADED_FUNCTION */ - ALLOC_INIT_ZVAL(EX_T(opline->result.var).var.ptr); + MAKE_STD_ZVAL(EX_T(opline->result.var).var.ptr); + ZVAL_NULL(EX_T(opline->result.var).var.ptr); /* Not sure what should be done here if it's a static method */ - if (EX(object)) { - Z_OBJ_HT_P(EX(object))->call_method(EX(function_state).function->common.function_name, opline->extended_value, EX_T(opline->result.var).var.ptr, &EX_T(opline->result.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); + if (EXPECTED(EX(object) != NULL)) { + Z_OBJ_HT_P(EX(object))->call_method(fbc->common.function_name, opline->extended_value, EX_T(opline->result.var).var.ptr, &EX_T(opline->result.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); } else { zend_error_noreturn(E_ERROR, "Cannot call overloaded function for non-object"); } - if (EX(function_state).function->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) { - efree(EX(function_state).function->common.function_name); + if (fbc->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) { + efree(fbc->common.function_name); } - efree(EX(function_state).function); + efree(fbc); if (!RETURN_VALUE_USED(opline)) { zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); @@ -2392,7 +2648,7 @@ ZEND_VM_HELPER(zend_do_fcall_common_helper, ANY, ANY) if (should_change_scope) { if (EG(This)) { - if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) { + if (UNEXPECTED(EG(exception) != NULL) && IS_CTOR_CALL(EX(called_scope))) { if (IS_CTOR_USED(EX(called_scope))) { Z_DELREF_P(EG(This)); } @@ -2412,11 +2668,12 @@ ZEND_VM_HELPER(zend_do_fcall_common_helper, ANY, ANY) zend_vm_stack_clear_multiple(TSRMLS_C); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); if (RETURN_VALUE_USED(opline) && EX_T(opline->result.var).var.ptr) { zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); } + HANDLE_EXCEPTION(); } ZEND_VM_NEXT_OPCODE(); @@ -2430,13 +2687,14 @@ ZEND_VM_HANDLER(61, ZEND_DO_FCALL_BY_NAME, ANY, ANY) ZEND_VM_HANDLER(60, ZEND_DO_FCALL, CONST, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *fname = GET_OP1_ZVAL_PTR(BP_VAR_R); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(fname), Z_STRLEN_P(fname)+1, Z_HASH_P(fname), (void **) &EX(function_state).function)==FAILURE) { + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(fname), Z_STRLEN_P(fname)+1, Z_HASH_P(fname), (void **) &EX(function_state).function)==FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", fname->value.str.val); } EX(object) = NULL; @@ -2448,12 +2706,13 @@ ZEND_VM_HANDLER(60, ZEND_DO_FCALL, CONST, ANY) ZEND_VM_HANDLER(62, ZEND_RETURN, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval *retval_ptr; zval **retval_ptr_ptr; zend_free_op free_op1; - if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) { + SAVE_OPLINE(); + if (UNEXPECTED(EG(active_op_array)->return_reference == ZEND_RETURN_REF)) { if (OP1_TYPE == IS_CONST || OP1_TYPE == IS_TMP_VAR) { /* Not supposed to happen, but we'll allow it */ @@ -2463,7 +2722,7 @@ ZEND_VM_HANDLER(62, ZEND_RETURN, CONST|TMP|VAR|CV, ANY) retval_ptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); - if (OP1_TYPE == IS_VAR && !retval_ptr_ptr) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } @@ -2485,6 +2744,8 @@ ZEND_VM_HANDLER(62, ZEND_RETURN, CONST|TMP|VAR|CV, ANY) (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr); } + FREE_OP1_IF_VAR(); + ZEND_VM_DISPATCH_TO_HELPER(zend_leave_helper); } else { ZEND_VM_C_LABEL(return_by_value): @@ -2515,21 +2776,22 @@ ZEND_VM_C_LABEL(return_by_value): INIT_PZVAL_COPY(ret, retval_ptr); *EG(return_value_ptr_ptr) = ret; } + FREE_OP1_IF_VAR(); + ZEND_VM_DISPATCH_TO_HELPER(zend_leave_helper); } - FREE_OP1_IF_VAR(); - ZEND_VM_DISPATCH_TO_HELPER(zend_leave_helper); } ZEND_VM_HANDLER(108, ZEND_THROW, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval *value; zval *exception; zend_free_op free_op1; + SAVE_OPLINE(); value = GET_OP1_ZVAL_PTR(BP_VAR_R); - if (OP1_TYPE == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) { + if (OP1_TYPE == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "Can only throw objects"); } zend_exception_save(TSRMLS_C); @@ -2543,26 +2805,28 @@ ZEND_VM_HANDLER(108, ZEND_THROW, CONST|TMP|VAR|CV, ANY) zend_throw_exception_object(exception TSRMLS_CC); zend_exception_restore(TSRMLS_C); FREE_OP1_IF_VAR(); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } -ZEND_VM_HANDLER(107, ZEND_CATCH, ANY, CV) +ZEND_VM_HANDLER(107, ZEND_CATCH, CONST, CV) { - zend_op *opline = EX(opline); - zend_class_entry *ce; + USE_OPLINE + zend_class_entry *ce, *catch_ce; + SAVE_OPLINE(); /* Check whether an exception has been thrown, if not, jump over code */ zend_exception_restore(TSRMLS_C); if (EG(exception) == NULL) { ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); ZEND_VM_CONTINUE(); /* CHECK_ME */ } + catch_ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, ZEND_FETCH_CLASS_NO_AUTOLOAD TSRMLS_CC); ce = Z_OBJCE_P(EG(exception)); - if (ce != EX_T(opline->op1.var).class_entry) { - if (!instanceof_function(ce, EX_T(opline->op1.var).class_entry TSRMLS_CC)) { + if (ce != catch_ce) { + if (!instanceof_function(ce, catch_ce TSRMLS_CC)) { if (opline->result.num) { zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); ZEND_VM_CONTINUE(); /* CHECK_ME */ @@ -2570,15 +2834,15 @@ ZEND_VM_HANDLER(107, ZEND_CATCH, ANY, CV) } if (!EG(active_symbol_table)) { - if (EX(CVs)[opline->op2.var]) { - zval_ptr_dtor(EX(CVs)[opline->op2.var]); + if (EX_CV(opline->op2.var)) { + zval_ptr_dtor(EX_CV(opline->op2.var)); } - EX(CVs)[opline->op2.var] = (zval**)EX(CVs) + (EX(op_array)->last_var + opline->op2.var); - *EX(CVs)[opline->op2.var] = EG(exception); + EX_CV(opline->op2.var) = (zval**)EX_CVs() + (EX(op_array)->last_var + opline->op2.var); + *EX_CV(opline->op2.var) = EG(exception); } else { zend_compiled_variable *cv = &CV_DEF_OF(opline->op2.var); zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, - &EG(exception), sizeof(zval *), (void**)&EX(CVs)[opline->op2.var]); + &EG(exception), sizeof(zval *), (void**)&EX_CV(opline->op2.var)); } EG(exception) = NULL; ZEND_VM_NEXT_OPCODE(); @@ -2586,7 +2850,9 @@ ZEND_VM_HANDLER(107, ZEND_CATCH, ANY, CV) ZEND_VM_HANDLER(65, ZEND_SEND_VAL, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (opline->extended_value==ZEND_DO_FCALL_BY_NAME && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); @@ -2606,12 +2872,13 @@ ZEND_VM_HANDLER(65, ZEND_SEND_VAL, CONST|TMP|VAR|CV, ANY) zend_vm_stack_push(valptr TSRMLS_CC); FREE_OP1_IF_VAR(); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HELPER(zend_send_by_var_helper, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval *varptr; zend_free_op free_op1; varptr = GET_OP1_ZVAL_PTR(BP_VAR_R); @@ -2624,7 +2891,7 @@ ZEND_VM_HELPER(zend_send_by_var_helper, VAR|CV, ANY) zval *original_var = varptr; ALLOC_ZVAL(varptr); - *varptr = *original_var; + ZVAL_COPY_VALUE(varptr, original_var); Z_UNSET_ISREF_P(varptr); Z_SET_REFCOUNT_P(varptr, 0); zval_copy_ctor(varptr); @@ -2633,15 +2900,17 @@ ZEND_VM_HELPER(zend_send_by_var_helper, VAR|CV, ANY) zend_vm_stack_push(varptr TSRMLS_CC); FREE_OP1(); /* for string offsets */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(106, ZEND_SEND_VAR_NO_REF, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *varptr; + SAVE_OPLINE(); if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */ if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) { ZEND_VM_DISPATCH_TO_HELPER(zend_send_by_var_helper); @@ -2683,24 +2952,27 @@ ZEND_VM_HANDLER(106, ZEND_SEND_VAR_NO_REF, VAR|CV, ANY) zend_vm_stack_push(valptr TSRMLS_CC); } FREE_OP1_IF_VAR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(67, ZEND_SEND_REF, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval **varptr_ptr; zval *varptr; + + SAVE_OPLINE(); varptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); - if (OP1_TYPE == IS_VAR && !varptr_ptr) { + if (OP1_TYPE == IS_VAR && UNEXPECTED(varptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Only variables can be passed by reference"); } - if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { - ZEND_VM_DISPATCH_TO_HELPER(zend_send_by_var_helper); - } + if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { + ZEND_VM_DISPATCH_TO_HELPER(zend_send_by_var_helper); + } SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr); varptr = *varptr_ptr; @@ -2708,64 +2980,72 @@ ZEND_VM_HANDLER(67, ZEND_SEND_REF, VAR|CV, ANY) zend_vm_stack_push(varptr TSRMLS_CC); FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(66, ZEND_SEND_VAR, VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME) && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { ZEND_VM_DISPATCH_TO_HANDLER(ZEND_SEND_REF); } + SAVE_OPLINE(); ZEND_VM_DISPATCH_TO_HELPER(zend_send_by_var_helper); } ZEND_VM_HANDLER(63, ZEND_RECV, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_uint arg_num = opline->op1.num; zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); - if (param == NULL) { - char *space; - char *class_name = get_active_class_name(&space TSRMLS_CC); - zend_execute_data *ptr = EX(prev_execute_data); - + SAVE_OPLINE(); + if (UNEXPECTED(param == NULL)) { if (zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, NULL, opline->extended_value TSRMLS_CC)) { + char *space; + char *class_name; + zend_execute_data *ptr; + + if (EG(active_op_array)->scope) { + class_name = EG(active_op_array)->scope->name; + space = "::"; + } else { + class_name = space = ""; + } + ptr = EX(prev_execute_data); + if(ptr && ptr->op_array) { zend_error(E_WARNING, "Missing argument %u for %s%s%s(), called in %s on line %d and defined", opline->op1.num, class_name, space, get_active_function_name(TSRMLS_C), ptr->op_array->filename, ptr->opline->lineno); } else { zend_error(E_WARNING, "Missing argument %u for %s%s%s()", opline->op1.num, class_name, space, get_active_function_name(TSRMLS_C)); } } - if (opline->result_type == IS_VAR) { - PZVAL_UNLOCK_FREE(*EX_T(opline->result.var).var.ptr_ptr); - } } else { - zend_free_op free_res; zval **var_ptr; zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param, opline->extended_value TSRMLS_CC); - var_ptr = get_zval_ptr_ptr(opline->result_type, &opline->result, EX(Ts), &free_res, BP_VAR_W); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->result.var TSRMLS_CC); Z_DELREF_PP(var_ptr); *var_ptr = *param; Z_ADDREF_PP(var_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(64, ZEND_RECV_INIT, ANY, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE zval *assignment_value; zend_uint arg_num = opline->op1.num; - zend_free_op free_res; zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); zval **var_ptr; + SAVE_OPLINE(); if (param == NULL) { ALLOC_ZVAL(assignment_value); *assignment_value = *opline->op2.zv; @@ -2783,46 +3063,51 @@ ZEND_VM_HANDLER(64, ZEND_RECV_INIT, ANY, CONST) } zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value, opline->extended_value TSRMLS_CC); - var_ptr = get_zval_ptr_ptr(opline->result_type, &opline->result, EX(Ts), &free_res, BP_VAR_W); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->result.var TSRMLS_CC); Z_DELREF_PP(var_ptr); *var_ptr = assignment_value; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(52, ZEND_BOOL, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + zval *retval = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - Z_LVAL(EX_T(opline->result.var).tmp_var) = i_zend_is_true(GET_OP1_ZVAL_PTR(BP_VAR_R)); - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; + ZVAL_BOOL(retval, i_zend_is_true(GET_OP1_ZVAL_PTR(BP_VAR_R))); FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(50, ZEND_BRK, ANY, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zend_brk_cont_element *el; + SAVE_OPLINE(); el = zend_brk_cont(GET_OP2_ZVAL_PTR(BP_VAR_R), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + EX(op_array), EX_Ts() TSRMLS_CC); FREE_OP2(); ZEND_VM_JMP(EX(op_array)->opcodes + el->brk); } ZEND_VM_HANDLER(51, ZEND_CONT, ANY, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zend_brk_cont_element *el; + SAVE_OPLINE(); el = zend_brk_cont(GET_OP2_ZVAL_PTR(BP_VAR_R), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + EX(op_array), EX_Ts() TSRMLS_CC); FREE_OP2(); ZEND_VM_JMP(EX(op_array)->opcodes + el->cont); } @@ -2830,11 +3115,12 @@ ZEND_VM_HANDLER(51, ZEND_CONT, ANY, CONST|TMP|VAR|CV) ZEND_VM_HANDLER(100, ZEND_GOTO, ANY, CONST) { zend_op *brk_opline; - zend_op *opline = EX(opline); + USE_OPLINE zend_brk_cont_element *el; + SAVE_OPLINE(); el = zend_brk_cont(opline->op2.zv, opline->extended_value, - EX(op_array), EX(Ts) TSRMLS_CC); + EX(op_array), EX_Ts() TSRMLS_CC); brk_opline = EX(op_array)->opcodes + el->brk; @@ -2855,10 +3141,11 @@ ZEND_VM_HANDLER(100, ZEND_GOTO, ANY, CONST) ZEND_VM_HANDLER(48, ZEND_CASE, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); if (OP1_TYPE==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -2882,24 +3169,28 @@ ZEND_VM_HANDLER(48, ZEND_CASE, CONST|TMP|VAR|CV, CONST|TMP|VAR|CV) EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(49, ZEND_SWITCH_FREE, VAR, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); zend_switch_free(&EX_T(opline->op1.var), opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(68, ZEND_NEW, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval *object_zval; zend_function *constructor; - if (EX_T(opline->op1.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) { + SAVE_OPLINE(); + if (UNEXPECTED((EX_T(opline->op1.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) != 0)) { char *class_type; if (EX_T(opline->op1.var).class_entry->ce_flags & ZEND_ACC_INTERFACE) { @@ -2917,15 +3208,15 @@ ZEND_VM_HANDLER(68, ZEND_NEW, ANY, ANY) if (constructor == NULL) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, object_zval); + AI_SET_PTR(&EX_T(opline->result.var), object_zval); } else { zval_ptr_dtor(&object_zval); } ZEND_VM_JMP(EX(op_array)->opcodes + opline->op2.opline_num); } else { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, object_zval); PZVAL_LOCK(object_zval); + AI_SET_PTR(&EX_T(opline->result.var), object_zval); } zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), ENCODE_CTOR(EX(called_scope), RETURN_VALUE_USED(opline))); @@ -2935,29 +3226,33 @@ ZEND_VM_HANDLER(68, ZEND_NEW, ANY, ANY) EX(fbc) = constructor; EX(called_scope) = EX_T(opline->op1.var).class_entry; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } ZEND_VM_HANDLER(110, ZEND_CLONE, CONST|TMP|VAR|UNUSED|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *obj = GET_OP1_OBJ_ZVAL_PTR(BP_VAR_R); + zval *obj; zend_class_entry *ce; zend_function *clone; zend_object_clone_obj_t clone_call; + SAVE_OPLINE(); + obj = GET_OP1_OBJ_ZVAL_PTR(BP_VAR_R); + if (OP1_TYPE == IS_CONST || - (OP1_TYPE == IS_VAR && !obj) || - Z_TYPE_P(obj) != IS_OBJECT) { + (OP1_TYPE == IS_VAR && UNEXPECTED(obj == NULL)) || + UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "__clone method called on non-object"); } ce = Z_OBJCE_P(obj); clone = ce ? ce->clone : NULL; clone_call = Z_OBJ_HT_P(obj)->clone_obj; - if (!clone_call) { + if (UNEXPECTED(clone_call == NULL)) { if (ce) { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); } else { @@ -2969,37 +3264,42 @@ ZEND_VM_HANDLER(110, ZEND_CLONE, CONST|TMP|VAR|UNUSED|CV, ANY) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (ce != EG(scope)) { + if (UNEXPECTED(ce != EG(scope))) { zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (!zend_check_protected(clone->common.scope, EG(scope))) { + if (UNEXPECTED(!zend_check_protected(clone->common.scope, EG(scope)))) { zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!EG(exception)) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - Z_OBJVAL_P(EX_T(opline->result.var).var.ptr) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_OBJECT; - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - Z_SET_ISREF_P(EX_T(opline->result.var).var.ptr); - if (!RETURN_VALUE_USED(opline) || EG(exception)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (EXPECTED(EG(exception) == NULL)) { + zval *retval; + + ALLOC_ZVAL(retval); + Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); + Z_TYPE_P(retval) = IS_OBJECT; + Z_SET_REFCOUNT_P(retval, 1); + Z_SET_ISREF_P(retval); + if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor(&retval); + } else { + AI_SET_PTR(&EX_T(opline->result.var), retval); } } FREE_OP1_IF_VAR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(99, ZEND_FETCH_CONSTANT, VAR|CONST|UNUSED, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); if (OP1_TYPE == IS_UNUSED) { /* namespaced constant */ if (!zend_get_constant_ex(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), &EX_T(opline->result.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) { @@ -3014,10 +3314,10 @@ ZEND_VM_HANDLER(99, ZEND_FETCH_CONSTANT, VAR|CONST|UNUSED, CONST) zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); } else { - zend_error_noreturn(E_ERROR, "Undefined constant '%s'", - Z_STRVAL_P(opline->op2.zv), Z_STRVAL_P(opline->op2.zv)); + zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { /* class constant */ @@ -3027,14 +3327,14 @@ ZEND_VM_HANDLER(99, ZEND_FETCH_CONSTANT, VAR|CONST|UNUSED, CONST) if (OP1_TYPE == IS_CONST) { ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { ce = EX_T(opline->op1.var).class_entry; } - if (zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS) { + if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { zend_class_entry *old_scope = EG(scope); @@ -3043,54 +3343,39 @@ ZEND_VM_HANDLER(99, ZEND_FETCH_CONSTANT, VAR|CONST|UNUSED, CONST) zval_update_constant(value, (void *) 1 TSRMLS_CC); EG(scope) = old_scope; } - EX_T(opline->result.var).tmp_var = **value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } ZEND_VM_HANDLER(72, ZEND_ADD_ARRAY_ELEMENT, CONST|TMP|VAR|CV, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); - zend_free_op free_op1, free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zend_free_op free_op1; zval *expr_ptr; - zval *offset=GET_OP2_ZVAL_PTR(BP_VAR_R); - ulong hval; - long index; -#if !defined(ZEND_VM_SPEC) || OP1_TYPE == IS_VAR || OP1_TYPE == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((OP1_TYPE == IS_VAR || OP1_TYPE == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); - if (opline->extended_value) { - expr_ptr_ptr=GET_OP1_ZVAL_PTR_PTR(BP_VAR_W); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { expr_ptr=GET_OP1_ZVAL_PTR(BP_VAR_R); - } -#else - expr_ptr=GET_OP1_ZVAL_PTR(BP_VAR_R); -#endif - - if (IS_OP1_TMP_FREE()) { /* temporary variable */ - zval *new_expr; + if (IS_OP1_TMP_FREE()) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if !defined(ZEND_VM_SPEC) || OP1_TYPE == IS_VAR || OP1_TYPE == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (OP1_TYPE == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (OP1_TYPE == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -3101,7 +3386,13 @@ ZEND_VM_HANDLER(72, ZEND_ADD_ARRAY_ELEMENT, CONST|TMP|VAR|CV, CONST|TMP|VAR|UNUS Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (OP2_TYPE != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -3110,7 +3401,7 @@ ZEND_VM_HANDLER(72, ZEND_ADD_ARRAY_ELEMENT, CONST|TMP|VAR|CV, CONST|TMP|VAR|UNUS case IS_BOOL: index = Z_LVAL_P(offset); ZEND_VM_C_LABEL(num_index): - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (OP2_TYPE == IS_CONST) { @@ -3123,10 +3414,10 @@ ZEND_VM_C_LABEL(num_index): hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -3136,19 +3427,20 @@ ZEND_VM_C_LABEL(num_index): } FREE_OP2(); } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((OP1_TYPE == IS_VAR || OP1_TYPE == IS_CV) && opline->extended_value) { FREE_OP1_VAR_PTR(); } else { FREE_OP1_IF_VAR(); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(71, ZEND_INIT_ARRAY, CONST|TMP|VAR|UNUSED|CV, CONST|TMP|VAR|UNUSED|CV) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (OP1_TYPE == IS_UNUSED) { @@ -3162,13 +3454,16 @@ ZEND_VM_HANDLER(71, ZEND_INIT_ARRAY, CONST|TMP|VAR|UNUSED|CV, CONST|TMP|VAR|UNUS ZEND_VM_HANDLER(21, ZEND_CAST, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *expr = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *expr; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + expr = GET_OP1_ZVAL_PTR(BP_VAR_R); + if (opline->extended_value != IS_STRING) { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!IS_OP1_TMP_FREE()) { zendi_zval_copy_ctor(*result); } @@ -3192,12 +3487,12 @@ ZEND_VM_HANDLER(21, ZEND_CAST, CONST|TMP|VAR|CV, ANY) zend_make_printable_zval(expr, &var_copy, &use_copy); if (use_copy) { - *result = var_copy; + ZVAL_COPY_VALUE(result, &var_copy); if (IS_OP1_TMP_FREE()) { FREE_OP1(); } } else { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!IS_OP1_TMP_FREE()) { zendi_zval_copy_ctor(*result); } @@ -3212,28 +3507,29 @@ ZEND_VM_HANDLER(21, ZEND_CAST, CONST|TMP|VAR|CV, ANY) break; } FREE_OP1_IF_VAR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(73, ZEND_INCLUDE_OR_EVAL, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_op_array *new_op_array=NULL; - int return_value_used; zend_free_op free_op1; - zval *inc_filename = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *inc_filename; zval tmp_inc_filename; zend_bool failure_retval=0; + SAVE_OPLINE(); + inc_filename = GET_OP1_ZVAL_PTR(BP_VAR_R); + if (inc_filename->type!=IS_STRING) { - tmp_inc_filename = *inc_filename; + ZVAL_COPY_VALUE(&tmp_inc_filename, inc_filename); zval_copy_ctor(&tmp_inc_filename); convert_to_string(&tmp_inc_filename); inc_filename = &tmp_inc_filename; } - return_value_used = RETURN_VALUE_USED(opline); - switch (opline->extended_value) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -3291,12 +3587,18 @@ ZEND_VM_HANDLER(73, ZEND_INCLUDE_OR_EVAL, CONST|TMP|VAR|CV, ANY) zval_dtor(&tmp_inc_filename); } FREE_OP1(); - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (new_op_array && !EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } else if (EXPECTED(new_op_array != NULL)) { EX(original_return_value) = EG(return_value_ptr_ptr); - EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.var).var.ptr_ptr : NULL; EG(active_op_array) = new_op_array; - EX_T(opline->result.var).var.ptr = NULL; + if (RETURN_VALUE_USED(opline)) { + EX_T(opline->result.var).var.ptr = NULL; + EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; + } else { + EG(return_value_ptr_ptr) = NULL; + } EX(current_object) = EX(object); @@ -3307,8 +3609,7 @@ ZEND_VM_HANDLER(73, ZEND_INCLUDE_OR_EVAL, CONST|TMP|VAR|CV, ANY) zend_rebuild_symbol_table(TSRMLS_C); } - if (zend_execute == execute) { - EX(call_opline) = opline; + if (EXPECTED(zend_execute == execute)) { ZEND_VM_ENTER(); } else { zend_execute(new_op_array TSRMLS_CC); @@ -3317,75 +3618,62 @@ ZEND_VM_HANDLER(73, ZEND_INCLUDE_OR_EVAL, CONST|TMP|VAR|CV, ANY) EX(function_state).function = (zend_function *) EX(op_array); EX(object) = EX(current_object); - if (return_value_used) { - if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); efree(new_op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - } else { - if (return_value_used) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_ZVAL(*EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = failure_retval; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } + + } else if (RETURN_VALUE_USED(opline)) { + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, failure_retval); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(74, ZEND_UNSET_VAR, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval tmp, *varname; HashTable *target_symbol_table; zend_free_op free_op1; + SAVE_OPLINE(); if (OP1_TYPE == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { if (EG(active_symbol_table)) { - zend_execute_data *ex = EX(prev_execute_data); zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) { - while (ex && ex->symbol_table == EG(active_symbol_table)) { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == cv->hash_value && - ex->op_array->vars[i].name_len == cv->name_len && - !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } - } - EX(CVs)[opline->op1.var] = NULL; - } else if (EX(CVs)[opline->op1.var]) { - zval_ptr_dtor(EX(CVs)[opline->op1.var]); - EX(CVs)[opline->op1.var] = NULL; + zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); + EX_CV(opline->op1.var) = NULL; + } else if (EX_CV(opline->op1.var)) { + zval_ptr_dtor(EX_CV(opline->op1.var)); + EX_CV(opline->op1.var) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } varname = GET_OP1_ZVAL_PTR(BP_VAR_R); if (OP1_TYPE != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -3399,45 +3687,32 @@ ZEND_VM_HANDLER(74, ZEND_UNSET_VAR, CONST|TMP|VAR|CV, ANY) ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) { - zend_execute_data *ex = EXECUTE_DATA; - - do { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == varname->value.str.len && - !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } while (ex && ex->symbol_table == target_symbol_table); - } + zend_delete_variable(EXECUTE_DATA, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); } - if (varname == &tmp) { + if (OP1_TYPE != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } else if (OP1_TYPE == IS_VAR || OP1_TYPE == IS_CV) { zval_ptr_dtor(&varname); } FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(75, ZEND_UNSET_DIM, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_UNSET); - zval *offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_UNSET); + offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + if (OP1_TYPE != IS_VAR || container) { if (OP1_TYPE == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -3471,24 +3746,10 @@ ZEND_VM_C_LABEL(num_index_dim): hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = EXECUTE_DATA; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (OP2_TYPE == IS_CV || OP2_TYPE == IS_VAR) { zval_ptr_dtor(&offset); @@ -3505,7 +3766,7 @@ ZEND_VM_C_LABEL(num_index_dim): break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (IS_OP2_TMP_FREE()) { @@ -3530,15 +3791,20 @@ ZEND_VM_C_LABEL(num_index_dim): } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(76, ZEND_UNSET_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|CV) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_UNSET); - zval *offset = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_UNSET); + offset = GET_OP2_ZVAL_PTR(BP_VAR_R); if (OP1_TYPE != IS_VAR || container) { if (OP1_TYPE == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -3566,12 +3832,13 @@ ZEND_VM_HANDLER(76, ZEND_UNSET_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|CV) } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *array_ptr, **array_ptr_ptr; HashTable *fe_ht; @@ -3579,10 +3846,13 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) zend_class_entry *ce = NULL; zend_bool is_empty = 0; + SAVE_OPLINE(); + if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { array_ptr_ptr = GET_OP1_ZVAL_PTR_PTR(BP_VAR_R); if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - ALLOC_INIT_ZVAL(array_ptr); + MAKE_STD_ZVAL(array_ptr); + ZVAL_NULL(array_ptr); } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); @@ -3642,7 +3912,7 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) if (ce && ce->get_iterator) { iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); - if (iter && !EG(exception)) { + if (iter && EXPECTED(EG(exception) == NULL)) { array_ptr = zend_iterator_wrap(iter TSRMLS_CC); } else { if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -3654,18 +3924,18 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); } zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } - AI_SET_PTR(EX_T(opline->result.var).var, array_ptr); PZVAL_LOCK(array_ptr); + AI_SET_PTR(&EX_T(opline->result.var), array_ptr); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -3673,11 +3943,11 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) } else { FREE_OP1_IF_VAR(); } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -3685,7 +3955,7 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) } else { FREE_OP1_IF_VAR(); } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { @@ -3722,13 +3992,14 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET, CONST|TMP|VAR|CV, ANY) if (is_empty) { ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } else { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *array = EX_T(opline->op1.var).var.ptr; zval **value; @@ -3740,6 +4011,8 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) int key_type = 0; zend_bool use_key = (zend_bool)(opline->extended_value & ZEND_FE_FETCH_WITH_KEY); + SAVE_OPLINE(); + switch (zend_iterator_unwrap(array, &iter TSRMLS_CC)) { default: case ZEND_ITER_INVALID: @@ -3750,7 +4023,7 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) char *class_name, *prop_name; zend_object *zobj = zend_objects_get_address(array TSRMLS_CC); - fe_ht = HASH_OF(array); + fe_ht = Z_OBJPROP_P(array); zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); do { if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { @@ -3774,7 +4047,7 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) } case ZEND_ITER_PLAIN_ARRAY: - fe_ht = HASH_OF(array); + fe_ht = Z_ARRVAL_P(array); zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { /* reached end of iteration */ @@ -3793,27 +4066,27 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) /* This could cause an endless loop if index becomes zero again. * In case that ever happens we need an additional flag. */ iter->funcs->move_forward(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } /* If index is zero we come from FE_RESET and checked valid() already. */ if (!iter || (iter->index > 0 && iter->funcs->valid(iter TSRMLS_CC) == FAILURE)) { /* reached end of iteration */ - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } iter->funcs->get_current_data(iter, &value TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } if (!value) { /* failure in get_current_data */ @@ -3822,10 +4095,10 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) if (use_key) { if (iter->funcs->get_current_key) { key_type = iter->funcs->get_current_key(iter, &str_key, &str_key_len, &int_key TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } else { key_type = HASH_KEY_IS_LONG; @@ -3841,13 +4114,12 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) EX_T(opline->result.var).var.ptr_ptr = value; Z_ADDREF_PP(value); } else { - AI_SET_PTR(EX_T(opline->result.var).var, *value); PZVAL_LOCK(*value); + AI_SET_PTR(&EX_T(opline->result.var), *value); } if (use_key) { - zend_op *op_data = opline+1; - zval *key = &EX_T(op_data->result.var).tmp_var; + zval *key = &EX_T((opline+1)->result.var).tmp_var; switch (key_type) { case HASH_KEY_IS_STRING: @@ -3866,19 +4138,21 @@ ZEND_VM_HANDLER(78, ZEND_FE_FETCH, VAR, ANY) } } + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(114, ZEND_ISSET_ISEMPTY_VAR, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval **value; zend_bool isset = 1; + SAVE_OPLINE(); if (OP1_TYPE == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX(CVs)[opline->op1.var]) { - value = EX(CVs)[opline->op1.var]; + if (EX_CV(opline->op1.var)) { + value = EX_CV(opline->op1.var); } else if (EG(active_symbol_table)) { zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); @@ -3894,7 +4168,7 @@ ZEND_VM_HANDLER(114, ZEND_ISSET_ISEMPTY_VAR, CONST|TMP|VAR|CV, ANY) zval tmp, *varname = GET_OP1_ZVAL_PTR(BP_VAR_IS); if (OP1_TYPE != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -3912,41 +4186,43 @@ ZEND_VM_HANDLER(114, ZEND_ISSET_ISEMPTY_VAR, CONST|TMP|VAR|CV, ANY) } } - if (varname == &tmp) { + if (OP1_TYPE != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } FREE_OP1(); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + if (isset && Z_TYPE_PP(value) != IS_NULL) { + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = isset; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { if (!isset || !i_zend_is_true(*value)) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HELPER_EX(zend_isset_isempty_dim_prop_obj_handler, VAR|UNUSED|CV, CONST|TMP|VAR|CV, int prop_dim) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_IS); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = GET_OP1_OBJ_ZVAL_PTR_PTR(BP_VAR_IS); + if (OP1_TYPE != IS_VAR || container) { zend_free_op free_op2; zval *offset = GET_OP2_ZVAL_PTR(BP_VAR_R); @@ -4040,7 +4316,7 @@ ZEND_VM_C_LABEL(num_index_prop): zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -4063,15 +4339,15 @@ ZEND_VM_C_LABEL(num_index_prop): } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } FREE_OP1_VAR_PTR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4088,7 +4364,9 @@ ZEND_VM_HANDLER(148, ZEND_ISSET_ISEMPTY_PROP_OBJ, VAR|UNUSED|CV, CONST|TMP|VAR|C ZEND_VM_HANDLER(79, ZEND_EXIT, CONST|TMP|VAR|UNUSED|CV, ANY) { #if !defined(ZEND_VM_SPEC) || (OP1_TYPE != IS_UNUSED) - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (OP1_TYPE != IS_UNUSED) { zend_free_op free_op1; zval *ptr = GET_OP1_ZVAL_PTR(BP_VAR_R); @@ -4102,13 +4380,14 @@ ZEND_VM_HANDLER(79, ZEND_EXIT, CONST|TMP|VAR|UNUSED|CV, ANY) } #endif zend_bailout(); - ZEND_VM_NEXT_OPCODE(); + ZEND_VM_NEXT_OPCODE(); /* Never reached */ } ZEND_VM_HANDLER(57, ZEND_BEGIN_SILENCE, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); Z_LVAL(EX_T(opline->result.var).tmp_var) = EG(error_reporting); Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; /* shouldn't be necessary */ if (EX(old_error_reporting) == NULL) { @@ -4118,20 +4397,23 @@ ZEND_VM_HANDLER(57, ZEND_BEGIN_SILENCE, ANY, ANY) if (EG(error_reporting)) { zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), "0", 1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(142, ZEND_RAISE_ABSTRACT_ERROR, ANY, ANY) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EG(scope)->name, EX(op_array)->function_name); ZEND_VM_NEXT_OPCODE(); /* Never reached */ } ZEND_VM_HANDLER(58, ZEND_END_SILENCE, TMP, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zval restored_error_reporting; + SAVE_OPLINE(); if (!EG(error_reporting) && Z_LVAL(EX_T(opline->op1.var).tmp_var) != 0) { Z_TYPE(restored_error_reporting) = IS_LONG; Z_LVAL(restored_error_reporting) = Z_LVAL(EX_T(opline->op1.var).tmp_var); @@ -4142,17 +4424,21 @@ ZEND_VM_HANDLER(58, ZEND_END_SILENCE, TMP, ANY) if (EX(old_error_reporting) == &EX_T(opline->op1.var).tmp_var) { EX(old_error_reporting) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(152, ZEND_JMP_SET, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *value; + + SAVE_OPLINE(); + value = GET_OP1_ZVAL_PTR(BP_VAR_R); if (i_zend_is_true(value)) { - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); FREE_OP1(); #if DEBUG_ZEND>=2 @@ -4162,102 +4448,132 @@ ZEND_VM_HANDLER(152, ZEND_JMP_SET, CONST|TMP|VAR|CV, ANY) } FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(22, ZEND_QM_ASSIGN, CONST|TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *value; - EX_T(opline->result.var).tmp_var = *value; + SAVE_OPLINE(); + value = GET_OP1_ZVAL_PTR(BP_VAR_R); + + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); if (!IS_OP1_TMP_FREE()) { zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } FREE_OP1_IF_VAR(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(101, ZEND_EXT_STMT, ANY, ANY) { + USE_OPLINE + + SAVE_OPLINE(); if (!EG(no_extensions)) { zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(op_array) TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(102, ZEND_EXT_FCALL_BEGIN, ANY, ANY) { + USE_OPLINE + + SAVE_OPLINE(); if (!EG(no_extensions)) { zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(op_array) TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(103, ZEND_EXT_FCALL_END, ANY, ANY) { + SAVE_OPLINE(); if (!EG(no_extensions)) { zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(op_array) TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(139, ZEND_DECLARE_CLASS, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); EX_T(opline->result.var).class_entry = do_bind_class(EX(op_array), opline, EG(class_table), 0 TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(140, ZEND_DECLARE_INHERITED_CLASS, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); EX_T(opline->result.var).class_entry = do_bind_inherited_class(EX(op_array), opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(145, ZEND_DECLARE_INHERITED_CLASS_DELAYED, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_class_entry **pce, **pce_orig; + SAVE_OPLINE(); if (zend_hash_quick_find(EG(class_table), Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void**)&pce) == FAILURE || (zend_hash_quick_find(EG(class_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void**)&pce_orig) == SUCCESS && *pce != *pce_orig)) { do_bind_inherited_class(EX(op_array), opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(141, ZEND_DECLARE_FUNCTION, ANY, ANY) { - do_bind_function(EX(op_array), EX(opline), EG(function_table), 0); + USE_OPLINE + + SAVE_OPLINE(); + do_bind_function(EX(op_array), opline, EG(function_table), 0); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(105, ZEND_TICKS, ANY, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); if (++EG(ticks_count)>=opline->extended_value) { EG(ticks_count)=0; if (zend_ticks_function) { zend_ticks_function(opline->extended_value); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(138, ZEND_INSTANCEOF, TMP|VAR|CV, ANY) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *expr = GET_OP1_ZVAL_PTR(BP_VAR_R); + zval *expr; zend_bool result; + SAVE_OPLINE(); + expr = GET_OP1_ZVAL_PTR(BP_VAR_R); + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); } else { @@ -4265,6 +4581,7 @@ ZEND_VM_HANDLER(138, ZEND_INSTANCEOF, TMP|VAR|CV, ANY) } ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); FREE_OP1(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4280,17 +4597,21 @@ ZEND_VM_HANDLER(0, ZEND_NOP, ANY, ANY) ZEND_VM_HANDLER(144, ZEND_ADD_INTERFACE, ANY, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE zend_class_entry *ce = EX_T(opline->op1.var).class_entry; - zend_class_entry *iface = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); + zend_class_entry *iface; + + SAVE_OPLINE(); + iface = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); if (iface) { - if (!(iface->ce_flags & ZEND_ACC_INTERFACE)) { + if (UNEXPECTED((iface->ce_flags & ZEND_ACC_INTERFACE) == 0)) { zend_error_noreturn(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name, iface->name); } zend_do_implement_interface(ce, iface TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4298,11 +4619,11 @@ ZEND_VM_HANDLER(149, ZEND_HANDLE_EXCEPTION, ANY, ANY) { zend_uint op_num = EG(opline_before_exception)-EG(active_op_array)->opcodes; int i; - zend_uint catch_op_num; + zend_uint catch_op_num = 0; int catched = 0; zval restored_error_reporting; - void **stack_frame = (void**)(((char*)EX(Ts)) + + void **stack_frame = (void**)(((char*)EX_Ts()) + (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * EX(op_array)->T)); while (zend_vm_stack_top(TSRMLS_C) != stack_frame) { @@ -4386,13 +4707,22 @@ ZEND_VM_HANDLER(149, ZEND_HANDLE_EXCEPTION, ANY, ANY) ZEND_VM_HANDLER(146, ZEND_VERIFY_ABSTRACT_CLASS, ANY, ANY) { - zend_verify_abstract_class(EX_T(EX(opline)->op1.var).class_entry TSRMLS_CC); + USE_OPLINE + + SAVE_OPLINE(); + zend_verify_abstract_class(EX_T(opline->op1.var).class_entry TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(150, ZEND_USER_OPCODE, ANY, ANY) { - int ret = zend_user_opcode_handlers[EX(opline)->opcode](ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL); + USE_OPLINE + int ret; + + SAVE_OPLINE(); + ret = zend_user_opcode_handlers[opline->opcode](ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL); + LOAD_OPLINE(); switch (ret) { case ZEND_USER_OPCODE_CONTINUE: @@ -4404,24 +4734,29 @@ ZEND_VM_HANDLER(150, ZEND_USER_OPCODE, ANY, ANY) case ZEND_USER_OPCODE_LEAVE: ZEND_VM_LEAVE(); case ZEND_USER_OPCODE_DISPATCH: - ZEND_VM_DISPATCH(EX(opline)->opcode, EX(opline)); + ZEND_VM_DISPATCH(opline->opcode, opline); default: - ZEND_VM_DISPATCH((zend_uchar)(ret & 0xff), EX(opline)); + ZEND_VM_DISPATCH((zend_uchar)(ret & 0xff), opline); } } ZEND_VM_HANDLER(143, ZEND_DECLARE_CONST, CONST, CONST) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *name = GET_OP1_ZVAL_PTR(BP_VAR_R); - zval *val = GET_OP2_ZVAL_PTR(BP_VAR_R); + zval *name; + zval *val; zend_constant c; + SAVE_OPLINE(); + name = GET_OP1_ZVAL_PTR(BP_VAR_R); + val = GET_OP2_ZVAL_PTR(BP_VAR_R); + if ((Z_TYPE_P(val) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE_P(val) == IS_CONSTANT_ARRAY) { - zval tmp = *val; + zval tmp; zval *tmp_ptr = &tmp; + ZVAL_COPY_VALUE(&tmp, val); if (Z_TYPE_P(val) == IS_CONSTANT_ARRAY) { zval_copy_ctor(&tmp); } @@ -4429,7 +4764,7 @@ ZEND_VM_HANDLER(143, ZEND_DECLARE_CONST, CONST, CONST) zval_update_constant(&tmp_ptr, NULL TSRMLS_CC); c.value = *tmp_ptr; } else { - c.value = *val; + INIT_PZVAL_COPY(&c.value, val); zval_copy_ctor(&c.value); } c.flags = CONST_CS; /* non persistent, case sensetive */ @@ -4442,21 +4777,25 @@ ZEND_VM_HANDLER(143, ZEND_DECLARE_CONST, CONST, CONST) FREE_OP1(); FREE_OP2(); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } ZEND_VM_HANDLER(153, ZEND_DECLARE_LAMBDA_FUNCTION, CONST, UNUSED) { - zend_op *opline = EX(opline); + USE_OPLINE zend_function *op_array; - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void *) &op_array) == FAILURE || - op_array->type != ZEND_USER_FUNCTION) { + SAVE_OPLINE(); + + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void *) &op_array) == FAILURE) || + UNEXPECTED(op_array->type != ZEND_USER_FUNCTION)) { zend_error_noreturn(E_ERROR, "Base lambda function for closure not found"); } zend_create_closure(&EX_T(opline->result.var).tmp_var, op_array, EG(scope), EG(This) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index 3650dfac24..aa93d4d950 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -25,19 +25,46 @@ static zend_uchar zend_user_opcodes[256] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op); -#define ZEND_VM_CONTINUE() return 0 -#define ZEND_VM_RETURN() return 1 -#define ZEND_VM_ENTER() return 2 -#define ZEND_VM_LEAVE() return 3 +#undef OPLINE +#undef DCL_OPLINE +#undef USE_OPLINE +#undef LOAD_OPLINE +#undef SAVE_OPLINE +#define OPLINE EX(opline) +#define DCL_OPLINE +#define USE_OPLINE zend_op *opline = EX(opline); +#define LOAD_OPLINE() +#define SAVE_OPLINE() +#undef CHECK_EXCEPTION +#undef HANDLE_EXCEPTION +#undef HANDLE_EXCEPTION_LEAVE +#define CHECK_EXCEPTION() LOAD_OPLINE() +#define HANDLE_EXCEPTION() LOAD_OPLINE(); ZEND_VM_CONTINUE() +#define HANDLE_EXCEPTION_LEAVE() LOAD_OPLINE(); ZEND_VM_LEAVE() +#define LOAD_REGS() +#define ZEND_VM_CONTINUE() return 0 +#define ZEND_VM_RETURN() return 1 +#define ZEND_VM_ENTER() return 2 +#define ZEND_VM_LEAVE() return 3 #define ZEND_VM_DISPATCH(opcode, opline) return zend_vm_get_opcode_handler(opcode, opline)(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); #define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC #undef EX #define EX(element) execute_data->element +#undef EX_CV +#define EX_CV(var) EX(CVs)[var] +#undef EX_CVs +#define EX_CVs() EX(CVs) +#undef EX_T +#define EX_T(offset) (*(temp_variable *)((char *) EX(Ts) + offset)) +#undef EX_Ts +#define EX_Ts() EX(Ts) + ZEND_API void execute(zend_op_array *op_array TSRMLS_DC) { + DCL_OPLINE zend_execute_data *execute_data; zend_bool nested = 0; zend_bool original_in_execution = EG(in_execution); @@ -70,29 +97,27 @@ zend_vm_enter: EX(nested) = nested; nested = 1; - if (op_array->start_op) { - ZEND_VM_SET_OPCODE(op_array->start_op); - } else { - ZEND_VM_SET_OPCODE(op_array->opcodes); - } + LOAD_REGS(); if (op_array->this_var != -1 && EG(This)) { Z_ADDREF_P(EG(This)); /* For $this pointer */ if (!EG(active_symbol_table)) { - EX(CVs)[op_array->this_var] = (zval**)EX(CVs) + (op_array->last_var + op_array->this_var); - *EX(CVs)[op_array->this_var] = EG(This); + EX_CV(op_array->this_var) = (zval**)EX_CVs() + (op_array->last_var + op_array->this_var); + *EX_CV(op_array->this_var) = EG(This); } else { - if (zend_hash_add(EG(active_symbol_table), "this", sizeof("this"), &EG(This), sizeof(zval *), (void**)&EX(CVs)[op_array->this_var])==FAILURE) { + if (zend_hash_add(EG(active_symbol_table), "this", sizeof("this"), &EG(This), sizeof(zval *), (void**)&EX_CV(op_array->this_var))==FAILURE) { Z_DELREF_P(EG(This)); } } } + EX(opline) = op_array->start_op ? op_array->start_op : op_array->opcodes; EG(opline_ptr) = &EX(opline); + LOAD_OPLINE(); EX(function_state).function = (zend_function *) op_array; EX(function_state).arguments = NULL; - + while (1) { int ret; #ifdef ZEND_WIN32 @@ -101,7 +126,7 @@ zend_vm_enter: } #endif - if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) > 0) { + if ((ret = OPLINE->handler(execute_data TSRMLS_CC)) > 0) { switch (ret) { case 1: EG(in_execution) = original_in_execution; @@ -122,23 +147,28 @@ zend_vm_enter: static int ZEND_FASTCALL ZEND_JMP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + USE_OPLINE + #if DEBUG_ZEND>=2 - printf("Jumping to %d\n", EX(opline)->op1.opline_num); + printf("Jumping to %d\n", opline->op1.opline_num); #endif - ZEND_VM_SET_OPCODE(EX(opline)->op1.jmp_addr); + ZEND_VM_SET_OPCODE(opline->op1.jmp_addr); ZEND_VM_CONTINUE(); /* CHECK_ME */ } static int ZEND_FASTCALL ZEND_INIT_STRING_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zval *tmp = &EX_T(EX(opline)->result.var).tmp_var; + USE_OPLINE + zval *tmp = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); tmp->value.str.val = emalloc(1); tmp->value.str.val[0] = 0; tmp->value.str.len = 0; Z_SET_REFCOUNT_P(tmp, 1); tmp->type = IS_STRING; Z_UNSET_ISREF_P(tmp); + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } @@ -150,8 +180,8 @@ static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) EG(current_execute_data) = EX(prev_execute_data); EG(opline_ptr) = NULL; if (!EG(active_symbol_table)) { - zval ***cv = EX(CVs); - zval ***end = cv + EX(op_array)->last_var; + zval ***cv = EX_CVs(); + zval ***end = cv + op_array->last_var; while (cv != end) { if (*cv) { zval_ptr_dtor(*cv); @@ -166,32 +196,38 @@ static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) if (nested) { execute_data = EG(current_execute_data); + } + if (nested) { + USE_OPLINE - if (EX(call_opline)->opcode == ZEND_INCLUDE_OR_EVAL) { + LOAD_REGS(); + LOAD_OPLINE(); + if (UNEXPECTED(opline->opcode == ZEND_INCLUDE_OR_EVAL)) { EX(function_state).function = (zend_function *) EX(op_array); EX(function_state).arguments = NULL; EX(object) = EX(current_object); - if (RETURN_VALUE_USED(EX(call_opline))) { - if (!EX_T(EX(call_opline)->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(EX(call_opline)->result.var).var.ptr); - INIT_PZVAL(EX_T(EX(call_opline)->result.var).var.ptr); - Z_LVAL_P(EX_T(EX(call_opline)->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(EX(call_opline)->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(op_array TSRMLS_CC); efree(op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION_LEAVE(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - EX(opline)++; + ZEND_VM_INC_OPCODE(); ZEND_VM_LEAVE(); } else { @@ -215,7 +251,7 @@ static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) EX(function_state).arguments = NULL; if (EG(This)) { - if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) { + if (UNEXPECTED(EG(exception) != NULL) && IS_CTOR_CALL(EX(called_scope))) { if (IS_CTOR_USED(EX(called_scope))) { Z_DELREF_P(EG(This)); } @@ -234,14 +270,15 @@ static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) zend_vm_stack_clear_multiple(TSRMLS_C); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); - if (RETURN_VALUE_USED(EX(call_opline)) && EX_T(EX(call_opline)->result.var).var.ptr) { - zval_ptr_dtor(&EX_T(EX(call_opline)->result.var).var.ptr); + if (RETURN_VALUE_USED(opline) && EX_T(opline->result.var).var.ptr) { + zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); } + HANDLE_EXCEPTION_LEAVE(); } - EX(opline)++; + ZEND_VM_INC_OPCODE(); ZEND_VM_LEAVE(); } } @@ -250,89 +287,99 @@ static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_bool should_change_scope = 0; + zend_function *fbc = EX(function_state).function; - if (EX(function_state).function->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) { - if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) { - zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + SAVE_OPLINE(); + if (UNEXPECTED((fbc->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) != 0)) { + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_ABSTRACT) != 0)) { + zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", fbc->common.scope->name, fbc->common.function_name); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); /* Never reached */ } - if (EX(function_state).function->common.fn_flags & ZEND_ACC_DEPRECATED) { + if (UNEXPECTED((fbc->common.fn_flags & ZEND_ACC_DEPRECATED) != 0)) { zend_error(E_DEPRECATED, "Function %s%s%s() is deprecated", - EX(function_state).function->common.scope ? EX(function_state).function->common.scope->name : "", - EX(function_state).function->common.scope ? "::" : "", - EX(function_state).function->common.function_name); + fbc->common.scope ? fbc->common.scope->name : "", + fbc->common.scope ? "::" : "", + fbc->common.function_name); } } - if (EX(function_state).function->common.scope && - !(EX(function_state).function->common.fn_flags & ZEND_ACC_STATIC) && + if (fbc->common.scope && + !(fbc->common.fn_flags & ZEND_ACC_STATIC) && !EX(object)) { - if (EX(function_state).function->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + if (fbc->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { /* FIXME: output identifiers properly */ - zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", fbc->common.scope->name, fbc->common.function_name); } else { /* FIXME: output identifiers properly */ /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */ - zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", fbc->common.scope->name, fbc->common.function_name); } } - if (EX(function_state).function->type == ZEND_USER_FUNCTION || - EX(function_state).function->common.scope) { + if (fbc->type == ZEND_USER_FUNCTION || fbc->common.scope) { should_change_scope = 1; EX(current_this) = EG(This); EX(current_scope) = EG(scope); EX(current_called_scope) = EG(called_scope); EG(This) = EX(object); - EG(scope) = (EX(function_state).function->type == ZEND_USER_FUNCTION || !EX(object)) ? EX(function_state).function->common.scope : NULL; + EG(scope) = (fbc->type == ZEND_USER_FUNCTION || !EX(object)) ? fbc->common.scope : NULL; EG(called_scope) = EX(called_scope); } zend_arg_types_stack_3_pop(&EG(arg_types_stack), &EX(called_scope), &EX(current_object), &EX(fbc)); EX(function_state).arguments = zend_vm_stack_push_args(opline->extended_value TSRMLS_CC); + LOAD_OPLINE(); + + if (fbc->type == ZEND_INTERNAL_FUNCTION) { + temp_variable *ret = &EX_T(opline->result.var); - if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION) { - ALLOC_INIT_ZVAL(EX_T(opline->result.var).var.ptr); - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EX_T(opline->result.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference; + MAKE_STD_ZVAL(ret->var.ptr); + ZVAL_NULL(ret->var.ptr); + ret->var.ptr_ptr = &ret->var.ptr; + ret->var.fcall_returned_reference = fbc->common.return_reference; - if (EX(function_state).function->common.arg_info) { + if (fbc->common.arg_info) { zend_uint i=0; zval **p = (zval**)EX(function_state).arguments; ulong arg_count = opline->extended_value; while (arg_count>0) { - zend_verify_arg_type(EX(function_state).function, ++i, *(p-arg_count), 0 TSRMLS_CC); + zend_verify_arg_type(fbc, ++i, *(p-arg_count), 0 TSRMLS_CC); arg_count--; } } + if (!zend_execute_internal) { /* saves one function call if zend_execute_internal is not used */ - ((zend_internal_function *) EX(function_state).function)->handler(opline->extended_value, EX_T(opline->result.var).var.ptr, EX(function_state).function->common.return_reference?&EX_T(opline->result.var).var.ptr:NULL, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); + fbc->internal_function.handler(opline->extended_value, ret->var.ptr, fbc->common.return_reference ? &ret->var.ptr : NULL, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); } else { zend_execute_internal(execute_data, RETURN_VALUE_USED(opline) TSRMLS_CC); } if (!RETURN_VALUE_USED(opline)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + zval_ptr_dtor(&ret->var.ptr); } - } else if (EX(function_state).function->type == ZEND_USER_FUNCTION) { + } else if (fbc->type == ZEND_USER_FUNCTION) { EX(original_return_value) = EG(return_value_ptr_ptr); EG(active_symbol_table) = NULL; - EG(active_op_array) = &EX(function_state).function->op_array; + EG(active_op_array) = &fbc->op_array; EG(return_value_ptr_ptr) = NULL; if (RETURN_VALUE_USED(opline)) { - EG(return_value_ptr_ptr) = &EX_T(opline->result.var).var.ptr; - EX_T(opline->result.var).var.ptr = NULL; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - EX_T(opline->result.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference; + temp_variable *ret = &EX_T(opline->result.var); + + ret->var.ptr = NULL; + EG(return_value_ptr_ptr) = &ret->var.ptr; + ret->var.ptr_ptr = &ret->var.ptr; + ret->var.fcall_returned_reference = fbc->common.return_reference; } - if (zend_execute == execute && !EG(exception)) { - EX(call_opline) = opline; - ZEND_VM_ENTER(); + if (EXPECTED(zend_execute == execute)) { + if (EXPECTED(EG(exception) == NULL)) { + ZEND_VM_ENTER(); + } } else { zend_execute(EG(active_op_array) TSRMLS_CC); } @@ -353,19 +400,20 @@ static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_AR } EG(active_symbol_table) = EX(symbol_table); } else { /* ZEND_OVERLOADED_FUNCTION */ - ALLOC_INIT_ZVAL(EX_T(opline->result.var).var.ptr); + MAKE_STD_ZVAL(EX_T(opline->result.var).var.ptr); + ZVAL_NULL(EX_T(opline->result.var).var.ptr); /* Not sure what should be done here if it's a static method */ - if (EX(object)) { - Z_OBJ_HT_P(EX(object))->call_method(EX(function_state).function->common.function_name, opline->extended_value, EX_T(opline->result.var).var.ptr, &EX_T(opline->result.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); + if (EXPECTED(EX(object) != NULL)) { + Z_OBJ_HT_P(EX(object))->call_method(fbc->common.function_name, opline->extended_value, EX_T(opline->result.var).var.ptr, &EX_T(opline->result.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC); } else { zend_error_noreturn(E_ERROR, "Cannot call overloaded function for non-object"); } - if (EX(function_state).function->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) { - efree(EX(function_state).function->common.function_name); + if (fbc->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) { + efree(fbc->common.function_name); } - efree(EX(function_state).function); + efree(fbc); if (!RETURN_VALUE_USED(opline)) { zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); @@ -382,7 +430,7 @@ static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_AR if (should_change_scope) { if (EG(This)) { - if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) { + if (UNEXPECTED(EG(exception) != NULL) && IS_CTOR_CALL(EX(called_scope))) { if (IS_CTOR_USED(EX(called_scope))) { Z_DELREF_P(EG(This)); } @@ -402,11 +450,12 @@ static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_AR zend_vm_stack_clear_multiple(TSRMLS_C); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); if (RETURN_VALUE_USED(opline) && EX_T(opline->result.var).var.ptr) { zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); } + HANDLE_EXCEPTION(); } ZEND_VM_NEXT_OPCODE(); @@ -420,46 +469,53 @@ static int ZEND_FASTCALL ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER(ZEND_OPCODE_HANDLER static int ZEND_FASTCALL ZEND_RECV_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_uint arg_num = opline->op1.num; zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); - if (param == NULL) { - char *space; - char *class_name = get_active_class_name(&space TSRMLS_CC); - zend_execute_data *ptr = EX(prev_execute_data); - + SAVE_OPLINE(); + if (UNEXPECTED(param == NULL)) { if (zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, NULL, opline->extended_value TSRMLS_CC)) { + char *space; + char *class_name; + zend_execute_data *ptr; + + if (EG(active_op_array)->scope) { + class_name = EG(active_op_array)->scope->name; + space = "::"; + } else { + class_name = space = ""; + } + ptr = EX(prev_execute_data); + if(ptr && ptr->op_array) { zend_error(E_WARNING, "Missing argument %u for %s%s%s(), called in %s on line %d and defined", opline->op1.num, class_name, space, get_active_function_name(TSRMLS_C), ptr->op_array->filename, ptr->opline->lineno); } else { zend_error(E_WARNING, "Missing argument %u for %s%s%s()", opline->op1.num, class_name, space, get_active_function_name(TSRMLS_C)); } } - if (opline->result_type == IS_VAR) { - PZVAL_UNLOCK_FREE(*EX_T(opline->result.var).var.ptr_ptr); - } } else { - zend_free_op free_res; zval **var_ptr; zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param, opline->extended_value TSRMLS_CC); - var_ptr = get_zval_ptr_ptr(opline->result_type, &opline->result, EX(Ts), &free_res, BP_VAR_W); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->result.var TSRMLS_CC); Z_DELREF_PP(var_ptr); *var_ptr = *param; Z_ADDREF_PP(var_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *object_zval; zend_function *constructor; - if (EX_T(opline->op1.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) { + SAVE_OPLINE(); + if (UNEXPECTED((EX_T(opline->op1.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) != 0)) { char *class_type; if (EX_T(opline->op1.var).class_entry->ce_flags & ZEND_ACC_INTERFACE) { @@ -477,15 +533,15 @@ static int ZEND_FASTCALL ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (constructor == NULL) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, object_zval); + AI_SET_PTR(&EX_T(opline->result.var), object_zval); } else { zval_ptr_dtor(&object_zval); } ZEND_VM_JMP(EX(op_array)->opcodes + opline->op2.opline_num); } else { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, object_zval); PZVAL_LOCK(object_zval); + AI_SET_PTR(&EX_T(opline->result.var), object_zval); } zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), ENCODE_CTOR(EX(called_scope), RETURN_VALUE_USED(opline))); @@ -495,14 +551,16 @@ static int ZEND_FASTCALL ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) EX(fbc) = constructor; EX(called_scope) = EX_T(opline->op1.var).class_entry; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); Z_LVAL(EX_T(opline->result.var).tmp_var) = EG(error_reporting); Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; /* shouldn't be necessary */ if (EX(old_error_reporting) == NULL) { @@ -512,84 +570,108 @@ static int ZEND_FASTCALL ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_AR if (EG(error_reporting)) { zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), "0", 1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EG(scope)->name, EX(op_array)->function_name); ZEND_VM_NEXT_OPCODE(); /* Never reached */ } static int ZEND_FASTCALL ZEND_EXT_STMT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + USE_OPLINE + + SAVE_OPLINE(); if (!EG(no_extensions)) { zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(op_array) TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + USE_OPLINE + + SAVE_OPLINE(); if (!EG(no_extensions)) { zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(op_array) TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXT_FCALL_END_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { + SAVE_OPLINE(); if (!EG(no_extensions)) { zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(op_array) TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DECLARE_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); EX_T(opline->result.var).class_entry = do_bind_class(EX(op_array), opline, EG(class_table), 0 TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); EX_T(opline->result.var).class_entry = do_bind_inherited_class(EX(op_array), opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_class_entry **pce, **pce_orig; + SAVE_OPLINE(); if (zend_hash_quick_find(EG(class_table), Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void**)&pce) == FAILURE || (zend_hash_quick_find(EG(class_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void**)&pce_orig) == SUCCESS && *pce != *pce_orig)) { do_bind_inherited_class(EX(op_array), opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DECLARE_FUNCTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - do_bind_function(EX(op_array), EX(opline), EG(function_table), 0); + USE_OPLINE + + SAVE_OPLINE(); + do_bind_function(EX(op_array), opline, EG(function_table), 0); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_TICKS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); if (++EG(ticks_count)>=opline->extended_value) { EG(ticks_count)=0; if (zend_ticks_function) { zend_ticks_function(opline->extended_value); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -607,11 +689,11 @@ static int ZEND_FASTCALL ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER { zend_uint op_num = EG(opline_before_exception)-EG(active_op_array)->opcodes; int i; - zend_uint catch_op_num; + zend_uint catch_op_num = 0; int catched = 0; zval restored_error_reporting; - void **stack_frame = (void**)(((char*)EX(Ts)) + + void **stack_frame = (void**)(((char*)EX_Ts()) + (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * EX(op_array)->T)); while (zend_vm_stack_top(TSRMLS_C) != stack_frame) { @@ -695,13 +777,22 @@ static int ZEND_FASTCALL ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER static int ZEND_FASTCALL ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_verify_abstract_class(EX_T(EX(opline)->op1.var).class_entry TSRMLS_CC); + USE_OPLINE + + SAVE_OPLINE(); + zend_verify_abstract_class(EX_T(opline->op1.var).class_entry TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - int ret = zend_user_opcode_handlers[EX(opline)->opcode](ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL); + USE_OPLINE + int ret; + + SAVE_OPLINE(); + ret = zend_user_opcode_handlers[opline->opcode](ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL); + LOAD_OPLINE(); switch (ret) { case ZEND_USER_OPCODE_CONTINUE: @@ -713,19 +804,21 @@ static int ZEND_FASTCALL ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS case ZEND_USER_OPCODE_LEAVE: ZEND_VM_LEAVE(); case ZEND_USER_OPCODE_DISPATCH: - ZEND_VM_DISPATCH(EX(opline)->opcode, EX(opline)); + ZEND_VM_DISPATCH(opline->opcode, opline); default: - ZEND_VM_DISPATCH((zend_uchar)(ret & 0xff), EX(opline)); + ZEND_VM_DISPATCH((zend_uchar)(ret & 0xff), opline); } } static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - + USE_OPLINE + SAVE_OPLINE(); + EG(exception) = NULL; if (IS_CONST == IS_UNUSED) { EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { @@ -741,90 +834,96 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLE zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string"); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; - char *function_name_strval, *lcname; - int function_name_strlen; - - zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CONST == IS_CONST) { - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc)) == FAILURE) { + function_name = opline->op1.zv; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &EX(fbc)) == FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } + EX(object) = NULL; + /*CHECK_EXCEPTION();*/ + ZEND_VM_NEXT_OPCODE(); } else { + char *function_name_strval, *lcname; + int function_name_strlen; + + + SAVE_OPLINE(); function_name = opline->op2.zv; - if (IS_CONST != IS_CONST && - Z_TYPE_P(function_name) == IS_OBJECT && + if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { + function_name_strval = Z_STRVAL_P(function_name); + function_name_strlen = Z_STRLEN_P(function_name); + if (function_name_strval[0] == '\\') { + function_name_strlen -= 1; + lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + } else { + lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + } + if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + } + efree(lcname); + + EX(object) = NULL; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else if (IS_CONST != IS_CONST && + EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) { if (EX(object)) { Z_ADDREF_P(EX(object)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); - } - - if (Z_TYPE_P(function_name) != IS_STRING) { - zend_error_noreturn(E_ERROR, "Function name must be a string"); - } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); - } - if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + zend_error_noreturn(E_ERROR, "Function name must be a string"); } - efree(lcname); - } - - EX(object) = NULL; - ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline + 1; + USE_OPLINE - ZEND_VM_INC_OPCODE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc))==FAILURE) { - char *short_name = Z_STRVAL_P(opline->op1.zv)+op_data->op1.num; - if (zend_hash_quick_find(EG(function_table), short_name, Z_STRLEN_P(opline->op1.zv)-op_data->op1.num+1, op_data->extended_value, (void **) &EX(fbc))==FAILURE) { + char *short_name = Z_STRVAL_P(opline->op1.zv) + (opline+1)->op1.num; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), short_name, Z_STRLEN_P(opline->op1.zv) - (opline+1)->op1.num+1, (opline+1)->extended_value, (void **) &EX(fbc))==FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } } EX(object) = NULL; + ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_RECV_INIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *assignment_value; zend_uint arg_num = opline->op1.num; - zend_free_op free_res; zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC); zval **var_ptr; + SAVE_OPLINE(); if (param == NULL) { ALLOC_ZVAL(assignment_value); *assignment_value = *opline->op2.zv; @@ -842,33 +941,36 @@ static int ZEND_FASTCALL ZEND_RECV_INIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ } zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value, opline->extended_value TSRMLS_CC); - var_ptr = get_zval_ptr_ptr(opline->result_type, &opline->result, EX(Ts), &free_res, BP_VAR_W); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->result.var TSRMLS_CC); Z_DELREF_PP(var_ptr); *var_ptr = assignment_value; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BRK_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_brk_cont_element *el; + SAVE_OPLINE(); el = zend_brk_cont(opline->op2.zv, opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + EX(op_array), EX_Ts() TSRMLS_CC); ZEND_VM_JMP(EX(op_array)->opcodes + el->brk); } static int ZEND_FASTCALL ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_brk_cont_element *el; + SAVE_OPLINE(); el = zend_brk_cont(opline->op2.zv, opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + EX(op_array), EX_Ts() TSRMLS_CC); ZEND_VM_JMP(EX(op_array)->opcodes + el->cont); } @@ -876,11 +978,12 @@ static int ZEND_FASTCALL ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { zend_op *brk_opline; - zend_op *opline = EX(opline); + USE_OPLINE zend_brk_cont_element *el; + SAVE_OPLINE(); el = zend_brk_cont(opline->op2.zv, opline->extended_value, - EX(op_array), EX(Ts) TSRMLS_CC); + EX(op_array), EX_Ts() TSRMLS_CC); brk_opline = EX(op_array)->opcodes + el->brk; @@ -901,31 +1004,37 @@ static int ZEND_FASTCALL ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_class_entry *ce = EX_T(opline->op1.var).class_entry; - zend_class_entry *iface = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); + zend_class_entry *iface; + + SAVE_OPLINE(); + iface = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); if (iface) { - if (!(iface->ce_flags & ZEND_ACC_INTERFACE)) { + if (UNEXPECTED((iface->ce_flags & ZEND_ACC_INTERFACE) == 0)) { zend_error_noreturn(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name, iface->name); } zend_do_implement_interface(ce, iface TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - + USE_OPLINE + SAVE_OPLINE(); + EG(exception) = NULL; if (IS_TMP_VAR == IS_UNUSED) { EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_free_op free_op2; - zval *class_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *class_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_TMP_VAR == IS_CONST) { EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); @@ -938,97 +1047,107 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ } zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; - char *function_name_strval, *lcname; - int function_name_strlen; - zend_free_op free_op2; - zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_TMP_VAR == IS_CONST) { - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc)) == FAILURE) { + function_name = opline->op1.zv; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &EX(fbc)) == FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } + EX(object) = NULL; + /*CHECK_EXCEPTION();*/ + ZEND_VM_NEXT_OPCODE(); } else { - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + char *function_name_strval, *lcname; + int function_name_strlen; + zend_free_op free_op2; + + SAVE_OPLINE(); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (IS_TMP_VAR != IS_CONST && - Z_TYPE_P(function_name) == IS_OBJECT && + if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { + function_name_strval = Z_STRVAL_P(function_name); + function_name_strlen = Z_STRLEN_P(function_name); + if (function_name_strval[0] == '\\') { + function_name_strlen -= 1; + lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + } else { + lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + } + if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + } + efree(lcname); + zval_dtor(free_op2.var); + EX(object) = NULL; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else if (IS_TMP_VAR != IS_CONST && + EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) { if (EX(object)) { Z_ADDREF_P(EX(object)); } zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); - } - - if (Z_TYPE_P(function_name) != IS_STRING) { - zend_error_noreturn(E_ERROR, "Function name must be a string"); - } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); - } - if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + zend_error_noreturn(E_ERROR, "Function name must be a string"); } - efree(lcname); - zval_dtor(free_op2.var); } - - EX(object) = NULL; - ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BRK_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zend_brk_cont_element *el; - el = zend_brk_cont(_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + SAVE_OPLINE(); + el = zend_brk_cont(_get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), opline->op1.opline_num, + EX(op_array), EX_Ts() TSRMLS_CC); zval_dtor(free_op2.var); ZEND_VM_JMP(EX(op_array)->opcodes + el->brk); } static int ZEND_FASTCALL ZEND_CONT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zend_brk_cont_element *el; - el = zend_brk_cont(_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + SAVE_OPLINE(); + el = zend_brk_cont(_get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), opline->op1.opline_num, + EX(op_array), EX_Ts() TSRMLS_CC); zval_dtor(free_op2.var); ZEND_VM_JMP(EX(op_array)->opcodes + el->cont); } static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - + USE_OPLINE + SAVE_OPLINE(); + EG(exception) = NULL; if (IS_VAR == IS_UNUSED) { EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { zend_free_op free_op2; - zval *class_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *class_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR == IS_CONST) { EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); @@ -1041,93 +1160,103 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; - char *function_name_strval, *lcname; - int function_name_strlen; - zend_free_op free_op2; - zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_VAR == IS_CONST) { - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc)) == FAILURE) { + function_name = opline->op1.zv; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &EX(fbc)) == FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } + EX(object) = NULL; + /*CHECK_EXCEPTION();*/ + ZEND_VM_NEXT_OPCODE(); } else { - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + char *function_name_strval, *lcname; + int function_name_strlen; + zend_free_op free_op2; - if (IS_VAR != IS_CONST && - Z_TYPE_P(function_name) == IS_OBJECT && + SAVE_OPLINE(); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { + function_name_strval = Z_STRVAL_P(function_name); + function_name_strlen = Z_STRLEN_P(function_name); + if (function_name_strval[0] == '\\') { + function_name_strlen -= 1; + lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + } else { + lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + } + if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + } + efree(lcname); + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + EX(object) = NULL; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else if (IS_VAR != IS_CONST && + EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) { if (EX(object)) { Z_ADDREF_P(EX(object)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); - } - - if (Z_TYPE_P(function_name) != IS_STRING) { - zend_error_noreturn(E_ERROR, "Function name must be a string"); - } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); - } - if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + zend_error_noreturn(E_ERROR, "Function name must be a string"); } - efree(lcname); - if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - - EX(object) = NULL; - ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BRK_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zend_brk_cont_element *el; - el = zend_brk_cont(_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + SAVE_OPLINE(); + el = zend_brk_cont(_get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), opline->op1.opline_num, + EX(op_array), EX_Ts() TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; ZEND_VM_JMP(EX(op_array)->opcodes + el->brk); } static int ZEND_FASTCALL ZEND_CONT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zend_brk_cont_element *el; - el = zend_brk_cont(_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + SAVE_OPLINE(); + el = zend_brk_cont(_get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), opline->op1.opline_num, + EX(op_array), EX_Ts() TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; ZEND_VM_JMP(EX(op_array)->opcodes + el->cont); } static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - + USE_OPLINE + SAVE_OPLINE(); + EG(exception) = NULL; if (IS_UNUSED == IS_UNUSED) { EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { @@ -1143,21 +1272,24 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDL zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string"); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - + USE_OPLINE + SAVE_OPLINE(); + EG(exception) = NULL; if (IS_CV == IS_UNUSED) { EX_T(opline->result.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - zval *class_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *class_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_CV == IS_CONST) { EX_T(opline->result.var).class_entry = zend_fetch_class_by_name(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->op2.literal + 1, opline->extended_value TSRMLS_CC); @@ -1169,155 +1301,133 @@ static int ZEND_FASTCALL ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_A zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string"); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; - char *function_name_strval, *lcname; - int function_name_strlen; - - zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CV == IS_CONST) { - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv)+1, Z_HASH_P(opline->op1.zv), (void **) &EX(fbc)) == FAILURE) { + function_name = opline->op1.zv; + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(function_name), Z_STRLEN_P(function_name)+1, Z_HASH_P(function_name), (void **) &EX(fbc)) == FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL_P(opline->op2.zv)); } + EX(object) = NULL; + /*CHECK_EXCEPTION();*/ + ZEND_VM_NEXT_OPCODE(); } else { - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + char *function_name_strval, *lcname; + int function_name_strlen; + - if (IS_CV != IS_CONST && - Z_TYPE_P(function_name) == IS_OBJECT && + SAVE_OPLINE(); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (EXPECTED(Z_TYPE_P(function_name) == IS_STRING)) { + function_name_strval = Z_STRVAL_P(function_name); + function_name_strlen = Z_STRLEN_P(function_name); + if (function_name_strval[0] == '\\') { + function_name_strlen -= 1; + lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); + } else { + lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + } + if (UNEXPECTED(zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE)) { + zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + } + efree(lcname); + + EX(object) = NULL; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); + } else if (IS_CV != IS_CONST && + EXPECTED(Z_TYPE_P(function_name) == IS_OBJECT) && Z_OBJ_HANDLER_P(function_name, get_closure) && Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) { if (EX(object)) { Z_ADDREF_P(EX(object)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); - } - - if (Z_TYPE_P(function_name) != IS_STRING) { - zend_error_noreturn(E_ERROR, "Function name must be a string"); - } - function_name_strval = Z_STRVAL_P(function_name); - function_name_strlen = Z_STRLEN_P(function_name); - if (function_name_strval[0] == '\\') { - - function_name_strlen -= 1; - lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen); } else { - lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); - } - if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) { - zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval); + zend_error_noreturn(E_ERROR, "Function name must be a string"); } - efree(lcname); - } - - EX(object) = NULL; - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_CATCH_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - zend_op *opline = EX(opline); - zend_class_entry *ce; - - /* Check whether an exception has been thrown, if not, jump over code */ - zend_exception_restore(TSRMLS_C); - if (EG(exception) == NULL) { - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ - } - ce = Z_OBJCE_P(EG(exception)); - if (ce != EX_T(opline->op1.var).class_entry) { - if (!instanceof_function(ce, EX_T(opline->op1.var).class_entry TSRMLS_CC)) { - if (opline->result.num) { - zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); - } - ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); - ZEND_VM_CONTINUE(); /* CHECK_ME */ - } - } - - if (!EG(active_symbol_table)) { - if (EX(CVs)[opline->op2.var]) { - zval_ptr_dtor(EX(CVs)[opline->op2.var]); - } - EX(CVs)[opline->op2.var] = (zval**)EX(CVs) + (EX(op_array)->last_var + opline->op2.var); - *EX(CVs)[opline->op2.var] = EG(exception); - } else { - zend_compiled_variable *cv = &CV_DEF_OF(opline->op2.var); - zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, - &EG(exception), sizeof(zval *), (void**)&EX(CVs)[opline->op2.var]); - } - EG(exception) = NULL; - ZEND_VM_NEXT_OPCODE(); -} - static int ZEND_FASTCALL ZEND_BRK_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_brk_cont_element *el; - el = zend_brk_cont(_get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + SAVE_OPLINE(); + el = zend_brk_cont(_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), opline->op1.opline_num, + EX(op_array), EX_Ts() TSRMLS_CC); ZEND_VM_JMP(EX(op_array)->opcodes + el->brk); } static int ZEND_FASTCALL ZEND_CONT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_brk_cont_element *el; - el = zend_brk_cont(_get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC), opline->op1.opline_num, - EX(op_array), EX(Ts) TSRMLS_CC); + SAVE_OPLINE(); + el = zend_brk_cont(_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), opline->op1.opline_num, + EX(op_array), EX_Ts() TSRMLS_CC); ZEND_VM_JMP(EX(op_array)->opcodes + el->cont); } static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_not_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); boolean_not_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval z_copy; - zval *z = opline->op1.zv; + zval *z; + + SAVE_OPLINE(); + z = opline->op1.zv; if (IS_CONST != IS_CONST && - Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get_method != NULL && + UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && + Z_OBJ_HT_P(z)->get_method != NULL && zend_std_cast_object_tostring(z, &z_copy, IS_STRING TSRMLS_CC) == SUCCESS) { zend_print_variable(&z_copy); zval_dtor(&z_copy); @@ -1325,31 +1435,33 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_print_variable(z); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRINT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; + USE_OPLINE + ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); return ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *varname = opline->op1.zv; + zval *varname; zval **retval; zval tmp_varname; HashTable *target_symbol_table; ulong hash_value; - if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp_varname = *varname; + SAVE_OPLINE(); + varname = opline->op1.zv; + + if (IS_CONST != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { + ZVAL_COPY_VALUE(&tmp_varname, varname); zval_copy_ctor(&tmp_varname); convert_to_string(&tmp_varname); varname = &tmp_varname; @@ -1362,6 +1474,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); /* if (!target_symbol_table) { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } */ @@ -1385,12 +1498,9 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND case BP_VAR_RW: zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); /* break missing intentionally */ - case BP_VAR_W: { - zval *new_zval = &EG(uninitialized_zval); - - Z_ADDREF_P(new_zval); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &new_zval, sizeof(zval *), (void **) &retval); - } + case BP_VAR_W: + Z_ADDREF_P(&EG(uninitialized_zval)); + zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); break; EMPTY_SWITCH_DEFAULT_CASE() } @@ -1417,7 +1527,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND if (IS_CONST != IS_CONST && varname == &tmp_varname) { - zval_dtor(varname); + zval_dtor(&tmp_varname); } if (RETURN_VALUE_USED(opline)) { if (opline->extended_value & ZEND_FETCH_MAKE_REF) { @@ -1427,25 +1537,25 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND switch (type) { case BP_VAR_R: case BP_VAR_IS: - AI_SET_PTR(EX_T(opline->result.var).var, *retval); + AI_SET_PTR(&EX_T(opline->result.var), *retval); break; case BP_VAR_UNSET: { zend_free_op free_res; - EX_T(opline->result.var).var.ptr_ptr = retval; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval, &free_res); + if (retval != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval); FREE_OP_VAR_PTR(free_res); - break; + } + /* break missing intentionally */ default: EX_T(opline->result.var).var.ptr_ptr = retval; break; - } } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -1466,7 +1576,9 @@ static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_var_address_helper_SPEC_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (EX(opline)->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + return zend_fetch_var_address_helper_SPEC_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -1481,18 +1593,21 @@ static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = opline->op1.zv; + zval *val; int ret; - if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = opline->op1.zv; + + if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (!ret) { @@ -1508,18 +1623,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = opline->op1.zv; + zval *val; int ret; - if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = opline->op1.zv; + + if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (ret) { @@ -1535,18 +1653,21 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = opline->op1.zv; + zval *val; int retval; - if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = opline->op1.zv; + + if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (EXPECTED(retval != 0)) { @@ -1566,18 +1687,21 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = opline->op1.zv; + zval *val; int retval; - if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = opline->op1.zv; + + if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -1594,18 +1718,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = opline->op1.zv; + zval *val; int retval; - if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = opline->op1.zv; + + if (IS_CONST == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -1622,13 +1749,14 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A static int ZEND_FASTCALL ZEND_DO_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *fname = opline->op1.zv; zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(fname), Z_STRLEN_P(fname)+1, Z_HASH_P(fname), (void **) &EX(function_state).function)==FAILURE) { + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(fname), Z_STRLEN_P(fname)+1, Z_HASH_P(fname), (void **) &EX(function_state).function)==FAILURE)) { + SAVE_OPLINE(); zend_error_noreturn(E_ERROR, "Call to undefined function %s()", fname->value.str.val); } EX(object) = NULL; @@ -1638,12 +1766,13 @@ static int ZEND_FASTCALL ZEND_DO_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A static int ZEND_FASTCALL ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *retval_ptr; zval **retval_ptr_ptr; - if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) { + SAVE_OPLINE(); + if (UNEXPECTED(EG(active_op_array)->return_reference == ZEND_RETURN_REF)) { if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) { /* Not supposed to happen, but we'll allow it */ @@ -1653,7 +1782,7 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG retval_ptr_ptr = NULL; - if (IS_CONST == IS_VAR && !retval_ptr_ptr) { + if (IS_CONST == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } @@ -1675,6 +1804,8 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARG (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr); } + + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { return_by_value: @@ -1705,21 +1836,22 @@ return_by_value: INIT_PZVAL_COPY(ret, retval_ptr); *EG(return_value_ptr_ptr) = ret; } - } - return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *value; zval *exception; + SAVE_OPLINE(); value = opline->op1.zv; - if (IS_CONST == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) { + if (IS_CONST == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "Can only throw objects"); } zend_exception_save(TSRMLS_C); @@ -1733,12 +1865,14 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_throw_exception_object(exception TSRMLS_CC); zend_exception_restore(TSRMLS_C); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (opline->extended_value==ZEND_DO_FCALL_BY_NAME && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); @@ -1758,40 +1892,46 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A zend_vm_stack_push(valptr TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + zval *retval = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - Z_LVAL(EX_T(opline->result.var).tmp_var) = i_zend_is_true(opline->op1.zv); - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; + ZVAL_BOOL(retval, i_zend_is_true(opline->op1.zv)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *obj = opline->op1.zv; + zval *obj; zend_class_entry *ce; zend_function *clone; zend_object_clone_obj_t clone_call; + SAVE_OPLINE(); + obj = opline->op1.zv; + if (IS_CONST == IS_CONST || - (IS_CONST == IS_VAR && !obj) || - Z_TYPE_P(obj) != IS_OBJECT) { + (IS_CONST == IS_VAR && UNEXPECTED(obj == NULL)) || + UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "__clone method called on non-object"); } ce = Z_OBJCE_P(obj); clone = ce ? ce->clone : NULL; clone_call = Z_OBJ_HT_P(obj)->clone_obj; - if (!clone_call) { + if (UNEXPECTED(clone_call == NULL)) { if (ce) { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); } else { @@ -1803,42 +1943,49 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (ce != EG(scope)) { + if (UNEXPECTED(ce != EG(scope))) { zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (!zend_check_protected(clone->common.scope, EG(scope))) { + if (UNEXPECTED(!zend_check_protected(clone->common.scope, EG(scope)))) { zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!EG(exception)) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - Z_OBJVAL_P(EX_T(opline->result.var).var.ptr) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_OBJECT; - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - Z_SET_ISREF_P(EX_T(opline->result.var).var.ptr); - if (!RETURN_VALUE_USED(opline) || EG(exception)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (EXPECTED(EG(exception) == NULL)) { + zval *retval; + + ALLOC_ZVAL(retval); + Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); + Z_TYPE_P(retval) = IS_OBJECT; + Z_SET_REFCOUNT_P(retval, 1); + Z_SET_ISREF_P(retval); + if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor(&retval); + } else { + AI_SET_PTR(&EX_T(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *expr = opline->op1.zv; + zval *expr; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + expr = opline->op1.zv; + if (opline->extended_value != IS_STRING) { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!0) { zendi_zval_copy_ctor(*result); } @@ -1862,12 +2009,12 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_make_printable_zval(expr, &var_copy, &use_copy); if (use_copy) { - *result = var_copy; + ZVAL_COPY_VALUE(result, &var_copy); if (0) { } } else { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!0) { zendi_zval_copy_ctor(*result); } @@ -1882,28 +2029,29 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) break; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_op_array *new_op_array=NULL; - int return_value_used; - zval *inc_filename = opline->op1.zv; + zval *inc_filename; zval tmp_inc_filename; zend_bool failure_retval=0; + SAVE_OPLINE(); + inc_filename = opline->op1.zv; + if (inc_filename->type!=IS_STRING) { - tmp_inc_filename = *inc_filename; + ZVAL_COPY_VALUE(&tmp_inc_filename, inc_filename); zval_copy_ctor(&tmp_inc_filename); convert_to_string(&tmp_inc_filename); inc_filename = &tmp_inc_filename; } - return_value_used = RETURN_VALUE_USED(opline); - switch (opline->extended_value) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -1961,12 +2109,18 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA zval_dtor(&tmp_inc_filename); } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (new_op_array && !EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } else if (EXPECTED(new_op_array != NULL)) { EX(original_return_value) = EG(return_value_ptr_ptr); - EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.var).var.ptr_ptr : NULL; EG(active_op_array) = new_op_array; - EX_T(opline->result.var).var.ptr = NULL; + if (RETURN_VALUE_USED(opline)) { + EX_T(opline->result.var).var.ptr = NULL; + EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; + } else { + EG(return_value_ptr_ptr) = NULL; + } EX(current_object) = EX(object); @@ -1977,8 +2131,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA zend_rebuild_symbol_table(TSRMLS_C); } - if (zend_execute == execute) { - EX(call_opline) = opline; + if (EXPECTED(zend_execute == execute)) { ZEND_VM_ENTER(); } else { zend_execute(new_op_array TSRMLS_CC); @@ -1987,75 +2140,62 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA EX(function_state).function = (zend_function *) EX(op_array); EX(object) = EX(current_object); - if (return_value_used) { - if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); efree(new_op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - } else { - if (return_value_used) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_ZVAL(*EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = failure_retval; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } + + } else if (RETURN_VALUE_USED(opline)) { + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, failure_retval); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval tmp, *varname; HashTable *target_symbol_table; + SAVE_OPLINE(); if (IS_CONST == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { if (EG(active_symbol_table)) { - zend_execute_data *ex = EX(prev_execute_data); zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) { - while (ex && ex->symbol_table == EG(active_symbol_table)) { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == cv->hash_value && - ex->op_array->vars[i].name_len == cv->name_len && - !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } - } - EX(CVs)[opline->op1.var] = NULL; - } else if (EX(CVs)[opline->op1.var]) { - zval_ptr_dtor(EX(CVs)[opline->op1.var]); - EX(CVs)[opline->op1.var] = NULL; + zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); + EX_CV(opline->op1.var) = NULL; + } else if (EX_CV(opline->op1.var)) { + zval_ptr_dtor(EX_CV(opline->op1.var)); + EX_CV(opline->op1.var) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } varname = opline->op1.zv; if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -2069,39 +2209,22 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) { - zend_execute_data *ex = execute_data; - - do { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == varname->value.str.len && - !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } while (ex && ex->symbol_table == target_symbol_table); - } + zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); } - if (varname == &tmp) { + if (IS_CONST != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) { zval_ptr_dtor(&varname); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *array_ptr, **array_ptr_ptr; HashTable *fe_ht; @@ -2109,10 +2232,13 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A zend_class_entry *ce = NULL; zend_bool is_empty = 0; + SAVE_OPLINE(); + if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { array_ptr_ptr = NULL; if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - ALLOC_INIT_ZVAL(array_ptr); + MAKE_STD_ZVAL(array_ptr); + ZVAL_NULL(array_ptr); } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); @@ -2172,7 +2298,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A if (ce && ce->get_iterator) { iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); - if (iter && !EG(exception)) { + if (iter && EXPECTED(EG(exception) == NULL)) { array_ptr = zend_iterator_wrap(iter TSRMLS_CC); } else { if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -2184,18 +2310,18 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); } zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } - AI_SET_PTR(EX_T(opline->result.var).var, array_ptr); PZVAL_LOCK(array_ptr); + AI_SET_PTR(&EX_T(opline->result.var), array_ptr); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -2203,11 +2329,11 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A } else { } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -2215,7 +2341,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A } else { } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { @@ -2252,19 +2378,21 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_A if (is_empty) { ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } else { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval **value; zend_bool isset = 1; + SAVE_OPLINE(); if (IS_CONST == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX(CVs)[opline->op1.var]) { - value = EX(CVs)[opline->op1.var]; + if (EX_CV(opline->op1.var)) { + value = EX_CV(opline->op1.var); } else if (EG(active_symbol_table)) { zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); @@ -2280,7 +2408,7 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_ zval tmp, *varname = opline->op1.zv; if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -2298,35 +2426,36 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_ } } - if (varname == &tmp) { + if (IS_CONST != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + if (isset && Z_TYPE_PP(value) != IS_NULL) { + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = isset; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { if (!isset || !i_zend_is_true(*value)) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { #if 0 || (IS_CONST != IS_UNUSED) - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (IS_CONST != IS_UNUSED) { zval *ptr = opline->op1.zv; @@ -2340,17 +2469,20 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } #endif zend_bailout(); - ZEND_VM_NEXT_OPCODE(); + ZEND_VM_NEXT_OPCODE(); /* Never reached */ } static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *value; - zval *value = opline->op1.zv; + SAVE_OPLINE(); + value = opline->op1.zv; if (i_zend_is_true(value)) { - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); #if DEBUG_ZEND>=2 @@ -2359,301 +2491,347 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR ZEND_VM_JMP(opline->op2.jmp_addr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *value; - zval *value = opline->op1.zv; + SAVE_OPLINE(); + value = opline->op1.zv; - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); if (!0) { zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, opline->op1.zv, opline->op2.zv TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *container; - zval *container = opline->op1.zv; + SAVE_OPLINE(); + container = opline->op1.zv; - if (Z_TYPE_P(container) != IS_ARRAY) { + if (UNEXPECTED(Z_TYPE_P(container) != IS_ARRAY)) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - zval *dim = opline->op2.zv; + zval *value = *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); - AI_SET_PTR(EX_T(opline->result.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, IS_CONST, BP_VAR_R TSRMLS_CC)); - SELECTIVE_PZVAL_LOCK(EX_T(opline->result.var).var.ptr, opline); + SELECTIVE_PZVAL_LOCK(value, opline); + AI_SET_PTR(&EX_T(opline->result.var), value); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -2677,7 +2855,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER( } else { function_name = opline->op2.zv; - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -2691,7 +2869,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER( } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -2700,11 +2878,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER( } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -2736,15 +2914,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER( } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; + SAVE_OPLINE(); if (IS_CONST==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -2767,13 +2947,15 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); if (IS_CONST == IS_UNUSED) { /* namespaced constant */ if (!zend_get_constant_ex(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), &EX_T(opline->result.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) { @@ -2788,10 +2970,10 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCO zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); } else { - zend_error_noreturn(E_ERROR, "Undefined constant '%s'", - Z_STRVAL_P(opline->op2.zv), Z_STRVAL_P(opline->op2.zv)); + zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { /* class constant */ @@ -2801,14 +2983,14 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCO if (IS_CONST == IS_CONST) { ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { ce = EX_T(opline->op1.var).class_entry; } - if (zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS) { + if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { zend_class_entry *old_scope = EG(scope); @@ -2817,54 +2999,39 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCO zval_update_constant(value, (void *) 1 TSRMLS_CC); EG(scope) = old_scope; } - EX_T(opline->result.var).tmp_var = **value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=opline->op2.zv; - ulong hval; - long index; -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { expr_ptr=opline->op1.zv; - } -#else - expr_ptr=opline->op1.zv; -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -2875,7 +3042,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_O Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CONST != IS_UNUSED) { + + zval *offset = opline->op2.zv; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -2884,7 +3057,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_O case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CONST == IS_CONST) { @@ -2897,10 +3070,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -2910,19 +3083,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CONST == IS_UNUSED) { @@ -2936,16 +3110,21 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *name = opline->op1.zv; - zval *val = opline->op2.zv; + zval *name; + zval *val; zend_constant c; + SAVE_OPLINE(); + name = opline->op1.zv; + val = opline->op2.zv; + if ((Z_TYPE_P(val) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE_P(val) == IS_CONSTANT_ARRAY) { - zval tmp = *val; + zval tmp; zval *tmp_ptr = &tmp; + ZVAL_COPY_VALUE(&tmp, val); if (Z_TYPE_P(val) == IS_CONSTANT_ARRAY) { zval_copy_ctor(&tmp); } @@ -2953,7 +3132,7 @@ static int ZEND_FASTCALL ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCOD zval_update_constant(&tmp_ptr, NULL TSRMLS_CC); c.value = *tmp_ptr; } else { - c.value = *val; + INIT_PZVAL_COPY(&c.value, val); zval_copy_ctor(&c.value); } c.flags = CONST_CS; /* non persistent, case sensetive */ @@ -2965,265 +3144,303 @@ static int ZEND_FASTCALL ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCOD } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -3245,9 +3462,9 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZE function_name_strval = Z_STRVAL_P(opline->op2.zv); function_name_strlen = Z_STRLEN_P(opline->op2.zv); } else { - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -3261,7 +3478,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZE } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -3270,11 +3487,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZE zval_dtor(free_op2.var); } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -3306,15 +3523,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZE } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op2; + SAVE_OPLINE(); if (IS_CONST==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -3325,7 +3544,7 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_A } is_equal_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); if (switch_expr_is_overloaded) { @@ -3338,47 +3557,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_A EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zval *expr_ptr; - zval *offset=_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { expr_ptr=opline->op1.zv; - } -#else - expr_ptr=opline->op1.zv; -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -3389,7 +3593,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPC Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_TMP_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -3398,7 +3608,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPC case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_TMP_VAR == IS_CONST) { @@ -3411,10 +3621,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -3424,19 +3634,20 @@ num_index: } zval_dtor(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CONST == IS_UNUSED) { @@ -3450,260 +3661,297 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -3725,9 +3973,9 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZE function_name_strval = Z_STRVAL_P(opline->op2.zv); function_name_strlen = Z_STRLEN_P(opline->op2.zv); } else { - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -3741,7 +3989,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZE } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -3750,11 +3998,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZE if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -3786,15 +4034,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZE } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op2; + SAVE_OPLINE(); if (IS_CONST==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -3805,7 +4055,7 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_A } is_equal_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (switch_expr_is_overloaded) { @@ -3818,47 +4068,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_A EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zval *expr_ptr; - zval *offset=_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { expr_ptr=opline->op1.zv; - } -#else - expr_ptr=opline->op1.zv; -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -3869,7 +4104,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPC Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -3878,7 +4119,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPC case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_VAR == IS_CONST) { @@ -3891,10 +4132,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -3904,19 +4145,20 @@ num_index: } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CONST == IS_UNUSED) { @@ -3930,16 +4172,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -3963,7 +4206,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER } else { function_name = NULL; - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -3977,7 +4220,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_UNUSED == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -3986,11 +4229,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -4022,47 +4265,32 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=NULL; - ulong hval; - long index; -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { expr_ptr=opline->op1.zv; - } -#else - expr_ptr=opline->op1.zv; -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -4073,7 +4301,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_ Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_UNUSED != IS_UNUSED) { + + zval *offset = NULL; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -4082,7 +4316,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_ case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_UNUSED == IS_CONST) { @@ -4095,10 +4329,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -4108,19 +4342,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CONST == IS_UNUSED) { @@ -4134,275 +4369,315 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_DECLARE_LAMBDA_FUNCTION_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_function *op_array; - if (zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void *) &op_array) == FAILURE || - op_array->type != ZEND_USER_FUNCTION) { + SAVE_OPLINE(); + + if (UNEXPECTED(zend_hash_quick_find(EG(function_table), Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), Z_HASH_P(opline->op1.zv), (void *) &op_array) == FAILURE) || + UNEXPECTED(op_array->type != ZEND_USER_FUNCTION)) { zend_error_noreturn(E_ERROR, "Base lambda function for closure not found"); } zend_create_closure(&EX_T(opline->result.var).tmp_var, op_array, EG(scope), EG(This) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_CONST == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -4424,9 +4699,9 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEN function_name_strval = Z_STRVAL_P(opline->op2.zv); function_name_strlen = Z_STRLEN_P(opline->op2.zv); } else { - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -4440,7 +4715,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEN } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -4449,11 +4724,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEN } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -4485,15 +4760,57 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEN } } + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_CATCH_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_class_entry *ce, *catch_ce; + + SAVE_OPLINE(); + /* Check whether an exception has been thrown, if not, jump over code */ + zend_exception_restore(TSRMLS_C); + if (EG(exception) == NULL) { + ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + ZEND_VM_CONTINUE(); /* CHECK_ME */ + } + catch_ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, ZEND_FETCH_CLASS_NO_AUTOLOAD TSRMLS_CC); + ce = Z_OBJCE_P(EG(exception)); + if (ce != catch_ce) { + if (!instanceof_function(ce, catch_ce TSRMLS_CC)) { + if (opline->result.num) { + zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION(); + } + ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + ZEND_VM_CONTINUE(); /* CHECK_ME */ + } + } + + if (!EG(active_symbol_table)) { + if (EX_CV(opline->op2.var)) { + zval_ptr_dtor(EX_CV(opline->op2.var)); + } + EX_CV(opline->op2.var) = (zval**)EX_CVs() + (EX(op_array)->last_var + opline->op2.var); + *EX_CV(opline->op2.var) = EG(exception); + } else { + zend_compiled_variable *cv = &CV_DEF_OF(opline->op2.var); + zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, + &EG(exception), sizeof(zval *), (void**)&EX_CV(opline->op2.var)); + } + EG(exception) = NULL; ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; + SAVE_OPLINE(); if (IS_CONST==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -4504,7 +4821,7 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_AR } is_equal_function(&EX_T(opline->result.var).tmp_var, opline->op1.zv, - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (switch_expr_is_overloaded) { /* We only free op1 if this is a string offset, @@ -4516,47 +4833,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_AR EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=_get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { expr_ptr=opline->op1.zv; - } -#else - expr_ptr=opline->op1.zv; -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -4567,7 +4869,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCO Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CV != IS_UNUSED) { + + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -4576,7 +4884,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCO case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CV == IS_CONST) { @@ -4589,10 +4897,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -4602,19 +4910,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CONST == IS_VAR || IS_CONST == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CONST == IS_UNUSED) { @@ -4628,35 +4937,43 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval z_copy; - zval *z = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *z; + + SAVE_OPLINE(); + z = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (IS_TMP_VAR != IS_CONST && - Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get_method != NULL && + UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && + Z_OBJ_HT_P(z)->get_method != NULL && zend_std_cast_object_tostring(z, &z_copy, IS_STRING TSRMLS_CC) == SUCCESS) { zend_print_variable(&z_copy); zval_dtor(&z_copy); @@ -4665,31 +4982,33 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRINT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; + USE_OPLINE + ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); return ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *varname = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *varname; zval **retval; zval tmp_varname; HashTable *target_symbol_table; ulong hash_value; - if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp_varname = *varname; + SAVE_OPLINE(); + varname = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_TMP_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { + ZVAL_COPY_VALUE(&tmp_varname, varname); zval_copy_ctor(&tmp_varname); convert_to_string(&tmp_varname); varname = &tmp_varname; @@ -4702,6 +5021,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_O target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); /* if (!target_symbol_table) { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } */ @@ -4725,12 +5045,9 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_O case BP_VAR_RW: zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); /* break missing intentionally */ - case BP_VAR_W: { - zval *new_zval = &EG(uninitialized_zval); - - Z_ADDREF_P(new_zval); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &new_zval, sizeof(zval *), (void **) &retval); - } + case BP_VAR_W: + Z_ADDREF_P(&EG(uninitialized_zval)); + zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); break; EMPTY_SWITCH_DEFAULT_CASE() } @@ -4757,7 +5074,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_O if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(varname); + zval_dtor(&tmp_varname); } if (RETURN_VALUE_USED(opline)) { if (opline->extended_value & ZEND_FETCH_MAKE_REF) { @@ -4767,25 +5084,25 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_O switch (type) { case BP_VAR_R: case BP_VAR_IS: - AI_SET_PTR(EX_T(opline->result.var).var, *retval); + AI_SET_PTR(&EX_T(opline->result.var), *retval); break; case BP_VAR_UNSET: { zend_free_op free_res; - EX_T(opline->result.var).var.ptr_ptr = retval; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval, &free_res); + if (retval != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval); FREE_OP_VAR_PTR(free_res); - break; + } + /* break missing intentionally */ default: EX_T(opline->result.var).var.ptr_ptr = retval; break; - } } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -4806,7 +5123,9 @@ static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_var_address_helper_SPEC_TMP(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (EX(opline)->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + return zend_fetch_var_address_helper_SPEC_TMP(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -4821,18 +5140,21 @@ static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_JMPZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int ret; - if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); zval_dtor(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (!ret) { @@ -4848,18 +5170,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int ret; - if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); zval_dtor(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (ret) { @@ -4875,18 +5200,21 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int retval; - if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); zval_dtor(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (EXPECTED(retval != 0)) { @@ -4906,18 +5234,21 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int retval; - if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); zval_dtor(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -4934,18 +5265,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int retval; - if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_TMP_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); zval_dtor(free_op1.var); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -4962,18 +5296,23 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_FREE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zendi_zval_dtor(EX_T(EX(opline)->op1.var).tmp_var); + USE_OPLINE + + SAVE_OPLINE(); + zendi_zval_dtor(EX_T(opline->op1.var).tmp_var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *retval_ptr; zval **retval_ptr_ptr; zend_free_op free_op1; - if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) { + SAVE_OPLINE(); + if (UNEXPECTED(EG(active_op_array)->return_reference == ZEND_RETURN_REF)) { if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) { /* Not supposed to happen, but we'll allow it */ @@ -4983,7 +5322,7 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) retval_ptr_ptr = NULL; - if (IS_TMP_VAR == IS_VAR && !retval_ptr_ptr) { + if (IS_TMP_VAR == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } @@ -5005,10 +5344,12 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr); } + + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { return_by_value: - retval_ptr = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + retval_ptr = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (!EG(return_value_ptr_ptr)) { if (IS_TMP_VAR == IS_TMP_VAR) { @@ -5035,21 +5376,22 @@ return_by_value: INIT_PZVAL_COPY(ret, retval_ptr); *EG(return_value_ptr_ptr) = ret; } - } - return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *value; zval *exception; zend_free_op free_op1; - value = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_TMP_VAR == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) { + if (IS_TMP_VAR == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "Can only throw objects"); } zend_exception_save(TSRMLS_C); @@ -5063,12 +5405,14 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_throw_exception_object(exception TSRMLS_CC); zend_exception_restore(TSRMLS_C); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (opline->extended_value==ZEND_DO_FCALL_BY_NAME && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); @@ -5078,7 +5422,7 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zval *value; zend_free_op free_op1; - value = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + value = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); ALLOC_ZVAL(valptr); INIT_PZVAL_COPY(valptr, value); @@ -5088,41 +5432,47 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_vm_stack_push(valptr TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + zval *retval = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - Z_LVAL(EX_T(opline->result.var).tmp_var) = i_zend_is_true(_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)); - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; + ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC))); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *obj = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *obj; zend_class_entry *ce; zend_function *clone; zend_object_clone_obj_t clone_call; + SAVE_OPLINE(); + obj = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_TMP_VAR == IS_CONST || - (IS_TMP_VAR == IS_VAR && !obj) || - Z_TYPE_P(obj) != IS_OBJECT) { + (IS_TMP_VAR == IS_VAR && UNEXPECTED(obj == NULL)) || + UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "__clone method called on non-object"); } ce = Z_OBJCE_P(obj); clone = ce ? ce->clone : NULL; clone_call = Z_OBJ_HT_P(obj)->clone_obj; - if (!clone_call) { + if (UNEXPECTED(clone_call == NULL)) { if (ce) { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); } else { @@ -5134,42 +5484,49 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (ce != EG(scope)) { + if (UNEXPECTED(ce != EG(scope))) { zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (!zend_check_protected(clone->common.scope, EG(scope))) { + if (UNEXPECTED(!zend_check_protected(clone->common.scope, EG(scope)))) { zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!EG(exception)) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - Z_OBJVAL_P(EX_T(opline->result.var).var.ptr) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_OBJECT; - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - Z_SET_ISREF_P(EX_T(opline->result.var).var.ptr); - if (!RETURN_VALUE_USED(opline) || EG(exception)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (EXPECTED(EG(exception) == NULL)) { + zval *retval; + + ALLOC_ZVAL(retval); + Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); + Z_TYPE_P(retval) = IS_OBJECT; + Z_SET_REFCOUNT_P(retval, 1); + Z_SET_ISREF_P(retval); + if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor(&retval); + } else { + AI_SET_PTR(&EX_T(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *expr = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *expr; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + expr = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (opline->extended_value != IS_STRING) { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!1) { zendi_zval_copy_ctor(*result); } @@ -5193,12 +5550,12 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_make_printable_zval(expr, &var_copy, &use_copy); if (use_copy) { - *result = var_copy; + ZVAL_COPY_VALUE(result, &var_copy); if (1) { zval_dtor(free_op1.var); } } else { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!1) { zendi_zval_copy_ctor(*result); } @@ -5213,28 +5570,29 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) break; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_op_array *new_op_array=NULL; - int return_value_used; zend_free_op free_op1; - zval *inc_filename = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *inc_filename; zval tmp_inc_filename; zend_bool failure_retval=0; + SAVE_OPLINE(); + inc_filename = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (inc_filename->type!=IS_STRING) { - tmp_inc_filename = *inc_filename; + ZVAL_COPY_VALUE(&tmp_inc_filename, inc_filename); zval_copy_ctor(&tmp_inc_filename); convert_to_string(&tmp_inc_filename); inc_filename = &tmp_inc_filename; } - return_value_used = RETURN_VALUE_USED(opline); - switch (opline->extended_value) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -5292,12 +5650,18 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND zval_dtor(&tmp_inc_filename); } zval_dtor(free_op1.var); - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (new_op_array && !EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } else if (EXPECTED(new_op_array != NULL)) { EX(original_return_value) = EG(return_value_ptr_ptr); - EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.var).var.ptr_ptr : NULL; EG(active_op_array) = new_op_array; - EX_T(opline->result.var).var.ptr = NULL; + if (RETURN_VALUE_USED(opline)) { + EX_T(opline->result.var).var.ptr = NULL; + EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; + } else { + EG(return_value_ptr_ptr) = NULL; + } EX(current_object) = EX(object); @@ -5308,8 +5672,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND zend_rebuild_symbol_table(TSRMLS_C); } - if (zend_execute == execute) { - EX(call_opline) = opline; + if (EXPECTED(zend_execute == execute)) { ZEND_VM_ENTER(); } else { zend_execute(new_op_array TSRMLS_CC); @@ -5318,75 +5681,62 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND EX(function_state).function = (zend_function *) EX(op_array); EX(object) = EX(current_object); - if (return_value_used) { - if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); efree(new_op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - } else { - if (return_value_used) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_ZVAL(*EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = failure_retval; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } + + } else if (RETURN_VALUE_USED(opline)) { + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, failure_retval); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval tmp, *varname; HashTable *target_symbol_table; zend_free_op free_op1; + SAVE_OPLINE(); if (IS_TMP_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { if (EG(active_symbol_table)) { - zend_execute_data *ex = EX(prev_execute_data); zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) { - while (ex && ex->symbol_table == EG(active_symbol_table)) { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == cv->hash_value && - ex->op_array->vars[i].name_len == cv->name_len && - !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } - } - EX(CVs)[opline->op1.var] = NULL; - } else if (EX(CVs)[opline->op1.var]) { - zval_ptr_dtor(EX(CVs)[opline->op1.var]); - EX(CVs)[opline->op1.var] = NULL; + zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); + EX_CV(opline->op1.var) = NULL; + } else if (EX_CV(opline->op1.var)) { + zval_ptr_dtor(EX_CV(opline->op1.var)); + EX_CV(opline->op1.var) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - varname = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + varname = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -5400,39 +5750,22 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_AR ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) { - zend_execute_data *ex = execute_data; - - do { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == varname->value.str.len && - !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } while (ex && ex->symbol_table == target_symbol_table); - } + zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); } - if (varname == &tmp) { + if (IS_TMP_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) { zval_ptr_dtor(&varname); } zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *array_ptr, **array_ptr_ptr; HashTable *fe_ht; @@ -5440,10 +5773,13 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_class_entry *ce = NULL; zend_bool is_empty = 0; + SAVE_OPLINE(); + if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { array_ptr_ptr = NULL; if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - ALLOC_INIT_ZVAL(array_ptr); + MAKE_STD_ZVAL(array_ptr); + ZVAL_NULL(array_ptr); } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); @@ -5467,7 +5803,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG Z_ADDREF_P(array_ptr); } } else { - array_ptr = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + array_ptr = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (1) { /* IS_TMP_VAR */ zval *tmp; @@ -5503,7 +5839,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG if (ce && ce->get_iterator) { iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); - if (iter && !EG(exception)) { + if (iter && EXPECTED(EG(exception) == NULL)) { array_ptr = zend_iterator_wrap(iter TSRMLS_CC); } else { if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -5515,18 +5851,18 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); } zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } - AI_SET_PTR(EX_T(opline->result.var).var, array_ptr); PZVAL_LOCK(array_ptr); + AI_SET_PTR(&EX_T(opline->result.var), array_ptr); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -5534,11 +5870,11 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG } else { } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -5546,7 +5882,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG } else { } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { @@ -5583,19 +5919,21 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG if (is_empty) { ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } else { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval **value; zend_bool isset = 1; + SAVE_OPLINE(); if (IS_TMP_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX(CVs)[opline->op1.var]) { - value = EX(CVs)[opline->op1.var]; + if (EX_CV(opline->op1.var)) { + value = EX_CV(opline->op1.var); } else if (EG(active_symbol_table)) { zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); @@ -5608,10 +5946,10 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HA } else { HashTable *target_symbol_table; zend_free_op free_op1; - zval tmp, *varname = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval tmp, *varname = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -5629,38 +5967,39 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HA } } - if (varname == &tmp) { + if (IS_TMP_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } zval_dtor(free_op1.var); } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + if (isset && Z_TYPE_PP(value) != IS_NULL) { + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = isset; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { if (!isset || !i_zend_is_true(*value)) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { #if 0 || (IS_TMP_VAR != IS_UNUSED) - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (IS_TMP_VAR != IS_UNUSED) { zend_free_op free_op1; - zval *ptr = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *ptr = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); @@ -5671,14 +6010,15 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } #endif zend_bailout(); - ZEND_VM_NEXT_OPCODE(); + ZEND_VM_NEXT_OPCODE(); /* Never reached */ } static int ZEND_FASTCALL ZEND_END_SILENCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval restored_error_reporting; + SAVE_OPLINE(); if (!EG(error_reporting) && Z_LVAL(EX_T(opline->op1.var).tmp_var) != 0) { Z_TYPE(restored_error_reporting) = IS_LONG; Z_LVAL(restored_error_reporting) = Z_LVAL(EX_T(opline->op1.var).tmp_var); @@ -5689,17 +6029,21 @@ static int ZEND_FASTCALL ZEND_END_SILENCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ if (EX(old_error_reporting) == &EX_T(opline->op1.var).tmp_var) { EX(old_error_reporting) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (i_zend_is_true(value)) { - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); zval_dtor(free_op1.var); #if DEBUG_ZEND>=2 @@ -5709,30 +6053,38 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS } zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; - EX_T(opline->result.var).tmp_var = *value; + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); if (!1) { zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *expr = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *expr; zend_bool result; + SAVE_OPLINE(); + expr = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); } else { @@ -5740,280 +6092,323 @@ static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_A } ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *container; - if (Z_TYPE_P(container) != IS_ARRAY) { + SAVE_OPLINE(); + container = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_ARRAY)) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - zval *dim = opline->op2.zv; + zval *value = *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); - AI_SET_PTR(EX_T(opline->result.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, IS_CONST, BP_VAR_R TSRMLS_CC)); - SELECTIVE_PZVAL_LOCK(EX_T(opline->result.var).var.ptr, opline); + SELECTIVE_PZVAL_LOCK(value, opline); + AI_SET_PTR(&EX_T(opline->result.var), value); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_char_to_string */ Z_STRVAL_P(str) = NULL; @@ -6026,14 +6421,17 @@ static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDL add_char_to_string(str, str, opline->op2.zv); /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -6046,38 +6444,42 @@ static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HAN add_string_to_string(str, str, opline->op2.zv); /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); function_name = opline->op2.zv; - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CONST != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -6101,15 +6503,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCO } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1; + SAVE_OPLINE(); if (IS_TMP_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -6119,7 +6523,7 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_A } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (switch_expr_is_overloaded) { @@ -6132,47 +6536,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_A EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=opline->op2.zv; - ulong hval; - long index; -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (1) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (1) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -6183,7 +6572,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPC Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CONST != IS_UNUSED) { + + zval *offset = opline->op2.zv; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -6192,7 +6587,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPC case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CONST == IS_CONST) { @@ -6205,10 +6600,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -6218,19 +6613,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_TMP_VAR == IS_UNUSED) { @@ -6244,257 +6640,296 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -6524,38 +6959,42 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ */ zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_TMP_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -6580,15 +7019,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); if (IS_TMP_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -6598,8 +7039,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); if (switch_expr_is_overloaded) { @@ -6612,47 +7053,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op1, free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zend_free_op free_op1; zval *expr_ptr; - zval *offset=_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (1) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (1) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -6663,7 +7089,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCOD Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_TMP_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -6672,7 +7104,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCOD case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_TMP_VAR == IS_CONST) { @@ -6685,10 +7117,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -6698,19 +7130,20 @@ num_index: } zval_dtor(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_TMP_VAR == IS_UNUSED) { @@ -6724,257 +7157,296 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -7004,38 +7476,42 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ */ if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -7060,15 +7536,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); if (IS_TMP_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -7078,8 +7556,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (switch_expr_is_overloaded) { @@ -7092,47 +7570,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op1, free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zend_free_op free_op1; zval *expr_ptr; - zval *offset=_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (1) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (1) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -7143,7 +7606,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCOD Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -7152,7 +7621,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCOD case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_VAR == IS_CONST) { @@ -7165,10 +7634,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -7178,19 +7647,20 @@ num_index: } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_TMP_VAR == IS_UNUSED) { @@ -7204,42 +7674,26 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=NULL; - ulong hval; - long index; -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (1) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (1) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -7250,7 +7704,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OP Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_UNUSED != IS_UNUSED) { + + zval *offset = NULL; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -7259,7 +7719,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OP case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_UNUSED == IS_CONST) { @@ -7272,10 +7732,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -7285,19 +7745,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_TMP_VAR == IS_UNUSED) { @@ -7311,257 +7772,296 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_ADD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op1.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_TMP_VAR == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -7590,38 +8090,42 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_A * string offsets or overloaded objects */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CV != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -7645,15 +8149,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_ } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1; + SAVE_OPLINE(); if (IS_TMP_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -7663,8 +8169,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (switch_expr_is_overloaded) { /* We only free op1 if this is a string offset, @@ -7676,47 +8182,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=_get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = NULL; - if (opline->extended_value) { - expr_ptr_ptr=NULL; + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (1) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (1) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -7727,7 +8218,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CV != IS_UNUSED) { + + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -7736,7 +8233,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CV == IS_CONST) { @@ -7749,10 +8246,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -7762,19 +8259,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_TMP_VAR == IS_UNUSED) { @@ -7788,47 +8286,56 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **var_ptr; + + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !var_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -7841,35 +8348,41 @@ static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **var_ptr; + + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !var_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -7882,37 +8395,44 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **var_ptr, *retval; - if (IS_VAR == IS_VAR && !var_ptr) { + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).tmp_var = *EG(uninitialized_zval_ptr); + ZVAL_NULL(&EX_T(opline->result.var).tmp_var); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - EX_T(opline->result.var).tmp_var = **var_ptr; - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + retval = &EX_T(opline->result.var).tmp_var; + ZVAL_COPY_VALUE(retval, *var_ptr); + zendi_zval_copy_ctor(*retval); SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -7925,32 +8445,39 @@ static int ZEND_FASTCALL ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **var_ptr, *retval; + + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !var_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_VAR == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).tmp_var = *EG(uninitialized_zval_ptr); + ZVAL_NULL(&EX_T(opline->result.var).tmp_var); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - EX_T(opline->result.var).tmp_var = **var_ptr; - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + retval = &EX_T(opline->result.var).tmp_var; + ZVAL_COPY_VALUE(retval, *var_ptr); + zendi_zval_copy_ctor(*retval); SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -7963,18 +8490,23 @@ static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval z_copy; - zval *z = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *z; + + SAVE_OPLINE(); + z = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (IS_VAR != IS_CONST && - Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get_method != NULL && + UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && + Z_OBJ_HT_P(z)->get_method != NULL && zend_std_cast_object_tostring(z, &z_copy, IS_STRING TSRMLS_CC) == SUCCESS) { zend_print_variable(&z_copy); zval_dtor(&z_copy); @@ -7983,31 +8515,33 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRINT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; + USE_OPLINE + ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); return ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *varname = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *varname; zval **retval; zval tmp_varname; HashTable *target_symbol_table; ulong hash_value; - if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp_varname = *varname; + SAVE_OPLINE(); + varname = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { + ZVAL_COPY_VALUE(&tmp_varname, varname); zval_copy_ctor(&tmp_varname); convert_to_string(&tmp_varname); varname = &tmp_varname; @@ -8020,6 +8554,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_O target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); /* if (!target_symbol_table) { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } */ @@ -8043,12 +8578,9 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_O case BP_VAR_RW: zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); /* break missing intentionally */ - case BP_VAR_W: { - zval *new_zval = &EG(uninitialized_zval); - - Z_ADDREF_P(new_zval); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &new_zval, sizeof(zval *), (void **) &retval); - } + case BP_VAR_W: + Z_ADDREF_P(&EG(uninitialized_zval)); + zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); break; EMPTY_SWITCH_DEFAULT_CASE() } @@ -8075,7 +8607,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_O if (IS_VAR != IS_CONST && varname == &tmp_varname) { - zval_dtor(varname); + zval_dtor(&tmp_varname); } if (RETURN_VALUE_USED(opline)) { if (opline->extended_value & ZEND_FETCH_MAKE_REF) { @@ -8085,25 +8617,25 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_O switch (type) { case BP_VAR_R: case BP_VAR_IS: - AI_SET_PTR(EX_T(opline->result.var).var, *retval); + AI_SET_PTR(&EX_T(opline->result.var), *retval); break; case BP_VAR_UNSET: { zend_free_op free_res; - EX_T(opline->result.var).var.ptr_ptr = retval; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval, &free_res); + if (retval != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval); FREE_OP_VAR_PTR(free_res); - break; + } + /* break missing intentionally */ default: EX_T(opline->result.var).var.ptr_ptr = retval; break; - } } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -8124,7 +8656,9 @@ static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_var_address_helper_SPEC_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (EX(opline)->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + return zend_fetch_var_address_helper_SPEC_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -8139,18 +8673,21 @@ static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_JMPZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int ret; - if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (!ret) { @@ -8166,18 +8703,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int ret; - if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (ret) { @@ -8193,18 +8733,21 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int retval; - if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (EXPECTED(retval != 0)) { @@ -8224,18 +8767,21 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int retval; - if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -8252,18 +8798,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *val = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *val; int retval; - if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -8280,12 +8829,13 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG static int ZEND_FASTCALL ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *retval_ptr; zval **retval_ptr_ptr; zend_free_op free_op1; - if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) { + SAVE_OPLINE(); + if (UNEXPECTED(EG(active_op_array)->return_reference == ZEND_RETURN_REF)) { if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) { /* Not supposed to happen, but we'll allow it */ @@ -8293,9 +8843,9 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) goto return_by_value; } - retval_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + retval_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !retval_ptr_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } @@ -8317,10 +8867,12 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr); } + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { return_by_value: - retval_ptr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + retval_ptr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (!EG(return_value_ptr_ptr)) { if (IS_VAR == IS_TMP_VAR) { @@ -8347,21 +8899,22 @@ return_by_value: INIT_PZVAL_COPY(ret, retval_ptr); *EG(return_value_ptr_ptr) = ret; } + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *value; zval *exception; zend_free_op free_op1; - value = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SAVE_OPLINE(); + value = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) { + if (IS_VAR == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "Can only throw objects"); } zend_exception_save(TSRMLS_C); @@ -8375,12 +8928,14 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_throw_exception_object(exception TSRMLS_CC); zend_exception_restore(TSRMLS_C); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (opline->extended_value==ZEND_DO_FCALL_BY_NAME && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); @@ -8390,7 +8945,7 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zval *value; zend_free_op free_op1; - value = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + value = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); ALLOC_ZVAL(valptr); INIT_PZVAL_COPY(valptr, value); @@ -8400,15 +8955,16 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_vm_stack_push(valptr TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *varptr; zend_free_op free_op1; - varptr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + varptr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (varptr == &EG(uninitialized_zval)) { ALLOC_ZVAL(varptr); @@ -8418,7 +8974,7 @@ static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_AR zval *original_var = varptr; ALLOC_ZVAL(varptr); - *varptr = *original_var; + ZVAL_COPY_VALUE(varptr, original_var); Z_UNSET_ISREF_P(varptr); Z_SET_REFCOUNT_P(varptr, 0); zval_copy_ctor(varptr); @@ -8427,15 +8983,17 @@ static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_AR zend_vm_stack_push(varptr TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* for string offsets */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *varptr; + SAVE_OPLINE(); if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */ if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) { return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -8451,7 +9009,7 @@ static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND varptr = EX_T(opline->op1.var).var.ptr; PZVAL_UNLOCK_EX(varptr, &free_op1, 0); } else { - varptr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + varptr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); } if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) || EX_T(opline->op1.var).var.fcall_returned_reference) && @@ -8477,24 +9035,27 @@ static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND zend_vm_stack_push(valptr TSRMLS_CC); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval **varptr_ptr; zval *varptr; - varptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !varptr_ptr) { + SAVE_OPLINE(); + varptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(varptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Only variables can be passed by reference"); } - if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { - return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } + if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { + return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr); varptr = *varptr_ptr; @@ -8502,60 +9063,69 @@ static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_vm_stack_push(varptr TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME) && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { return ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } + SAVE_OPLINE(); return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_BOOL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + zval *retval = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - Z_LVAL(EX_T(opline->result.var).tmp_var) = i_zend_is_true(_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)); - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; + ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC))); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SWITCH_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); zend_switch_free(&EX_T(opline->op1.var), opline->extended_value TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *obj = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *obj; zend_class_entry *ce; zend_function *clone; zend_object_clone_obj_t clone_call; + SAVE_OPLINE(); + obj = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_CONST || - (IS_VAR == IS_VAR && !obj) || - Z_TYPE_P(obj) != IS_OBJECT) { + (IS_VAR == IS_VAR && UNEXPECTED(obj == NULL)) || + UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "__clone method called on non-object"); } ce = Z_OBJCE_P(obj); clone = ce ? ce->clone : NULL; clone_call = Z_OBJ_HT_P(obj)->clone_obj; - if (!clone_call) { + if (UNEXPECTED(clone_call == NULL)) { if (ce) { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); } else { @@ -8567,42 +9137,49 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (ce != EG(scope)) { + if (UNEXPECTED(ce != EG(scope))) { zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (!zend_check_protected(clone->common.scope, EG(scope))) { + if (UNEXPECTED(!zend_check_protected(clone->common.scope, EG(scope)))) { zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!EG(exception)) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - Z_OBJVAL_P(EX_T(opline->result.var).var.ptr) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_OBJECT; - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - Z_SET_ISREF_P(EX_T(opline->result.var).var.ptr); - if (!RETURN_VALUE_USED(opline) || EG(exception)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (EXPECTED(EG(exception) == NULL)) { + zval *retval; + + ALLOC_ZVAL(retval); + Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); + Z_TYPE_P(retval) = IS_OBJECT; + Z_SET_REFCOUNT_P(retval, 1); + Z_SET_ISREF_P(retval); + if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor(&retval); + } else { + AI_SET_PTR(&EX_T(opline->result.var), retval); } } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *expr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *expr; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + expr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (opline->extended_value != IS_STRING) { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!0) { zendi_zval_copy_ctor(*result); } @@ -8626,12 +9203,12 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_make_printable_zval(expr, &var_copy, &use_copy); if (use_copy) { - *result = var_copy; + ZVAL_COPY_VALUE(result, &var_copy); if (0) { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } } else { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!0) { zendi_zval_copy_ctor(*result); } @@ -8646,28 +9223,29 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) break; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_op_array *new_op_array=NULL; - int return_value_used; zend_free_op free_op1; - zval *inc_filename = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *inc_filename; zval tmp_inc_filename; zend_bool failure_retval=0; + SAVE_OPLINE(); + inc_filename = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (inc_filename->type!=IS_STRING) { - tmp_inc_filename = *inc_filename; + ZVAL_COPY_VALUE(&tmp_inc_filename, inc_filename); zval_copy_ctor(&tmp_inc_filename); convert_to_string(&tmp_inc_filename); inc_filename = &tmp_inc_filename; } - return_value_used = RETURN_VALUE_USED(opline); - switch (opline->extended_value) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -8725,12 +9303,18 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND zval_dtor(&tmp_inc_filename); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (new_op_array && !EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } else if (EXPECTED(new_op_array != NULL)) { EX(original_return_value) = EG(return_value_ptr_ptr); - EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.var).var.ptr_ptr : NULL; EG(active_op_array) = new_op_array; - EX_T(opline->result.var).var.ptr = NULL; + if (RETURN_VALUE_USED(opline)) { + EX_T(opline->result.var).var.ptr = NULL; + EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; + } else { + EG(return_value_ptr_ptr) = NULL; + } EX(current_object) = EX(object); @@ -8741,8 +9325,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND zend_rebuild_symbol_table(TSRMLS_C); } - if (zend_execute == execute) { - EX(call_opline) = opline; + if (EXPECTED(zend_execute == execute)) { ZEND_VM_ENTER(); } else { zend_execute(new_op_array TSRMLS_CC); @@ -8751,75 +9334,62 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND EX(function_state).function = (zend_function *) EX(op_array); EX(object) = EX(current_object); - if (return_value_used) { - if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); efree(new_op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - } else { - if (return_value_used) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_ZVAL(*EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = failure_retval; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } + + } else if (RETURN_VALUE_USED(opline)) { + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, failure_retval); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval tmp, *varname; HashTable *target_symbol_table; zend_free_op free_op1; + SAVE_OPLINE(); if (IS_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { if (EG(active_symbol_table)) { - zend_execute_data *ex = EX(prev_execute_data); zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) { - while (ex && ex->symbol_table == EG(active_symbol_table)) { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == cv->hash_value && - ex->op_array->vars[i].name_len == cv->name_len && - !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } - } - EX(CVs)[opline->op1.var] = NULL; - } else if (EX(CVs)[opline->op1.var]) { - zval_ptr_dtor(EX(CVs)[opline->op1.var]); - EX(CVs)[opline->op1.var] = NULL; + zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); + EX_CV(opline->op1.var) = NULL; + } else if (EX_CV(opline->op1.var)) { + zval_ptr_dtor(EX_CV(opline->op1.var)); + EX_CV(opline->op1.var) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - varname = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + varname = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -8833,39 +9403,22 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_AR ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) { - zend_execute_data *ex = execute_data; - - do { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == varname->value.str.len && - !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } while (ex && ex->symbol_table == target_symbol_table); - } + zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); } - if (varname == &tmp) { + if (IS_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) { zval_ptr_dtor(&varname); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *array_ptr, **array_ptr_ptr; HashTable *fe_ht; @@ -8873,10 +9426,13 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_class_entry *ce = NULL; zend_bool is_empty = 0; + SAVE_OPLINE(); + if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { - array_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + array_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - ALLOC_INIT_ZVAL(array_ptr); + MAKE_STD_ZVAL(array_ptr); + ZVAL_NULL(array_ptr); } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); @@ -8900,7 +9456,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG Z_ADDREF_P(array_ptr); } } else { - array_ptr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + array_ptr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { /* IS_TMP_VAR */ zval *tmp; @@ -8936,7 +9492,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG if (ce && ce->get_iterator) { iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); - if (iter && !EG(exception)) { + if (iter && EXPECTED(EG(exception) == NULL)) { array_ptr = zend_iterator_wrap(iter TSRMLS_CC); } else { if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -8948,18 +9504,18 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); } zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } - AI_SET_PTR(EX_T(opline->result.var).var, array_ptr); PZVAL_LOCK(array_ptr); + AI_SET_PTR(&EX_T(opline->result.var), array_ptr); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -8967,11 +9523,11 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -8979,7 +9535,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { @@ -9016,13 +9572,14 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG if (is_empty) { ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } else { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *array = EX_T(opline->op1.var).var.ptr; zval **value; @@ -9034,6 +9591,8 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG int key_type = 0; zend_bool use_key = (zend_bool)(opline->extended_value & ZEND_FE_FETCH_WITH_KEY); + SAVE_OPLINE(); + switch (zend_iterator_unwrap(array, &iter TSRMLS_CC)) { default: case ZEND_ITER_INVALID: @@ -9044,7 +9603,7 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG char *class_name, *prop_name; zend_object *zobj = zend_objects_get_address(array TSRMLS_CC); - fe_ht = HASH_OF(array); + fe_ht = Z_OBJPROP_P(array); zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); do { if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { @@ -9068,7 +9627,7 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } case ZEND_ITER_PLAIN_ARRAY: - fe_ht = HASH_OF(array); + fe_ht = Z_ARRVAL_P(array); zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.var).fe.fe_pos); if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { /* reached end of iteration */ @@ -9087,27 +9646,27 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG /* This could cause an endless loop if index becomes zero again. * In case that ever happens we need an additional flag. */ iter->funcs->move_forward(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } /* If index is zero we come from FE_RESET and checked valid() already. */ if (!iter || (iter->index > 0 && iter->funcs->valid(iter TSRMLS_CC) == FAILURE)) { /* reached end of iteration */ - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } iter->funcs->get_current_data(iter, &value TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } if (!value) { /* failure in get_current_data */ @@ -9116,10 +9675,10 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG if (use_key) { if (iter->funcs->get_current_key) { key_type = iter->funcs->get_current_key(iter, &str_key, &str_key_len, &int_key TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array); zval_ptr_dtor(&array); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } else { key_type = HASH_KEY_IS_LONG; @@ -9135,13 +9694,12 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG EX_T(opline->result.var).var.ptr_ptr = value; Z_ADDREF_PP(value); } else { - AI_SET_PTR(EX_T(opline->result.var).var, *value); PZVAL_LOCK(*value); + AI_SET_PTR(&EX_T(opline->result.var), *value); } if (use_key) { - zend_op *op_data = opline+1; - zval *key = &EX_T(op_data->result.var).tmp_var; + zval *key = &EX_T((opline+1)->result.var).tmp_var; switch (key_type) { case HASH_KEY_IS_STRING: @@ -9160,19 +9718,21 @@ static int ZEND_FASTCALL ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } } + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval **value; zend_bool isset = 1; + SAVE_OPLINE(); if (IS_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX(CVs)[opline->op1.var]) { - value = EX(CVs)[opline->op1.var]; + if (EX_CV(opline->op1.var)) { + value = EX_CV(opline->op1.var); } else if (EG(active_symbol_table)) { zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); @@ -9185,10 +9745,10 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HA } else { HashTable *target_symbol_table; zend_free_op free_op1; - zval tmp, *varname = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval tmp, *varname = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -9206,38 +9766,39 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HA } } - if (varname == &tmp) { + if (IS_VAR != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + if (isset && Z_TYPE_PP(value) != IS_NULL) { + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = isset; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { if (!isset || !i_zend_is_true(*value)) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { #if 0 || (IS_VAR != IS_UNUSED) - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (IS_VAR != IS_UNUSED) { zend_free_op free_op1; - zval *ptr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *ptr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); @@ -9248,17 +9809,20 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } #endif zend_bailout(); - ZEND_VM_NEXT_OPCODE(); + ZEND_VM_NEXT_OPCODE(); /* Never reached */ } static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; + + SAVE_OPLINE(); + value = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (i_zend_is_true(value)) { - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; #if DEBUG_ZEND>=2 @@ -9268,30 +9832,38 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; - EX_T(opline->result.var).tmp_var = *value; + SAVE_OPLINE(); + value = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); if (!0) { zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *expr = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *expr; zend_bool result; + SAVE_OPLINE(); + expr = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); } else { @@ -9299,282 +9871,317 @@ static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_A } ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); zval *object; zval *property = opline->op2.zv; - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -9592,9 +10199,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*b have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -9631,17 +10238,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*b Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -9656,66 +10263,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*b if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; zval *dim = opline->op2.zv; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: value = opline->op2.zv; - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -9728,15 +10340,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CONST(int (*binar } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; ZEND_VM_NEXT_OPCODE(); } @@ -9797,29 +10414,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = opline->op2.zv; - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = opline->op2.zv; + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9847,7 +10470,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -9867,8 +10490,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -9879,6 +10502,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CONST(incdec_t } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9894,26 +10518,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = opline->op2.zv; - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = opline->op2.zv; + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9929,7 +10559,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_ have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -9942,7 +10572,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_ zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -9952,12 +10582,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_ } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -9965,7 +10594,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_ zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -9975,6 +10604,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CONST(incdec_ } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -9990,195 +10620,194 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_VAR != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_RW TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_IS TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_CONST == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *dim = opline->op2.zv; + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_UNSET TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *container; - zval *offset = opline->op2.zv; + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = opline->op2.zv; + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { @@ -10189,7 +10818,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST( } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -10198,8 +10827,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST( FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -10210,21 +10839,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CONST( } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = opline->op2.zv; + zval *property; zval **container; + SAVE_OPLINE(); + property = opline->op2.zv; + if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -10233,47 +10866,50 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HA if (0) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -10282,37 +10918,84 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_H } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1; + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = opline->op2.zv; + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + + } + } + + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; - zval *property = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -10321,27 +11004,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CONST_HANDLER(ZEND_OP } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_res; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property = opline->op2.zv; + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = opline->op2.zv; if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -10351,7 +11034,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCOD if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -10360,13 +11043,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCOD } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; @@ -10376,24 +11054,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CONST_HANDLER(ZEND_OPCOD } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property_name = opline->op2.zv; + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property_name = opline->op2.zv; if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -10401,18 +11083,21 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { @@ -10422,7 +11107,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -10434,27 +11119,41 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN zval *dim = opline->op2.zv; zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_CONST, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CONST, BP_VAR_W TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -10462,34 +11161,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = opline->op2.zv; - zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; + zval **variable_ptr_ptr; - if (IS_VAR == IS_VAR && !variable_ptr_ptr) { + SAVE_OPLINE(); + value = opline->op2.zv; + variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CONST TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (0) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC); + if (0) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } @@ -10497,38 +11215,42 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER /* zend_assign_to_variable() always takes care of op2, never free it! */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); function_name = opline->op2.zv; - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CONST != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -10553,21 +11275,23 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCO if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -10591,7 +11315,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZE } else { function_name = opline->op2.zv; - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -10605,7 +11329,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZE } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -10614,11 +11338,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZE } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -10650,15 +11374,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CONST_HANDLER(ZE } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1; + SAVE_OPLINE(); if (IS_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -10668,7 +11394,7 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_A } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (switch_expr_is_overloaded) { @@ -10681,13 +11407,15 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_A EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); if (IS_VAR == IS_UNUSED) { /* namespaced constant */ if (!zend_get_constant_ex(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), &EX_T(opline->result.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) { @@ -10702,10 +11430,10 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); } else { - zend_error_noreturn(E_ERROR, "Undefined constant '%s'", - Z_STRVAL_P(opline->op2.zv), Z_STRVAL_P(opline->op2.zv)); + zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { /* class constant */ @@ -10715,14 +11443,14 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE if (IS_VAR == IS_CONST) { ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { ce = EX_T(opline->op1.var).class_entry; } - if (zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS) { + if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { zend_class_entry *old_scope = EG(scope); @@ -10731,54 +11459,39 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE zval_update_constant(value, (void *) 1 TSRMLS_CC); EG(scope) = old_scope; } - EX_T(opline->result.var).tmp_var = **value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=opline->op2.zv; - ulong hval; - long index; -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -10789,7 +11502,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPC Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CONST != IS_UNUSED) { + + zval *offset = opline->op2.zv; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -10798,7 +11517,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CONST_HANDLER(ZEND_OPC case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CONST == IS_CONST) { @@ -10811,10 +11530,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -10824,19 +11543,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_VAR == IS_UNUSED) { @@ -10850,13 +11570,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = opline->op2.zv; + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = opline->op2.zv; + if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -10890,24 +11614,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { zval_ptr_dtor(&offset); @@ -10924,7 +11634,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -10949,15 +11659,20 @@ num_index_dim: } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = opline->op2.zv; + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = opline->op2.zv; if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -10985,19 +11700,23 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HAND } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { zval *offset = opline->op2.zv; @@ -11091,7 +11810,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -11114,15 +11833,15 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11138,277 +11857,311 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CONST_HANDLER(ZEN static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); zval_dtor(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -11426,9 +12179,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (*bin have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -11465,17 +12218,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (*bin Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -11490,66 +12243,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(int (*bin if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_VAR_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + value = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } zval_dtor(free_op2.var); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -11562,16 +12320,21 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_TMP(int (*binary_ } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } zval_dtor(free_op2.var); if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; ZEND_VM_NEXT_OPCODE(); } @@ -11632,29 +12395,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); zval_dtor(free_op2.var); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11682,7 +12451,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t i if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -11702,8 +12471,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t i } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -11714,6 +12483,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_TMP(incdec_t i zval_dtor(free_op2.var); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11729,26 +12499,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); zval_dtor(free_op2.var); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11764,7 +12540,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -11777,7 +12553,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -11787,12 +12563,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -11800,7 +12575,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -11810,6 +12585,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_TMP(incdec_t zval_dtor(free_op2.var); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -11825,195 +12601,194 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_VAR != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); zval_dtor(free_op2.var); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_IS TSRMLS_CC); zval_dtor(free_op2.var); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_TMP_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); } zval_dtor(free_op2.var); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_UNSET TSRMLS_CC); zval_dtor(free_op2.var); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *container; zend_free_op free_op2; - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } zval_dtor(free_op2.var); } else { @@ -12024,7 +12799,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(in } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -12033,8 +12808,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(in FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (1) { @@ -12045,21 +12820,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_TMP(in } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -12068,47 +12847,50 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAND if (1) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (1) { zval_ptr_dtor(&property); } else { zval_dtor(free_op2.var); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -12117,37 +12899,84 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HAN } else { zval_dtor(free_op2.var); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + zval_dtor(free_op2.var); + } else { + zval *retval; + + if (1) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (1) { + zval_ptr_dtor(&offset); + } else { + zval_dtor(free_op2.var); + } + } + + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -12156,27 +12985,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_TMP_HANDLER(ZEND_OPCO } else { zval_dtor(free_op2.var); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -12186,7 +13015,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_ if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -12195,13 +13024,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_ } else { zval_dtor(free_op2.var); } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; @@ -12211,24 +13035,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_ } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (1) { zval_ptr_dtor(&property_name); } else { @@ -12236,28 +13064,31 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { zend_free_op free_op2; - zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (1) { zval_ptr_dtor(&property_name); } else { @@ -12266,31 +13097,45 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); zval_dtor(free_op2.var); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -12298,34 +13143,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *value = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; + zval **variable_ptr_ptr; + + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !variable_ptr_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_TMP_VAR TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (1) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 1 TSRMLS_CC); + if (1) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } @@ -12333,38 +13197,42 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_A /* zend_assign_to_variable() always takes care of op2, never free it! */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_TMP_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -12390,21 +13258,23 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE zval_dtor(free_op2.var); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -12426,9 +13296,9 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND function_name_strval = Z_STRVAL_P(opline->op2.zv); function_name_strlen = Z_STRLEN_P(opline->op2.zv); } else { - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -12442,7 +13312,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -12451,11 +13321,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND zval_dtor(free_op2.var); } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -12487,15 +13357,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_TMP_HANDLER(ZEND } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); if (IS_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -12505,8 +13377,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); if (switch_expr_is_overloaded) { @@ -12519,47 +13391,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARG EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op1, free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zend_free_op free_op1; zval *expr_ptr; - zval *offset=_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -12570,7 +13427,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCOD Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_TMP_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -12579,7 +13442,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_TMP_HANDLER(ZEND_OPCOD case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_TMP_VAR == IS_CONST) { @@ -12592,10 +13455,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -12605,19 +13468,20 @@ num_index: } zval_dtor(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_VAR == IS_UNUSED) { @@ -12631,13 +13495,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -12671,24 +13539,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { zval_ptr_dtor(&offset); @@ -12705,7 +13559,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (1) { @@ -12730,15 +13584,20 @@ num_index_dim: } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -12766,22 +13625,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLE } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { zend_free_op free_op2; - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -12872,7 +13735,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -12895,15 +13758,15 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -12919,277 +13782,311 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_TMP_HANDLER(ZEND_ static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -13207,9 +14104,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (*bin have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -13246,17 +14143,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (*bin Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -13271,66 +14168,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(int (*bin if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_VAR_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + value = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -13343,16 +14245,21 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_VAR(int (*binary_ } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; ZEND_VM_NEXT_OPCODE(); } @@ -13413,29 +14320,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13463,7 +14376,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t i if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -13483,8 +14396,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t i } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -13495,6 +14408,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_VAR(incdec_t i if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13510,26 +14424,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13545,7 +14465,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -13558,7 +14478,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -13568,12 +14488,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -13581,7 +14500,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -13591,6 +14510,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_VAR(incdec_t if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -13606,195 +14526,194 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_VAR != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_RW TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_IS TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_UNSET TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *container; zend_free_op free_op2; - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { @@ -13805,7 +14724,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(in } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -13814,8 +14733,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(in FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -13826,21 +14745,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_VAR(in } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -13849,47 +14772,50 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAND if (0) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -13898,37 +14824,84 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HAN } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1; + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + } + } + + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -13937,27 +14910,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_VAR_HANDLER(ZEND_OPCO } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -13967,7 +14940,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_ if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -13976,13 +14949,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_ } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; @@ -13992,24 +14960,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_ } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op2; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -14017,28 +14989,31 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { zend_free_op free_op2; - zval *property_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -14047,31 +15022,45 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_VAR, BP_VAR_W TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -14079,34 +15068,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *value = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; + zval **variable_ptr_ptr; + + SAVE_OPLINE(); + value = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !variable_ptr_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_VAR TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (0) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC); + if (0) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } @@ -14115,15 +15123,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_A /* zend_assign_to_variable() always takes care of op2, never free it! */ if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval **variable_ptr_ptr; - zval **value_ptr_ptr = _get_zval_ptr_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **value_ptr_ptr; + + SAVE_OPLINE(); + value_ptr_ptr = _get_zval_ptr_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR == IS_VAR && value_ptr_ptr && @@ -14136,19 +15148,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } return ZEND_ASSIGN_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { PZVAL_LOCK(*value_ptr_ptr); } - if (IS_VAR == IS_VAR && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if ((IS_VAR == IS_VAR && !value_ptr_ptr) || - (IS_VAR == IS_VAR && !variable_ptr_ptr)) { + variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if ((IS_VAR == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || + (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); @@ -14158,45 +15170,49 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *variable_ptr_ptr); PZVAL_LOCK(*variable_ptr_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -14222,21 +15238,23 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -14258,9 +15276,9 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND function_name_strval = Z_STRVAL_P(opline->op2.zv); function_name_strlen = Z_STRLEN_P(opline->op2.zv); } else { - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -14274,7 +15292,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -14283,11 +15301,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -14319,15 +15337,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_VAR_HANDLER(ZEND } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1, free_op2; + SAVE_OPLINE(); if (IS_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -14337,8 +15357,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (switch_expr_is_overloaded) { @@ -14351,47 +15371,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARG EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op1, free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zend_free_op free_op1; zval *expr_ptr; - zval *offset=_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -14402,7 +15407,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCOD Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -14411,7 +15422,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_VAR_HANDLER(ZEND_OPCOD case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_VAR == IS_CONST) { @@ -14424,10 +15435,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -14437,19 +15448,20 @@ num_index: } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_VAR == IS_UNUSED) { @@ -14463,13 +15475,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -14503,24 +15519,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { zval_ptr_dtor(&offset); @@ -14537,7 +15539,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -14562,15 +15564,20 @@ num_index_dim: } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -14598,22 +15605,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLE } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { zend_free_op free_op2; - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -14704,7 +15715,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -14727,15 +15738,15 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -14751,33 +15762,31 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_VAR_HANDLER(ZEND_ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); zval *object; zval *property = NULL; - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -14795,9 +15804,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (* have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -14834,17 +15843,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (* Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -14859,66 +15868,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(int (* if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_VAR_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; zval *dim = NULL; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: value = NULL; - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -14931,15 +15945,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_UNUSED(int (*bina } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; ZEND_VM_NEXT_OPCODE(); } @@ -15000,104 +16019,103 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = NULL; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = NULL; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = NULL; zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_UNUSED == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_R TSRMLS_CC); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { @@ -15107,7 +16125,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HA if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -15119,27 +16137,41 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HA zval *dim = NULL; zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -15147,22 +16179,24 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HA } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -15186,7 +16220,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(Z } else { function_name = NULL; - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -15200,7 +16234,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(Z } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_UNUSED == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -15209,11 +16243,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(Z } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -15245,47 +16279,32 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_UNUSED_HANDLER(Z } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=NULL; - ulong hval; - long index; -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -15296,7 +16315,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OP Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_UNUSED != IS_UNUSED) { + + zval *offset = NULL; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -15305,7 +16330,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_UNUSED_HANDLER(ZEND_OP case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_UNUSED == IS_CONST) { @@ -15318,10 +16343,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -15331,19 +16356,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_VAR == IS_UNUSED) { @@ -15357,277 +16383,311 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_UNUSED_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_ADD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -15645,9 +16705,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (*bina have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -15684,17 +16744,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (*bina Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -15709,66 +16769,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CV(int (*bina if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_VAR_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *dim = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -15781,15 +16846,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_VAR_CV(int (*binary_o } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); } - if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; ZEND_VM_NEXT_OPCODE(); } @@ -15850,29 +16920,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15900,7 +16976,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t in if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -15920,8 +16996,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t in } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -15932,6 +17008,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_VAR_CV(incdec_t in } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15947,26 +17024,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -15982,7 +17065,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t i have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -15995,7 +17078,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t i zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -16005,12 +17088,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t i } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -16018,7 +17100,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t i zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -16028,6 +17110,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_VAR_CV(incdec_t i } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -16043,195 +17126,194 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_VAR != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_RW TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; - if (IS_VAR == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_IS TSRMLS_CC); if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_W TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_CV == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_UNSET TSRMLS_CC); - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *container = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *container; - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { @@ -16242,7 +17324,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(int } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -16251,8 +17333,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(int FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -16263,21 +17345,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_VAR_CV(int } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_VAR == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -16286,47 +17372,50 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDL if (0) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !container) { + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -16335,37 +17424,84 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HAND } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_VAR_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + zend_free_op free_op1; + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + + } + } + + if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -16374,27 +17510,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_VAR_CV_HANDLER(ZEND_OPCOD } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_VAR_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_VAR_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_res; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_VAR == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -16404,7 +17540,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_H if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_VAR == IS_VAR && !container) { + if (IS_VAR == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -16413,13 +17549,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_H } else { } - if (IS_VAR == IS_VAR && (free_op1.var != NULL) && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_VAR == IS_VAR && (free_op1.var != NULL) && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; @@ -16429,24 +17560,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_H } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *property_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + property_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_VAR == IS_VAR && !object_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -16454,28 +17589,31 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op1; - zval **object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **object_ptr; - if (IS_VAR == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + + if (IS_VAR == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { - zval *property_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *property_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -16484,30 +17622,44 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE } else { zend_free_op free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *dim = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_CV, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CV, BP_VAR_W TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -16515,34 +17667,53 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *value = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval *value; + zval **variable_ptr_ptr; + + SAVE_OPLINE(); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (IS_VAR == IS_VAR && !variable_ptr_ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CV TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_VAR == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (0) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC); + if (0) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } @@ -16550,15 +17721,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_AR /* zend_assign_to_variable() always takes care of op2, never free it! */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; zval **variable_ptr_ptr; - zval **value_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op2.var, BP_VAR_W TSRMLS_CC); + zval **value_ptr_ptr; + + SAVE_OPLINE(); + value_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_CV == IS_VAR && value_ptr_ptr && @@ -16571,19 +17746,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } return ZEND_ASSIGN_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { PZVAL_LOCK(*value_ptr_ptr); } - if (IS_VAR == IS_VAR && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + if (IS_VAR == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - if ((IS_CV == IS_VAR && !value_ptr_ptr) || - (IS_VAR == IS_VAR && !variable_ptr_ptr)) { + variable_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if ((IS_CV == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || + (IS_VAR == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); @@ -16593,44 +17768,48 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *variable_ptr_ptr); PZVAL_LOCK(*variable_ptr_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op1; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CV != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + EX(object) = _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -16655,21 +17834,23 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_ if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; zend_class_entry *ce; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); if (IS_VAR == IS_CONST) { /* no function found. try a static method in class */ ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv)); } EX(called_scope) = ce; @@ -16691,9 +17872,9 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_ function_name_strval = Z_STRVAL_P(opline->op2.zv); function_name_strlen = Z_STRLEN_P(opline->op2.zv); } else { - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - if (Z_TYPE_P(function_name) != IS_STRING) { + if (UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Function name must be a string"); } else { function_name_strval = Z_STRVAL_P(function_name); @@ -16707,7 +17888,7 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_ } else { EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); } - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval); } } @@ -16716,11 +17897,11 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_ } } else { - if(!ce->constructor) { + if (UNEXPECTED(ce->constructor == NULL)) { zend_error_noreturn(E_ERROR, "Cannot call constructor"); } if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) { - zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name); + zend_error_noreturn(E_ERROR, "Cannot call private %s::__construct()", ce->name); } EX(fbc) = ce->constructor; } @@ -16752,15 +17933,17 @@ static int ZEND_FASTCALL ZEND_INIT_STATIC_METHOD_CALL_SPEC_VAR_CV_HANDLER(ZEND_ } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op1; + SAVE_OPLINE(); if (IS_VAR==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -16770,8 +17953,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (switch_expr_is_overloaded) { /* We only free op1 if this is a string offset, @@ -16783,47 +17966,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=_get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_VAR == IS_VAR || IS_VAR == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -16834,7 +18002,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CV != IS_UNUSED) { + + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -16843,7 +18017,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_VAR_CV_HANDLER(ZEND_OPCODE case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CV == IS_CONST) { @@ -16856,10 +18030,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -16869,19 +18043,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_VAR == IS_VAR || IS_VAR == IS_CV) && opline->extended_value) { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } else { if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_VAR == IS_UNUSED) { @@ -16895,13 +18070,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -16935,24 +18114,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_CV == IS_CV || IS_CV == IS_VAR) { zval_ptr_dtor(&offset); @@ -16969,7 +18134,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -16994,15 +18159,20 @@ num_index_dim: } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_VAR != IS_VAR || container) { if (IS_VAR == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -17030,22 +18200,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_VAR_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC); + if (IS_VAR != IS_VAR || container) { - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -17136,7 +18310,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -17159,15 +18333,15 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } if (free_op1.var) {zval_ptr_dtor(&free_op1.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17183,23 +18357,26 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_VAR_CV_HANDLER(ZEND_O static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *obj = _get_obj_zval_ptr_unused(TSRMLS_C); + zval *obj; zend_class_entry *ce; zend_function *clone; zend_object_clone_obj_t clone_call; + SAVE_OPLINE(); + obj = _get_obj_zval_ptr_unused(TSRMLS_C); + if (IS_UNUSED == IS_CONST || - (IS_UNUSED == IS_VAR && !obj) || - Z_TYPE_P(obj) != IS_OBJECT) { + (IS_UNUSED == IS_VAR && UNEXPECTED(obj == NULL)) || + UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "__clone method called on non-object"); } ce = Z_OBJCE_P(obj); clone = ce ? ce->clone : NULL; clone_call = Z_OBJ_HT_P(obj)->clone_obj; - if (!clone_call) { + if (UNEXPECTED(clone_call == NULL)) { if (ce) { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); } else { @@ -17211,37 +18388,43 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARG if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (ce != EG(scope)) { + if (UNEXPECTED(ce != EG(scope))) { zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (!zend_check_protected(clone->common.scope, EG(scope))) { + if (UNEXPECTED(!zend_check_protected(clone->common.scope, EG(scope)))) { zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!EG(exception)) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - Z_OBJVAL_P(EX_T(opline->result.var).var.ptr) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_OBJECT; - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - Z_SET_ISREF_P(EX_T(opline->result.var).var.ptr); - if (!RETURN_VALUE_USED(opline) || EG(exception)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (EXPECTED(EG(exception) == NULL)) { + zval *retval; + + ALLOC_ZVAL(retval); + Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); + Z_TYPE_P(retval) = IS_OBJECT; + Z_SET_REFCOUNT_P(retval, 1); + Z_SET_ISREF_P(retval); + if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor(&retval); + } else { + AI_SET_PTR(&EX_T(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXIT_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { #if 0 || (IS_UNUSED != IS_UNUSED) - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (IS_UNUSED != IS_UNUSED) { zval *ptr = NULL; @@ -17255,38 +18438,36 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS } #endif zend_bailout(); - ZEND_VM_NEXT_OPCODE(); + ZEND_VM_NEXT_OPCODE(); /* Never reached */ } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op_data1; zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); zval *object; zval *property = opline->op2.zv; - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -17304,9 +18485,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -17343,17 +18524,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -17367,17 +18548,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(int } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -17385,21 +18568,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*bi case ZEND_ASSIGN_DIM: { zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_UNUSED == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; zval *dim = opline->op2.zv; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; @@ -17410,23 +18591,28 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*bi break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -17439,15 +18625,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CONST(int (*bi } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -17508,29 +18699,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCO static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = opline->op2.zv; - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = opline->op2.zv; + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17558,7 +18755,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incde if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -17578,8 +18775,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incde } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -17590,6 +18787,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CONST(incde } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17605,26 +18803,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = opline->op2.zv; - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = opline->op2.zv; + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17640,7 +18844,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -17653,7 +18857,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -17663,12 +18867,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -17676,7 +18879,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -17686,6 +18889,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CONST(incd } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -17699,21 +18903,24 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCOD return zend_post_incdec_property_helper_SPEC_UNUSED_CONST(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_obj_zval_ptr_unused(TSRMLS_C); + zval *container; - zval *offset = opline->op2.zv; + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = opline->op2.zv; + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { @@ -17724,7 +18931,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CON } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -17733,8 +18940,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CON FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -17744,21 +18951,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CON } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = opline->op2.zv; + zval *property; zval **container; + SAVE_OPLINE(); + property = opline->op2.zv; + if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -17768,45 +18979,48 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE MAKE_REAL_ZVAL_PTR(property); } container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = opline->op2.zv; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -17815,37 +19029,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCOD } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = opline->op2.zv; + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; - zval *property = opline->op2.zv; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -17854,27 +19114,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CONST_HANDLER(ZEND } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_res; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property = opline->op2.zv; + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = opline->op2.zv; if (IS_UNUSED == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -17884,7 +19144,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OP if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -17893,13 +19153,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OP } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -17908,24 +19163,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CONST_HANDLER(ZEND_OP } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property_name = opline->op2.zv; + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property_name = opline->op2.zv; if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -17933,15 +19192,18 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_ } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_char_to_string */ Z_STRVAL_P(str) = NULL; @@ -17954,14 +19216,17 @@ static int ZEND_FASTCALL ZEND_ADD_CHAR_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HA add_char_to_string(str, str, opline->op2.zv); /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -17974,22 +19239,25 @@ static int ZEND_FASTCALL ZEND_ADD_STRING_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_ add_string_to_string(str, str, opline->op2.zv); /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + /*CHECK_EXCEPTION();*/ ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); function_name = opline->op2.zv; - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CONST != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } @@ -17998,14 +19266,15 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_O EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -18029,13 +19298,15 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CONST_HANDLER(ZEND_O } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); if (IS_UNUSED == IS_UNUSED) { /* namespaced constant */ if (!zend_get_constant_ex(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), &EX_T(opline->result.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) { @@ -18050,10 +19321,10 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPC zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual); ZVAL_STRINGL(&EX_T(opline->result.var).tmp_var, actual, Z_STRLEN_P(opline->op2.zv)-(actual - Z_STRVAL_P(opline->op2.zv)), 1); } else { - zend_error_noreturn(E_ERROR, "Undefined constant '%s'", - Z_STRVAL_P(opline->op2.zv), Z_STRVAL_P(opline->op2.zv)); + zend_error_noreturn(E_ERROR, "Undefined constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { /* class constant */ @@ -18063,14 +19334,14 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPC if (IS_UNUSED == IS_CONST) { ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC); - if (!ce) { + if (UNEXPECTED(ce == NULL)) { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } } else { ce = EX_T(opline->op1.var).class_entry; } - if (zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS) { + if (EXPECTED(zend_hash_quick_find(&ce->constants_table, Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv)+1, Z_HASH_P(opline->op2.zv), (void **) &value) == SUCCESS)) { if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY || (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { zend_class_entry *old_scope = EG(scope); @@ -18079,19 +19350,20 @@ static int ZEND_FASTCALL ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER(ZEND_OPC zval_update_constant(value, (void *) 1 TSRMLS_CC); EG(scope) = old_scope; } - EX_T(opline->result.var).tmp_var = **value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, *value); zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } else { zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_UNUSED == IS_UNUSED) { @@ -18105,13 +19377,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = opline->op2.zv; + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = opline->op2.zv; + if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -18145,24 +19421,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { zval_ptr_dtor(&offset); @@ -18179,7 +19441,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -18203,15 +19465,20 @@ num_index_dim: } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **container; + zval *offset; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = opline->op2.zv; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = opline->op2.zv; if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -18238,19 +19505,23 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_H } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_VAR || container) { zval *offset = opline->op2.zv; @@ -18344,7 +19615,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -18367,13 +19638,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18389,33 +19660,31 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CONST_HANDLER( static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2, free_op_data1; zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); zval_dtor(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -18433,9 +19702,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (* have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -18472,17 +19741,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (* Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -18496,17 +19765,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(int (* } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -18514,48 +19785,51 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (*bina case ZEND_ASSIGN_DIM: { zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_UNUSED == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_UNUSED_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + value = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); var_ptr = NULL; /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } zval_dtor(free_op2.var); + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -18568,16 +19842,21 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_TMP(int (*bina } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } zval_dtor(free_op2.var); if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -18638,29 +19917,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); zval_dtor(free_op2.var); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18688,7 +19973,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_ if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -18708,8 +19993,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_ } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -18720,6 +20005,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_TMP(incdec_ zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18735,26 +20021,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); zval_dtor(free_op2.var); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18770,7 +20062,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -18783,7 +20075,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -18793,12 +20085,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -18806,7 +20097,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -18816,6 +20107,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_TMP(incdec zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -18829,21 +20121,24 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_ return zend_post_incdec_property_helper_SPEC_UNUSED_TMP(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_obj_zval_ptr_unused(TSRMLS_C); + zval *container; zend_free_op free_op2; - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } zval_dtor(free_op2.var); } else { @@ -18854,7 +20149,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -18863,8 +20158,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (1) { @@ -18874,21 +20169,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -18898,45 +20197,48 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_H MAKE_REAL_ZVAL_PTR(property); } container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (1) { zval_ptr_dtor(&property); } else { zval_dtor(free_op2.var); } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -18945,37 +20247,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_ } else { zval_dtor(free_op2.var); } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + zval_dtor(free_op2.var); + } else { + zval *retval; + + if (1) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (1) { + zval_ptr_dtor(&offset); + } else { + zval_dtor(free_op2.var); + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -18984,27 +20332,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_TMP_HANDLER(ZEND_O } else { zval_dtor(free_op2.var); } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_UNUSED == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -19014,7 +20362,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCO if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -19023,13 +20371,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCO } else { zval_dtor(free_op2.var); } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -19038,24 +20381,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCO } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (1) { zval_ptr_dtor(&property_name); } else { @@ -19063,19 +20410,23 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HA } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -19105,22 +20456,25 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDL */ zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_TMP_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } @@ -19129,14 +20483,15 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPC EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -19161,12 +20516,13 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_TMP_HANDLER(ZEND_OPC zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_UNUSED == IS_UNUSED) { @@ -19180,13 +20536,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -19220,24 +20580,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { zval_ptr_dtor(&offset); @@ -19254,7 +20600,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (1) { @@ -19278,15 +20624,20 @@ num_index_dim: zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -19313,22 +20664,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HAN zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_VAR || container) { zend_free_op free_op2; - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -19419,7 +20774,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -19442,13 +20797,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19464,33 +20819,31 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_TMP_HANDLER(ZE static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2, free_op_data1; zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -19508,9 +20861,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (* have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -19547,17 +20900,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (* Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -19571,17 +20924,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(int (* } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -19589,48 +20944,51 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (*bina case ZEND_ASSIGN_DIM: { zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_UNUSED == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_UNUSED_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + value = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); var_ptr = NULL; /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -19643,16 +21001,21 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_VAR(int (*bina } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -19713,29 +21076,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19763,7 +21132,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_ if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -19783,8 +21152,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_ } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -19795,6 +21164,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_VAR(incdec_ if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19810,26 +21180,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19845,7 +21221,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -19858,7 +21234,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -19868,12 +21244,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -19881,7 +21256,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -19891,6 +21266,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_VAR(incdec if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -19904,21 +21280,24 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_ return zend_post_incdec_property_helper_SPEC_UNUSED_VAR(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_obj_zval_ptr_unused(TSRMLS_C); + zval *container; zend_free_op free_op2; - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { @@ -19929,7 +21308,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -19938,8 +21317,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -19949,21 +21328,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -19973,45 +21356,48 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_H MAKE_REAL_ZVAL_PTR(property); } container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -20020,37 +21406,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_ } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -20059,27 +21491,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_VAR_HANDLER(ZEND_O } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_UNUSED == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -20089,7 +21521,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCO if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -20098,13 +21530,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCO } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -20113,24 +21540,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCO } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -20138,19 +21569,23 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HA } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -20180,22 +21615,25 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDL */ if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } @@ -20204,14 +21642,15 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPC EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -20236,12 +21675,13 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_VAR_HANDLER(ZEND_OPC if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_UNUSED == IS_UNUSED) { @@ -20255,13 +21695,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -20295,24 +21739,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { zval_ptr_dtor(&offset); @@ -20329,7 +21759,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -20353,15 +21783,20 @@ num_index_dim: if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -20388,22 +21823,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HAN if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_VAR || container) { zend_free_op free_op2; - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -20494,7 +21933,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -20517,13 +21956,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -20539,33 +21978,31 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_VAR_HANDLER(ZE static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op_data1; zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); zval *object; zval *property = NULL; - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -20583,9 +22020,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -20622,17 +22059,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -20646,17 +22083,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(int } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -20664,21 +22103,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*b case ZEND_ASSIGN_DIM: { zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_UNUSED == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_UNUSED_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; zval *dim = NULL; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; @@ -20689,23 +22126,28 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*b break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -20718,15 +22160,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_UNUSED(int (*b } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -20787,7 +22234,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPC static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_UNUSED == IS_UNUSED) { @@ -20801,33 +22248,31 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_UNUSED_HANDLER(ZEND_OPCODE static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op_data1; zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -20845,9 +22290,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*b have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -20884,17 +22329,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*b Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -20908,17 +22353,19 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(int (*b } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -20926,48 +22373,51 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (*binar case ZEND_ASSIGN_DIM: { zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_UNUSED == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_UNUSED_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *dim = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); var_ptr = NULL; /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -20980,15 +22430,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_UNUSED_CV(int (*binar } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -21049,29 +22504,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21099,7 +22560,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -21119,8 +22580,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -21131,6 +22592,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_UNUSED_CV(incdec_t } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21146,26 +22608,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_UNUSED == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21181,7 +22649,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -21194,7 +22662,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -21204,12 +22672,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -21217,7 +22684,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -21227,6 +22694,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_UNUSED_CV(incdec_ } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21240,21 +22708,24 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_H return zend_post_incdec_property_helper_SPEC_UNUSED_CV(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_obj_zval_ptr_unused(TSRMLS_C); + zval *container; - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { @@ -21265,7 +22736,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV( } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -21274,8 +22745,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV( FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -21285,21 +22756,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_UNUSED_CV( } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_UNUSED == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -21309,45 +22784,48 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HA MAKE_REAL_ZVAL_PTR(property); } container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -21356,37 +22834,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_H } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -21395,27 +22919,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_UNUSED_CV_HANDLER(ZEND_OP } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_UNUSED_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_res; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_UNUSED == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -21425,7 +22949,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCOD if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_UNUSED == IS_VAR && !container) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -21434,13 +22958,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCOD } else { } - if (IS_UNUSED == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_UNUSED == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -21449,24 +22968,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_UNUSED_CV_HANDLER(ZEND_OPCOD } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE - zval **object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *property_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + property_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_UNUSED == IS_VAR && !object_ptr) { + if (IS_UNUSED == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -21474,19 +22997,23 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HAN } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *str = &EX_T(opline->result.var).tmp_var; - zval *var = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *var; zval var_copy; int use_copy = 0; + SAVE_OPLINE(); + var = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_UNUSED == IS_UNUSED) { /* Initialize for erealloc in add_string_to_string */ Z_STRVAL_P(str) = NULL; @@ -21515,22 +23042,25 @@ static int ZEND_FASTCALL ZEND_ADD_VAR_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLE * string offsets or overloaded objects */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CV != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } @@ -21539,14 +23069,15 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCO EX(object) = _get_obj_zval_ptr_unused(TSRMLS_C); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -21570,12 +23101,13 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_UNUSED_CV_HANDLER(ZEND_OPCO } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_UNUSED == IS_UNUSED) { @@ -21589,13 +23121,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -21629,24 +23165,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_CV == IS_CV || IS_CV == IS_VAR) { zval_ptr_dtor(&offset); @@ -21663,7 +23185,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -21687,15 +23209,20 @@ num_index_dim: } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **container; + zval *offset; - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_UNUSED != IS_VAR || container) { if (IS_UNUSED == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -21722,22 +23249,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HAND } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_UNUSED_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_obj_zval_ptr_ptr_unused(TSRMLS_C); + if (IS_UNUSED != IS_VAR || container) { - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -21828,7 +23359,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -21851,13 +23382,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -21873,47 +23404,56 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_UNUSED_CV_HANDLER(ZEN static int ZEND_FASTCALL ZEND_BW_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_NOT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); boolean_not_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **var_ptr; - zval **var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !var_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -21926,34 +23466,40 @@ static int ZEND_FASTCALL ZEND_PRE_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **var_ptr; - zval **var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !var_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -21966,36 +23512,43 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_POST_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **var_ptr, *retval; - zval **var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !var_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).tmp_var = *EG(uninitialized_zval_ptr); + ZVAL_NULL(&EX_T(opline->result.var).tmp_var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - EX_T(opline->result.var).tmp_var = **var_ptr; - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + retval = &EX_T(opline->result.var).tmp_var; + ZVAL_COPY_VALUE(retval, *var_ptr); + zendi_zval_copy_ctor(*retval); SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -22007,32 +23560,39 @@ static int ZEND_FASTCALL ZEND_POST_INC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS increment_function(*var_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **var_ptr, *retval; - if (IS_CV == IS_VAR && !var_ptr) { + SAVE_OPLINE(); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } - if (IS_CV == IS_VAR && *var_ptr == EG(error_zval_ptr)) { + if (IS_CV == IS_VAR && UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).tmp_var = *EG(uninitialized_zval_ptr); + ZVAL_NULL(&EX_T(opline->result.var).tmp_var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - EX_T(opline->result.var).tmp_var = **var_ptr; - zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); + retval = &EX_T(opline->result.var).tmp_var; + ZVAL_COPY_VALUE(retval, *var_ptr); + zendi_zval_copy_ctor(*retval); SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -22044,18 +23604,23 @@ static int ZEND_FASTCALL ZEND_POST_DEC_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS decrement_function(*var_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval z_copy; - zval *z = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *z; + + SAVE_OPLINE(); + z = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (IS_CV != IS_CONST && - Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get_method != NULL && + UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && + Z_OBJ_HT_P(z)->get_method != NULL && zend_std_cast_object_tostring(z, &z_copy, IS_STRING TSRMLS_CC) == SUCCESS) { zend_print_variable(&z_copy); zval_dtor(&z_copy); @@ -22063,31 +23628,33 @@ static int ZEND_FASTCALL ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_print_variable(z); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_PRINT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_LONG; + USE_OPLINE + ZVAL_LONG(&EX_T(opline->result.var).tmp_var, 1); return ZEND_ECHO_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV(int type, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *varname = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *varname; zval **retval; zval tmp_varname; HashTable *target_symbol_table; ulong hash_value; - if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp_varname = *varname; + SAVE_OPLINE(); + varname = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV != IS_CONST && UNEXPECTED(Z_TYPE_P(varname) != IS_STRING)) { + ZVAL_COPY_VALUE(&tmp_varname, varname); zval_copy_ctor(&tmp_varname); convert_to_string(&tmp_varname); varname = &tmp_varname; @@ -22100,6 +23667,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV(int type, ZEND_OP target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); /* if (!target_symbol_table) { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } */ @@ -22123,12 +23691,9 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV(int type, ZEND_OP case BP_VAR_RW: zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname)); /* break missing intentionally */ - case BP_VAR_W: { - zval *new_zval = &EG(uninitialized_zval); - - Z_ADDREF_P(new_zval); - zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &new_zval, sizeof(zval *), (void **) &retval); - } + case BP_VAR_W: + Z_ADDREF_P(&EG(uninitialized_zval)); + zend_hash_quick_update(target_symbol_table, Z_STRVAL_P(varname), Z_STRLEN_P(varname)+1, hash_value, &EG(uninitialized_zval_ptr), sizeof(zval *), (void **) &retval); break; EMPTY_SWITCH_DEFAULT_CASE() } @@ -22155,7 +23720,7 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV(int type, ZEND_OP if (IS_CV != IS_CONST && varname == &tmp_varname) { - zval_dtor(varname); + zval_dtor(&tmp_varname); } if (RETURN_VALUE_USED(opline)) { if (opline->extended_value & ZEND_FETCH_MAKE_REF) { @@ -22165,25 +23730,25 @@ static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CV(int type, ZEND_OP switch (type) { case BP_VAR_R: case BP_VAR_IS: - AI_SET_PTR(EX_T(opline->result.var).var, *retval); + AI_SET_PTR(&EX_T(opline->result.var), *retval); break; case BP_VAR_UNSET: { zend_free_op free_res; - EX_T(opline->result.var).var.ptr_ptr = retval; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval, &free_res); + if (retval != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval); FREE_OP_VAR_PTR(free_res); - break; + } + /* break missing intentionally */ default: EX_T(opline->result.var).var.ptr_ptr = retval; break; - } } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -22204,7 +23769,9 @@ static int ZEND_FASTCALL ZEND_FETCH_RW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_FETCH_FUNC_ARG_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_var_address_helper_SPEC_CV(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (EX(opline)->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + return zend_fetch_var_address_helper_SPEC_CV(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_UNSET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) @@ -22219,18 +23786,21 @@ static int ZEND_FASTCALL ZEND_FETCH_IS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *val; int ret; - if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (!ret) { @@ -22246,18 +23816,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *val; int ret; - if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { ret = Z_LVAL_P(val); } else { ret = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (ret) { @@ -22273,18 +23846,21 @@ static int ZEND_FASTCALL ZEND_JMPNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *val; int retval; - if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } if (EXPECTED(retval != 0)) { @@ -22304,18 +23880,21 @@ static int ZEND_FASTCALL ZEND_JMPZNZ_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *val; int retval; - if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -22332,18 +23911,21 @@ static int ZEND_FASTCALL ZEND_JMPZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *val = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *val; int retval; - if (IS_CV == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) { + SAVE_OPLINE(); + val = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_TMP_VAR && EXPECTED(Z_TYPE_P(val) == IS_BOOL)) { retval = Z_LVAL_P(val); } else { retval = i_zend_is_true(val); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_CONTINUE(); + HANDLE_EXCEPTION(); } } Z_LVAL(EX_T(opline->result.var).tmp_var) = retval; @@ -22360,12 +23942,13 @@ static int ZEND_FASTCALL ZEND_JMPNZ_EX_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS static int ZEND_FASTCALL ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *retval_ptr; zval **retval_ptr_ptr; - if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) { + SAVE_OPLINE(); + if (UNEXPECTED(EG(active_op_array)->return_reference == ZEND_RETURN_REF)) { if (IS_CV == IS_CONST || IS_CV == IS_TMP_VAR) { /* Not supposed to happen, but we'll allow it */ @@ -22373,9 +23956,9 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) goto return_by_value; } - retval_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + retval_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !retval_ptr_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(retval_ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference"); } @@ -22397,10 +23980,12 @@ static int ZEND_FASTCALL ZEND_RETURN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr); } + + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { return_by_value: - retval_ptr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + retval_ptr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (!EG(return_value_ptr_ptr)) { if (IS_CV == IS_TMP_VAR) { @@ -22427,21 +24012,22 @@ return_by_value: INIT_PZVAL_COPY(ret, retval_ptr); *EG(return_value_ptr_ptr) = ret; } - } - return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } } static int ZEND_FASTCALL ZEND_THROW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *value; zval *exception; - value = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + SAVE_OPLINE(); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) { + if (IS_CV == IS_CONST || UNEXPECTED(Z_TYPE_P(value) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "Can only throw objects"); } zend_exception_save(TSRMLS_C); @@ -22455,12 +24041,14 @@ static int ZEND_FASTCALL ZEND_THROW_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_throw_exception_object(exception TSRMLS_CC); zend_exception_restore(TSRMLS_C); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (opline->extended_value==ZEND_DO_FCALL_BY_NAME && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.opline_num); @@ -22470,7 +24058,7 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS zval *value; - value = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); ALLOC_ZVAL(valptr); INIT_PZVAL_COPY(valptr, value); @@ -22480,15 +24068,16 @@ static int ZEND_FASTCALL ZEND_SEND_VAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_vm_stack_push(valptr TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *varptr; - varptr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + varptr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (varptr == &EG(uninitialized_zval)) { ALLOC_ZVAL(varptr); @@ -22498,7 +24087,7 @@ static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARG zval *original_var = varptr; ALLOC_ZVAL(varptr); - *varptr = *original_var; + ZVAL_COPY_VALUE(varptr, original_var); Z_UNSET_ISREF_P(varptr); Z_SET_REFCOUNT_P(varptr, 0); zval_copy_ctor(varptr); @@ -22507,15 +24096,17 @@ static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARG zend_vm_stack_push(varptr TSRMLS_CC); ; /* for string offsets */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; zval *varptr; + SAVE_OPLINE(); if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */ if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) { return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); @@ -22531,7 +24122,7 @@ static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL varptr = EX_T(opline->op1.var).var.ptr; PZVAL_UNLOCK_EX(varptr, &free_op1, 0); } else { - varptr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + varptr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); } if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) || EX_T(opline->op1.var).var.fcall_returned_reference) && @@ -22557,75 +24148,85 @@ static int ZEND_FASTCALL ZEND_SEND_VAR_NO_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL zend_vm_stack_push(valptr TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval **varptr_ptr; zval *varptr; - varptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !varptr_ptr) { + SAVE_OPLINE(); + varptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(varptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Only variables can be passed by reference"); } - if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { - return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); - } + if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION && !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { + return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr); varptr = *varptr_ptr; Z_ADDREF_P(varptr); zend_vm_stack_push(varptr TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SEND_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME) && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.opline_num)) { return ZEND_SEND_REF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } + SAVE_OPLINE(); return zend_send_by_var_helper_SPEC_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_BOOL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + zval *retval = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ - Z_LVAL(EX_T(opline->result.var).tmp_var) = i_zend_is_true(_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC)); - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; + ZVAL_BOOL(retval, i_zend_is_true(_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC))); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *obj = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *obj; zend_class_entry *ce; zend_function *clone; zend_object_clone_obj_t clone_call; + SAVE_OPLINE(); + obj = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_CONST || - (IS_CV == IS_VAR && !obj) || - Z_TYPE_P(obj) != IS_OBJECT) { + (IS_CV == IS_VAR && UNEXPECTED(obj == NULL)) || + UNEXPECTED(Z_TYPE_P(obj) != IS_OBJECT)) { zend_error_noreturn(E_ERROR, "__clone method called on non-object"); } ce = Z_OBJCE_P(obj); clone = ce ? ce->clone : NULL; clone_call = Z_OBJ_HT_P(obj)->clone_obj; - if (!clone_call) { + if (UNEXPECTED(clone_call == NULL)) { if (ce) { zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); } else { @@ -22637,42 +24238,49 @@ static int ZEND_FASTCALL ZEND_CLONE_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (ce != EG(scope)) { + if (UNEXPECTED(ce != EG(scope))) { zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { /* Ensure that if we're calling a protected function, we're allowed to do so. */ - if (!zend_check_protected(clone->common.scope, EG(scope))) { + if (UNEXPECTED(!zend_check_protected(clone->common.scope, EG(scope)))) { zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); } } } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (!EG(exception)) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - Z_OBJVAL_P(EX_T(opline->result.var).var.ptr) = clone_call(obj TSRMLS_CC); - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_OBJECT; - Z_SET_REFCOUNT_P(EX_T(opline->result.var).var.ptr, 1); - Z_SET_ISREF_P(EX_T(opline->result.var).var.ptr); - if (!RETURN_VALUE_USED(opline) || EG(exception)) { - zval_ptr_dtor(&EX_T(opline->result.var).var.ptr); + if (EXPECTED(EG(exception) == NULL)) { + zval *retval; + + ALLOC_ZVAL(retval); + Z_OBJVAL_P(retval) = clone_call(obj TSRMLS_CC); + Z_TYPE_P(retval) = IS_OBJECT; + Z_SET_REFCOUNT_P(retval, 1); + Z_SET_ISREF_P(retval); + if (!RETURN_VALUE_USED(opline) || UNEXPECTED(EG(exception) != NULL)) { + zval_ptr_dtor(&retval); + } else { + AI_SET_PTR(&EX_T(opline->result.var), retval); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CAST_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *expr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *expr; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); + expr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (opline->extended_value != IS_STRING) { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!0) { zendi_zval_copy_ctor(*result); } @@ -22696,12 +24304,12 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) zend_make_printable_zval(expr, &var_copy, &use_copy); if (use_copy) { - *result = var_copy; + ZVAL_COPY_VALUE(result, &var_copy); if (0) { } } else { - *result = *expr; + ZVAL_COPY_VALUE(result, expr); if (!0) { zendi_zval_copy_ctor(*result); } @@ -22716,28 +24324,29 @@ static int ZEND_FASTCALL ZEND_CAST_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) break; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_op_array *new_op_array=NULL; - int return_value_used; - zval *inc_filename = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *inc_filename; zval tmp_inc_filename; zend_bool failure_retval=0; + SAVE_OPLINE(); + inc_filename = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (inc_filename->type!=IS_STRING) { - tmp_inc_filename = *inc_filename; + ZVAL_COPY_VALUE(&tmp_inc_filename, inc_filename); zval_copy_ctor(&tmp_inc_filename); convert_to_string(&tmp_inc_filename); inc_filename = &tmp_inc_filename; } - return_value_used = RETURN_VALUE_USED(opline); - switch (opline->extended_value) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -22795,12 +24404,18 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL zval_dtor(&tmp_inc_filename); } - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - if (new_op_array && !EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { + HANDLE_EXCEPTION(); + } else if (EXPECTED(new_op_array != NULL)) { EX(original_return_value) = EG(return_value_ptr_ptr); - EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.var).var.ptr_ptr : NULL; EG(active_op_array) = new_op_array; - EX_T(opline->result.var).var.ptr = NULL; + if (RETURN_VALUE_USED(opline)) { + EX_T(opline->result.var).var.ptr = NULL; + EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; + EG(return_value_ptr_ptr) = EX_T(opline->result.var).var.ptr_ptr; + } else { + EG(return_value_ptr_ptr) = NULL; + } EX(current_object) = EX(object); @@ -22811,8 +24426,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL zend_rebuild_symbol_table(TSRMLS_C); } - if (zend_execute == execute) { - EX(call_opline) = opline; + if (EXPECTED(zend_execute == execute)) { ZEND_VM_ENTER(); } else { zend_execute(new_op_array TSRMLS_CC); @@ -22821,75 +24435,62 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL EX(function_state).function = (zend_function *) EX(op_array); EX(object) = EX(current_object); - if (return_value_used) { - if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = 1; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } - } - EG(opline_ptr) = &EX(opline); EG(active_op_array) = EX(op_array); EG(return_value_ptr_ptr) = EX(original_return_value); destroy_op_array(new_op_array TSRMLS_CC); efree(new_op_array); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { zend_throw_exception_internal(NULL TSRMLS_CC); + HANDLE_EXCEPTION(); + } else if (RETURN_VALUE_USED(opline)) { + if (!EX_T(opline->result.var).var.ptr) { /* there was no return statement */ + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, 1); + INIT_PZVAL(retval); + EX_T(opline->result.var).var.ptr = retval; + } } - } else { - if (return_value_used) { - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_ZVAL(*EX_T(opline->result.var).var.ptr); - Z_LVAL_P(EX_T(opline->result.var).var.ptr) = failure_retval; - Z_TYPE_P(EX_T(opline->result.var).var.ptr) = IS_BOOL; - } + + } else if (RETURN_VALUE_USED(opline)) { + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_BOOL(retval, failure_retval); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval tmp, *varname; HashTable *target_symbol_table; + SAVE_OPLINE(); if (IS_CV == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { if (EG(active_symbol_table)) { - zend_execute_data *ex = EX(prev_execute_data); zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); - if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) { - while (ex && ex->symbol_table == EG(active_symbol_table)) { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == cv->hash_value && - ex->op_array->vars[i].name_len == cv->name_len && - !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } - } - EX(CVs)[opline->op1.var] = NULL; - } else if (EX(CVs)[opline->op1.var]) { - zval_ptr_dtor(EX(CVs)[opline->op1.var]); - EX(CVs)[opline->op1.var] = NULL; + zend_delete_variable(EX(prev_execute_data), EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value TSRMLS_CC); + EX_CV(opline->op1.var) = NULL; + } else if (EX_CV(opline->op1.var)) { + zval_ptr_dtor(EX_CV(opline->op1.var)); + EX_CV(opline->op1.var) = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } - varname = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + varname = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -22903,39 +24504,22 @@ static int ZEND_FASTCALL ZEND_UNSET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARG ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1); target_symbol_table = zend_get_target_symbol_table(opline->extended_value & ZEND_FETCH_TYPE_MASK TSRMLS_CC); - if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) { - zend_execute_data *ex = execute_data; - - do { - int i; - - if (ex->op_array) { - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == varname->value.str.len && - !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - ex = ex->prev_execute_data; - } while (ex && ex->symbol_table == target_symbol_table); - } + zend_delete_variable(execute_data, target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value TSRMLS_CC); } - if (varname == &tmp) { + if (IS_CV != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } else if (IS_CV == IS_VAR || IS_CV == IS_CV) { zval_ptr_dtor(&varname); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *array_ptr, **array_ptr_ptr; HashTable *fe_ht; @@ -22943,10 +24527,13 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_class_entry *ce = NULL; zend_bool is_empty = 0; + SAVE_OPLINE(); + if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { - array_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + array_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) { - ALLOC_INIT_ZVAL(array_ptr); + MAKE_STD_ZVAL(array_ptr); + ZVAL_NULL(array_ptr); } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) { zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class"); @@ -22970,7 +24557,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS Z_ADDREF_P(array_ptr); } } else { - array_ptr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + array_ptr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (0) { /* IS_TMP_VAR */ zval *tmp; @@ -23006,7 +24593,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (ce && ce->get_iterator) { iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC); - if (iter && !EG(exception)) { + if (iter && EXPECTED(EG(exception) == NULL)) { array_ptr = zend_iterator_wrap(iter TSRMLS_CC); } else { if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -23018,18 +24605,18 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name); } zend_throw_exception_internal(NULL TSRMLS_CC); - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } - AI_SET_PTR(EX_T(opline->result.var).var, array_ptr); PZVAL_LOCK(array_ptr); + AI_SET_PTR(&EX_T(opline->result.var), array_ptr); if (iter) { iter->index = 0; if (iter->funcs->rewind) { iter->funcs->rewind(iter TSRMLS_CC); - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -23037,11 +24624,11 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS } else { } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } } is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS; - if (EG(exception)) { + if (UNEXPECTED(EG(exception) != NULL)) { Z_DELREF_P(array_ptr); zval_ptr_dtor(&array_ptr); if (opline->extended_value & ZEND_FE_RESET_VARIABLE) { @@ -23049,7 +24636,7 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS } else { } - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } iter->index = -1; /* will be set to 0 before using next handler */ } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { @@ -23086,19 +24673,21 @@ static int ZEND_FASTCALL ZEND_FE_RESET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS if (is_empty) { ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.opline_num); } else { + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } } static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval **value; zend_bool isset = 1; + SAVE_OPLINE(); if (IS_CV == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) { - if (EX(CVs)[opline->op1.var]) { - value = EX(CVs)[opline->op1.var]; + if (EX_CV(opline->op1.var)) { + value = EX_CV(opline->op1.var); } else if (EG(active_symbol_table)) { zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.var); @@ -23111,10 +24700,10 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HAN } else { HashTable *target_symbol_table; - zval tmp, *varname = _get_zval_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval tmp, *varname = _get_zval_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); if (IS_CV != IS_CONST && Z_TYPE_P(varname) != IS_STRING) { - tmp = *varname; + ZVAL_COPY_VALUE(&tmp, varname); zval_copy_ctor(&tmp); convert_to_string(&tmp); varname = &tmp; @@ -23132,38 +24721,39 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HAN } } - if (varname == &tmp) { + if (IS_CV != IS_CONST && varname == &tmp) { zval_dtor(&tmp); } } - Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { - if (isset && Z_TYPE_PP(value) == IS_NULL) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + if (isset && Z_TYPE_PP(value) != IS_NULL) { + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = isset; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { if (!isset || !i_zend_is_true(*value)) { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 1; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 1); } else { - Z_LVAL(EX_T(opline->result.var).tmp_var) = 0; + ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, 0); } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_EXIT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { #if 0 || (IS_CV != IS_UNUSED) - zend_op *opline = EX(opline); + USE_OPLINE + + SAVE_OPLINE(); if (IS_CV != IS_UNUSED) { - zval *ptr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *ptr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (Z_TYPE_P(ptr) == IS_LONG) { EG(exit_status) = Z_LVAL_P(ptr); @@ -23174,17 +24764,20 @@ static int ZEND_FASTCALL ZEND_EXIT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } #endif zend_bailout(); - ZEND_VM_NEXT_OPCODE(); + ZEND_VM_NEXT_OPCODE(); /* Never reached */ } static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *value; - zval *value = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + SAVE_OPLINE(); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); if (i_zend_is_true(value)) { - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); zendi_zval_copy_ctor(EX_T(opline->result.var).tmp_var); #if DEBUG_ZEND>=2 @@ -23193,30 +24786,38 @@ static int ZEND_FASTCALL ZEND_JMP_SET_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ZEND_VM_JMP(opline->op2.jmp_addr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_QM_ASSIGN_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *value; - zval *value = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + SAVE_OPLINE(); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); - EX_T(opline->result.var).tmp_var = *value; + ZVAL_COPY_VALUE(&EX_T(opline->result.var).tmp_var, value); if (!0) { zval_copy_ctor(&EX_T(opline->result.var).tmp_var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *expr = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + zval *expr; zend_bool result; + SAVE_OPLINE(); + expr = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) { result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.var).class_entry TSRMLS_CC); } else { @@ -23224,282 +24825,317 @@ static int ZEND_FASTCALL ZEND_INSTANCEOF_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_AR } ZVAL_BOOL(&EX_T(opline->result.var).tmp_var, result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); zval *object; zval *property = opline->op2.zv; - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -23517,9 +25153,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*bi have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -23556,17 +25192,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*bi Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -23580,66 +25216,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CONST(int (*bi } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_CV == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_CV_CONST(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; zval *dim = opline->op2.zv; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: value = opline->op2.zv; - var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -23652,15 +25293,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CONST(int (*binary } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -23721,29 +25367,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_H static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = opline->op2.zv; - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = opline->op2.zv; + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23771,7 +25423,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -23791,8 +25443,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -23803,6 +25455,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CONST(incdec_t } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23818,26 +25471,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = opline->op2.zv; - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = opline->op2.zv; + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23853,7 +25512,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -23866,7 +25525,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -23876,12 +25535,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -23889,7 +25547,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -23899,6 +25557,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CONST(incdec_t } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -23914,194 +25573,193 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *dim = opline->op2.zv; zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_CV != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **container; - if (IS_CV == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_RW TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **container; - zval *dim = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_IS TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = opline->op2.zv; zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_W TSRMLS_CC); + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_CONST == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_R TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *dim = opline->op2.zv; + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CONST, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, opline->op2.zv, IS_CONST, BP_VAR_UNSET TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_zval_ptr_cv(opline->op1.var, type TSRMLS_CC); + zval *container; - zval *offset = opline->op2.zv; + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = opline->op2.zv; + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { @@ -24112,7 +25770,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(i } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -24121,8 +25779,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(i FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -24132,21 +25790,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CONST(i } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = opline->op2.zv; + zval *property; zval **container; + SAVE_OPLINE(); + property = opline->op2.zv; + if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -24155,46 +25817,49 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAN if (0) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -24203,37 +25868,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HA } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = opline->op2.zv; + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; - zval *property = opline->op2.zv; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = opline->op2.zv; + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -24242,27 +25953,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CONST_HANDLER(ZEND_OPC } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_CONST(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_res; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - zval *property = opline->op2.zv; + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + property = opline->op2.zv; if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -24272,7 +25983,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -24281,13 +25992,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -24296,24 +26002,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CONST_HANDLER(ZEND_OPCODE } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE + + zval **object_ptr; + zval *property_name; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - zval *property_name = opline->op2.zv; + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property_name = opline->op2.zv; if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -24321,18 +26031,21 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { @@ -24342,7 +26055,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_CONST == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -24354,27 +26067,41 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND zval *dim = opline->op2.zv; zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_CONST, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CONST, BP_VAR_W TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -24382,71 +26109,94 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND } /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *value; + zval **variable_ptr_ptr; - zval *value = opline->op2.zv; - zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SAVE_OPLINE(); + value = opline->op2.zv; + variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !variable_ptr_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CONST TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (0) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC); + if (0) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } /* zend_assign_to_variable() always takes care of op2, never free it! */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); function_name = opline->op2.zv; - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CONST != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + EX(object) = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CONST == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -24470,15 +26220,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER(ZEND_OPCOD } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; + SAVE_OPLINE(); if (IS_CV==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -24488,7 +26240,7 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), opline->op2.zv TSRMLS_CC); if (switch_expr_is_overloaded) { @@ -24501,47 +26253,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_AR EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=opline->op2.zv; - ulong hval; - long index; -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -24552,7 +26289,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCO Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CONST != IS_UNUSED) { + + zval *offset = opline->op2.zv; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -24561,7 +26304,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CONST_HANDLER(ZEND_OPCO case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CONST == IS_CONST) { @@ -24574,10 +26317,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -24587,19 +26330,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CV == IS_UNUSED) { @@ -24613,13 +26357,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = opline->op2.zv; + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = opline->op2.zv; + if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -24653,24 +26401,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_CONST == IS_CV || IS_CONST == IS_VAR) { zval_ptr_dtor(&offset); @@ -24687,7 +26421,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -24711,15 +26445,20 @@ num_index_dim: } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **container; + zval *offset; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = opline->op2.zv; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = opline->op2.zv; if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -24746,19 +26485,23 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDL } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CONST(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV != IS_VAR || container) { zval *offset = opline->op2.zv; @@ -24852,7 +26595,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -24875,13 +26618,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -24897,277 +26640,311 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CONST_HANDLER(ZEND static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); zval_dtor(free_op2.var); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -25185,9 +26962,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*bina have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -25224,17 +27001,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*bina Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -25248,66 +27025,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_TMP(int (*bina } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_TMP(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_CV == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_CV_TMP(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + value = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } zval_dtor(free_op2.var); + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -25320,16 +27102,21 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_TMP(int (*binary_o } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } zval_dtor(free_op2.var); if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -25390,29 +27177,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); zval_dtor(free_op2.var); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -25440,7 +27233,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t in if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -25460,8 +27253,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t in } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -25472,6 +27265,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_TMP(incdec_t in zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -25487,26 +27281,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); zval_dtor(free_op2.var); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -25522,7 +27322,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -25535,7 +27335,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -25545,12 +27345,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -25558,7 +27357,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -25568,6 +27367,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_TMP(incdec_t i zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -25583,194 +27383,193 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_CV != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container; - if (IS_CV == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_RW TSRMLS_CC); zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_IS TSRMLS_CC); zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_W TSRMLS_CC); + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_TMP_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_R TSRMLS_CC); } zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_TMP_VAR, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_TMP_VAR, BP_VAR_UNSET TSRMLS_CC); zval_dtor(free_op2.var); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_zval_ptr_cv(opline->op1.var, type TSRMLS_CC); + zval *container; zend_free_op free_op2; - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } zval_dtor(free_op2.var); } else { @@ -25781,7 +27580,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(int } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -25790,8 +27589,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(int FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (1) { @@ -25801,21 +27600,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_TMP(int } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -25824,46 +27627,49 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDL if (1) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (1) { zval_ptr_dtor(&property); } else { zval_dtor(free_op2.var); } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -25872,37 +27678,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HAND } else { zval_dtor(free_op2.var); } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + zval_dtor(free_op2.var); + } else { + zval *retval; + + if (1) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (1) { + zval_ptr_dtor(&offset); + } else { + zval_dtor(free_op2.var); + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -25911,27 +27763,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_TMP_HANDLER(ZEND_OPCOD } else { zval_dtor(free_op2.var); } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_TMP(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - zval *property = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -25941,7 +27793,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_H if (1) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -25950,13 +27802,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_H } else { zval_dtor(free_op2.var); } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -25965,24 +27812,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_H } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (1) { zval_ptr_dtor(&property_name); } else { @@ -25990,28 +27841,31 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { zend_free_op free_op2; - zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (1) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_TMP_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (1) { zval_ptr_dtor(&property_name); } else { @@ -26020,31 +27874,45 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_TMP_VAR, BP_VAR_W TSRMLS_CC); zval_dtor(free_op2.var); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -26052,71 +27920,94 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE } /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval *value = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval *value; + zval **variable_ptr_ptr; + + SAVE_OPLINE(); + value = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !variable_ptr_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_TMP_VAR TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (1) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 1 TSRMLS_CC); + if (1) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } /* zend_assign_to_variable() always takes care of op2, never free it! */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_TMP_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + EX(object) = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_TMP_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -26141,15 +28032,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_ zval_dtor(free_op2.var); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op2; + SAVE_OPLINE(); if (IS_CV==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -26159,8 +28052,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); zval_dtor(free_op2.var); if (switch_expr_is_overloaded) { @@ -26173,47 +28066,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zval *expr_ptr; - zval *offset=_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -26224,7 +28102,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_TMP_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -26233,7 +28117,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_TMP_HANDLER(ZEND_OPCODE case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_TMP_VAR == IS_CONST) { @@ -26246,10 +28130,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -26259,19 +28143,20 @@ num_index: } zval_dtor(free_op2.var); } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CV == IS_UNUSED) { @@ -26285,13 +28170,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -26325,24 +28214,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) { zval_ptr_dtor(&offset); @@ -26359,7 +28234,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (1) { @@ -26383,15 +28258,20 @@ num_index_dim: zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -26418,22 +28298,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER zval_dtor(free_op2.var); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_TMP(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV != IS_VAR || container) { zend_free_op free_op2; - zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset = _get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -26524,7 +28408,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -26547,13 +28431,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -26569,277 +28453,311 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_TMP_HANDLER(ZEND_O static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2, free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -26857,9 +28775,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*bina have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -26896,17 +28814,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*bina Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -26920,66 +28838,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_VAR(int (*bina } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2, free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_CV == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_CV_VAR(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + value = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -26992,16 +28915,21 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_VAR(int (*binary_o } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -27062,29 +28990,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -27112,7 +29046,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t in if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -27132,8 +29066,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t in } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -27144,6 +29078,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_VAR(incdec_t in if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -27159,26 +29094,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -27194,7 +29135,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -27207,7 +29148,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -27217,12 +29158,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -27230,7 +29170,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -27240,6 +29180,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_VAR(incdec_t i if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -27255,194 +29196,193 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_CV != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **container; - if (IS_CV == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_RW TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; - if (IS_CV == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_IS TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_W TSRMLS_CC); + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_VAR == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_R TSRMLS_CC); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_VAR, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC), IS_VAR, BP_VAR_UNSET TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_zval_ptr_cv(opline->op1.var, type TSRMLS_CC); + zval *container; zend_free_op free_op2; - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { @@ -27453,7 +29393,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(int } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -27462,8 +29402,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(int FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -27473,21 +29413,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_VAR(int } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -27496,85 +29440,134 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDL if (0) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); +} + +static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + zend_free_op free_op1, free_op2; + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (0) { + MAKE_REAL_ZVAL_PTR(property); + } + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { + zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); + } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); + if (0) { + zval_ptr_dtor(&property); + } else { + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - zend_op *opline = EX(opline); - zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); +static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) +{ + USE_OPLINE + + zval *container; + zend_free_op free_op2; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } - if (0) { - MAKE_REAL_ZVAL_PTR(property); - } - if (IS_CV == IS_VAR && !container) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); - } - zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); - if (0) { - zval_ptr_dtor(&property); - } else { - if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); + if (0) { + zval_ptr_dtor(&offset); + } else { + if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) -{ - return zend_fetch_property_address_read_helper_SPEC_CV_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); -} - static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1, free_op2; - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -27583,27 +29576,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_VAR_HANDLER(ZEND_OPCOD } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_op2, free_res; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - zval *property = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -27613,7 +29606,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_H if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -27622,13 +29615,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_H } else { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -27637,24 +29625,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_H } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op2; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - zval *property_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **object_ptr; + zval *property_name; + + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -27662,28 +29654,31 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE + + zval **object_ptr; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { zend_free_op free_op2; - zval *property_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *property_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_VAR == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -27692,31 +29687,45 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE } else { zend_free_op free_op2, free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *dim = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_VAR, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_VAR, BP_VAR_W TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -27724,49 +29733,72 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE } /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval *value = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval *value; + zval **variable_ptr_ptr; - if (IS_CV == IS_VAR && !variable_ptr_ptr) { + SAVE_OPLINE(); + value = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_VAR TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (0) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC); + if (0) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } /* zend_assign_to_variable() always takes care of op2, never free it! */ if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval **variable_ptr_ptr; - zval **value_ptr_ptr = _get_zval_ptr_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **value_ptr_ptr; + + SAVE_OPLINE(); + value_ptr_ptr = _get_zval_ptr_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_VAR == IS_VAR && value_ptr_ptr && @@ -27779,19 +29811,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } return ZEND_ASSIGN_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_VAR == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { PZVAL_LOCK(*value_ptr_ptr); } - if (IS_CV == IS_VAR && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - variable_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if ((IS_VAR == IS_VAR && !value_ptr_ptr) || - (IS_CV == IS_VAR && !variable_ptr_ptr)) { + variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if ((IS_VAR == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || + (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); @@ -27801,44 +29833,48 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *variable_ptr_ptr); PZVAL_LOCK(*variable_ptr_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; zend_free_op free_op2; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + function_name = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_VAR != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + EX(object) = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_VAR == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -27863,15 +29899,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_ if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; zend_free_op free_op2; + SAVE_OPLINE(); if (IS_CV==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -27881,8 +29919,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC) TSRMLS_CC); if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; if (switch_expr_is_overloaded) { @@ -27895,47 +29933,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_free_op free_op2; - zval *array_ptr = &EX_T(opline->result.var).tmp_var; + USE_OPLINE + zval *expr_ptr; - zval *offset=_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -27946,7 +29969,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_VAR != IS_UNUSED) { + zend_free_op free_op2; + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -27955,7 +29984,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_VAR_HANDLER(ZEND_OPCODE case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_VAR == IS_CONST) { @@ -27968,10 +29997,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -27981,19 +30010,20 @@ num_index: } if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CV == IS_UNUSED) { @@ -28007,13 +30037,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); + if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -28047,24 +30081,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_VAR == IS_CV || IS_VAR == IS_VAR) { zval_ptr_dtor(&offset); @@ -28081,7 +30101,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -28105,15 +30125,20 @@ num_index_dim: if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval **container; + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -28140,22 +30165,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER if (free_op2.var) {zval_ptr_dtor(&free_op2.var);}; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_VAR(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV != IS_VAR || container) { zend_free_op free_op2; - zval *offset = _get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC); + zval *offset = _get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -28246,7 +30275,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -28269,13 +30298,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -28291,33 +30320,31 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_VAR_HANDLER(ZEND_O static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); zval *object; zval *property = NULL; - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -28335,9 +30362,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*b have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -28374,17 +30401,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*b Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -28398,66 +30425,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(int (*b } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_UNUSED(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_CV == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_CV_UNUSED(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; zval *dim = NULL; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: value = NULL; - var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -28470,15 +30502,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_UNUSED(int (*binar } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -28539,103 +30576,102 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_ static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = NULL; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = NULL; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container; - if (IS_CV == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_RW TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = NULL; zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_W TSRMLS_CC); + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_UNUSED == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_UNUSED, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, NULL, IS_UNUSED, BP_VAR_R TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { @@ -28645,7 +30681,7 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAN if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_UNUSED == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -28657,27 +30693,41 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAN zval *dim = NULL; zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_UNUSED, BP_VAR_W TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -28685,48 +30735,33 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAN } /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=NULL; - ulong hval; - long index; -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -28737,7 +30772,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPC Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_UNUSED != IS_UNUSED) { + + zval *offset = NULL; + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -28746,7 +30787,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_UNUSED_HANDLER(ZEND_OPC case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_UNUSED == IS_CONST) { @@ -28759,10 +30800,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -28772,19 +30813,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CV == IS_UNUSED) { @@ -28798,277 +30840,311 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_UNUSED_HANDLER(ZEND_OPCODE_HAN static int ZEND_FASTCALL ZEND_ADD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); add_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SUB_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); sub_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MUL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mul_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_DIV_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); div_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_MOD_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); mod_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_left_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_SR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); shift_right_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CONCAT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); concat_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); is_identical_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_IDENTICAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); is_identical_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); Z_LVAL_P(result) = !Z_LVAL_P(result); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) == 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_NOT_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) != 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) < 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_IS_SMALLER_OR_EQUAL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *result = &EX_T(opline->result.var).tmp_var; + SAVE_OPLINE(); compare_function(result, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0)); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_OR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_or_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_AND_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_and_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); bitwise_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_BOOL_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + SAVE_OPLINE(); boolean_xor_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE zend_free_op free_op_data1; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval *value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval *property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + zval *value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); znode_op *result = &opline->result; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } - EX_T(result->var).var.ptr_ptr = NULL; make_real_object(object_ptr TSRMLS_CC); object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to assign property of non-object"); FREE_OP(free_op_data1); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } else { /* here we are sure we are dealing with an object */ @@ -29086,9 +31162,9 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binar have_get_ptr = 1; binary_op(*zptr, *zptr, value TSRMLS_CC); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = *zptr; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(*zptr); + EX_T(opline->result.var).var.ptr = *zptr; + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -29125,17 +31201,17 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binar Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); } if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = z; - EX_T(result->var).var.ptr_ptr = NULL; PZVAL_LOCK(z); + EX_T(opline->result.var).var.ptr = z; + EX_T(opline->result.var).var.ptr_ptr = NULL; } zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to assign property of non-object"); if (RETURN_VALUE_USED(opline)) { - EX_T(result->var).var.ptr = EG(uninitialized_zval_ptr); - EX_T(result->var).var.ptr_ptr = NULL; - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + EX_T(opline->result.var).var.ptr = &EG(uninitialized_zval); + EX_T(opline->result.var).var.ptr_ptr = NULL; } } } @@ -29149,66 +31225,71 @@ static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_CV_CV(int (*binar } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CV(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op_data2, free_op_data1; zval **var_ptr; zval *value; + SAVE_OPLINE(); switch (opline->extended_value) { case ZEND_ASSIGN_OBJ: return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); break; case ZEND_ASSIGN_DIM: { - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); - } else if (Z_TYPE_PP(container) == IS_OBJECT) { + } else if (UNEXPECTED(Z_TYPE_PP(container) == IS_OBJECT)) { if (IS_CV == IS_VAR && !0) { Z_ADDREF_PP(container); /* undo the effect of get_obj_zval_ptr_ptr() */ } return zend_binary_assign_op_obj_helper_SPEC_CV_CV(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else { - zend_op *op_data = opline+1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *dim = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - zend_fetch_dimension_address(&EX_T(op_data->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - var_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - ZEND_VM_INC_OPCODE(); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + var_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); } } break; default: - value = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - var_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + var_ptr = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); /* do nothing */ break; } - if (!var_ptr) { + if (UNEXPECTED(var_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); } - if (*var_ptr == EG(error_zval_ptr)) { + if (UNEXPECTED(*var_ptr == &EG(error_zval))) { if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } + CHECK_EXCEPTION(); + if (opline->extended_value == ZEND_ASSIGN_DIM) { + ZEND_VM_INC_OPCODE(); + } ZEND_VM_NEXT_OPCODE(); } SEPARATE_ZVAL_IF_NOT_REF(var_ptr); - if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + if (UNEXPECTED(Z_TYPE_PP(var_ptr) == IS_OBJECT) + && Z_OBJ_HANDLER_PP(var_ptr, get) && Z_OBJ_HANDLER_PP(var_ptr, set)) { /* proxy object */ zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); @@ -29221,15 +31302,20 @@ static int ZEND_FASTCALL zend_binary_assign_op_helper_SPEC_CV_CV(int (*binary_op } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *var_ptr); PZVAL_LOCK(*var_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *var_ptr); } if (opline->extended_value == ZEND_ASSIGN_DIM) { FREE_OP(free_op_data1); FREE_OP_VAR_PTR(free_op_data2); - } + CHECK_EXCEPTION(); + ZEND_VM_INC_OPCODE(); + } else { + + CHECK_EXCEPTION(); + } ZEND_VM_NEXT_OPCODE(); } @@ -29290,29 +31376,35 @@ static int ZEND_FASTCALL ZEND_ASSIGN_BW_XOR_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HAND static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **retval = &EX_T(opline->result.var).var.ptr; + zval *property; + zval **retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + retval = &EX_T(opline->result.var).var.ptr; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -29340,7 +31432,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t inc if (Z_OBJ_HT_P(object)->read_property && Z_OBJ_HT_P(object)->write_property) { zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -29360,8 +31452,8 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t inc } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); if (RETURN_VALUE_USED(opline)) { - *retval = EG(uninitialized_zval_ptr); - PZVAL_LOCK(*retval); + PZVAL_LOCK(&EG(uninitialized_zval)); + *retval = &EG(uninitialized_zval); } } } @@ -29372,6 +31464,7 @@ static int ZEND_FASTCALL zend_pre_incdec_property_helper_SPEC_CV_CV(incdec_t inc } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -29387,26 +31480,32 @@ static int ZEND_FASTCALL ZEND_PRE_DEC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLE static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t incdec_op, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; zval *object; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval *retval = &EX_T(opline->result.var).tmp_var; + zval *property; + zval *retval; int have_get_ptr = 0; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + retval = &EX_T(opline->result.var).tmp_var; + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); } make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ object = *object_ptr; - if (Z_TYPE_P(object) != IS_OBJECT) { + if (UNEXPECTED(Z_TYPE_P(object) != IS_OBJECT)) { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -29422,7 +31521,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in have_get_ptr = 1; SEPARATE_ZVAL_IF_NOT_REF(zptr); - *retval = **zptr; + ZVAL_COPY_VALUE(retval, *zptr); zendi_zval_copy_ctor(*retval); incdec_op(*zptr); @@ -29435,7 +31534,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); zval *z_copy; - if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + if (UNEXPECTED(Z_TYPE_P(z) == IS_OBJECT) && Z_OBJ_HT_P(z)->get) { zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); if (Z_REFCOUNT_P(z) == 0) { @@ -29445,12 +31544,11 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in } z = value; } - *retval = *z; + ZVAL_COPY_VALUE(retval, z); zendi_zval_copy_ctor(*retval); ALLOC_ZVAL(z_copy); - *z_copy = *z; + INIT_PZVAL_COPY(z_copy, z); zendi_zval_copy_ctor(*z_copy); - INIT_PZVAL(z_copy); incdec_op(z_copy); Z_ADDREF_P(z); Z_OBJ_HT_P(object)->write_property(object, property, z_copy, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); @@ -29458,7 +31556,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in zval_ptr_dtor(&z); } else { zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); - *retval = *EG(uninitialized_zval_ptr); + ZVAL_NULL(retval); } } @@ -29468,6 +31566,7 @@ static int ZEND_FASTCALL zend_post_incdec_property_helper_SPEC_CV_CV(incdec_t in } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -29483,194 +31582,193 @@ static int ZEND_FASTCALL ZEND_POST_DEC_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL static int ZEND_FASTCALL ZEND_FETCH_DIM_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if ((opline->extended_value & ZEND_FETCH_ADD_LOCK) && IS_CV != IS_CV && EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(!RETURN_VALUE_USED(opline)?NULL:&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ - if (opline->extended_value && EX_T(opline->result.var).var.ptr_ptr) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + if (UNEXPECTED(opline->extended_value != 0)) { + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + if (retval_ptr) { + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); + } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval **container; - if (IS_CV == IS_VAR && !container) { + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_RW TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_RW TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_IS TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_IS TSRMLS_CC); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); zval **container; + SAVE_OPLINE(); + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_W TSRMLS_CC); + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } } else { if (IS_CV == IS_UNUSED) { zend_error_noreturn(E_ERROR, "Cannot use [] for reading"); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_R TSRMLS_CC); + zend_fetch_dimension_address_read(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_R TSRMLS_CC); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_DIM_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); - /* Not needed in DIM_UNSET - if (opline->extended_value & ZEND_FETCH_ADD_LOCK) { - PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); - } - */ if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); } } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_fetch_dimension_address(&EX_T(opline->result.var), container, dim, IS_CV, BP_VAR_UNSET TSRMLS_CC); + zend_fetch_dimension_address(&EX_T(opline->result.var), container, _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC), IS_CV, BP_VAR_UNSET TSRMLS_CC); - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } - if (EX_T(opline->result.var).var.ptr_ptr == NULL) { + if (UNEXPECTED(EX_T(opline->result.var).var.ptr_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot unset string offsets"); } else { zend_free_op free_res; + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; - PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); - if (EX_T(opline->result.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { - SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.var).var.ptr_ptr); + PZVAL_UNLOCK(*retval_ptr, &free_res); + if (retval_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(retval_ptr); } - PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); + PZVAL_LOCK(*retval_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } - ZEND_VM_NEXT_OPCODE(); } -static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(int type, ZEND_OPCODE_HANDLER_ARGS) +static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *container = _get_zval_ptr_cv(opline->op1.var, type TSRMLS_CC); + zval *container; - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *offset; - if (Z_TYPE_P(container) != IS_OBJECT || !Z_OBJ_HT_P(container)->read_property) { - if (type != BP_VAR_IS) { - zend_error(E_NOTICE, "Trying to get property of non-object"); - } + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + zend_error(E_NOTICE, "Trying to get property of non-object"); if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { @@ -29681,7 +31779,7 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(int } /* here we are sure we are dealing with an object */ - retval = Z_OBJ_HT_P(container)->read_property(container, offset, type, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_R, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (!RETURN_VALUE_USED(opline)) { if (Z_REFCOUNT_P(retval) == 0) { @@ -29690,8 +31788,8 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(int FREE_ZVAL(retval); } } else { - AI_SET_PTR(EX_T(opline->result.var).var, retval); PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } if (0) { @@ -29701,21 +31799,25 @@ static int ZEND_FASTCALL zend_fetch_property_address_read_helper_SPEC_CV_CV(int } } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_R_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *property; zval **container; + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_CV == IS_VAR && (opline->extended_value & ZEND_FETCH_ADD_LOCK)) { PZVAL_LOCK(*EX_T(opline->op1.var).var.ptr_ptr); EX_T(opline->op1.var).var.ptr = *EX_T(opline->op1.var).var.ptr_ptr; @@ -29724,46 +31826,49 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_W_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLE if (0) { MAKE_REAL_ZVAL_PTR(property); } - container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if (IS_CV == IS_VAR && !container) { + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } + zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); if (0) { zval_ptr_dtor(&property); } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } /* We are going to assign the result by reference */ if (opline->extended_value & ZEND_FETCH_MAKE_REF) { - Z_DELREF_PP(EX_T(opline->result.var).var.ptr_ptr); - SEPARATE_ZVAL_TO_MAKE_IS_REF(EX_T(opline->result.var).var.ptr_ptr); - Z_ADDREF_PP(EX_T(opline->result.var).var.ptr_ptr); + zval **retval_ptr = EX_T(opline->result.var).var.ptr_ptr; + + Z_DELREF_PP(retval_ptr); + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr); + Z_ADDREF_PP(retval_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_RW TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + container = _get_zval_ptr_ptr_cv_BP_VAR_RW(EX_CVs(), opline->op1.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_RW TSRMLS_CC); @@ -29772,37 +31877,83 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_RW_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDL } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_IS_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - return zend_fetch_property_address_read_helper_SPEC_CV_CV(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + USE_OPLINE + + zval *container; + + zval *offset; + + SAVE_OPLINE(); + container = _get_zval_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + + if (UNEXPECTED(Z_TYPE_P(container) != IS_OBJECT) || + UNEXPECTED(Z_OBJ_HT_P(container)->read_property == NULL)) { + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + + } else { + zval *retval; + + if (0) { + MAKE_REAL_ZVAL_PTR(offset); + } + + /* here we are sure we are dealing with an object */ + retval = Z_OBJ_HT_P(container)->read_property(container, offset, BP_VAR_IS, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + + if (!RETURN_VALUE_USED(opline)) { + if (Z_REFCOUNT_P(retval) == 0) { + GC_REMOVE_ZVAL_FROM_BUFFER(retval); + zval_dtor(retval); + FREE_ZVAL(retval); + } + } else { + PZVAL_LOCK(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); + } + + if (0) { + zval_ptr_dtor(&offset); + } else { + + } + } + + CHECK_EXCEPTION(); + ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), (opline->extended_value & ZEND_FETCH_ARG_MASK))) { /* Behave like FETCH_OBJ_W */ zend_free_op free_op1; - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval *property; + zval **container; + + SAVE_OPLINE(); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + container = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_W TSRMLS_CC); @@ -29811,27 +31962,27 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_FUNC_ARG_SPEC_CV_CV_HANDLER(ZEND_OPCODE } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else { - return zend_fetch_property_address_read_helper_SPEC_CV_CV(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + return zend_fetch_property_address_read_helper_SPEC_CV_CV(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } } static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op1, free_res; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - zval *property = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *property; + + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + property = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_CV == IS_CV) { if (container != &EG(uninitialized_zval_ptr)) { @@ -29841,7 +31992,7 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HA if (0) { MAKE_REAL_ZVAL_PTR(property); } - if (IS_CV == IS_VAR && !container) { + if (IS_CV == IS_VAR && UNEXPECTED(container == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an object"); } zend_fetch_property_address(&EX_T(opline->result.var), container, property, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL), BP_VAR_UNSET TSRMLS_CC); @@ -29850,13 +32001,8 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HA } else { } - if (IS_CV == IS_VAR && 0 && - READY_TO_DESTROY(free_op1.var)) { - AI_USE_PTR(EX_T(opline->result.var).var); - if (!PZVAL_IS_REF(*EX_T(opline->result.var).var.ptr_ptr) && - Z_REFCOUNT_PP(EX_T(opline->result.var).var.ptr_ptr) > 2) { - SEPARATE_ZVAL(EX_T(opline->result.var).var.ptr_ptr); - } + if (IS_CV == IS_VAR && 0 && READY_TO_DESTROY(free_op1.var)) { + EXTRACT_ZVAL_PTR(&EX_T(opline->result.var)); } PZVAL_UNLOCK(*EX_T(opline->result.var).var.ptr_ptr, &free_res); @@ -29865,24 +32011,28 @@ static int ZEND_FASTCALL ZEND_FETCH_OBJ_UNSET_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HA } PZVAL_LOCK(*EX_T(opline->result.var).var.ptr_ptr); FREE_OP_VAR_PTR(free_res); + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE + + zval **object_ptr; + zval *property_name; - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - zval *property_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + property_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - if (IS_CV == IS_VAR && !object_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_OBJ, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -29890,28 +32040,31 @@ static int ZEND_FASTCALL ZEND_ASSIGN_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER } /* assign_obj has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); - zend_op *op_data = opline+1; + USE_OPLINE - zval **object_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + zval **object_ptr; - if (IS_CV == IS_VAR && !object_ptr) { + SAVE_OPLINE(); + object_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + + if (IS_CV == IS_VAR && UNEXPECTED(object_ptr == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); } if (Z_TYPE_PP(object_ptr) == IS_OBJECT) { - zval *property_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *property_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (0) { MAKE_REAL_ZVAL_PTR(property_name); } - zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, op_data->op1_type, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); + zend_assign_to_object(RETURN_VALUE_USED(opline)?&EX_T(opline->result.var).var.ptr:NULL, object_ptr, property_name, (opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), ZEND_ASSIGN_DIM, ((IS_CV == IS_CONST) ? opline->op2.literal : NULL) TSRMLS_CC); if (0) { zval_ptr_dtor(&property_name); } else { @@ -29920,30 +32073,44 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER } else { zend_free_op free_op_data1, free_op_data2; zval *value; - zval *dim = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *dim = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); zval **variable_ptr_ptr; - zend_fetch_dimension_address(&EX_T(op_data->op2.var), object_ptr, dim, IS_CV, BP_VAR_W TSRMLS_CC); + zend_fetch_dimension_address(&EX_T((opline+1)->op2.var), object_ptr, dim, IS_CV, BP_VAR_W TSRMLS_CC); - value = get_zval_ptr(op_data->op1_type, &op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); - variable_ptr_ptr = _get_zval_ptr_ptr_var(op_data->op2.var, EX(Ts), &free_op_data2 TSRMLS_CC); - if (!variable_ptr_ptr) { - if (zend_assign_to_string_offset(&EX_T(op_data->op2.var), value, op_data->op1_type TSRMLS_CC)) { + value = get_zval_ptr((opline+1)->op1_type, &(opline+1)->op1, EX_Ts(), &free_op_data1, BP_VAR_R); + variable_ptr_ptr = _get_zval_ptr_ptr_var((opline+1)->op2.var, EX_Ts(), &free_op_data2 TSRMLS_CC); + if (UNEXPECTED(variable_ptr_ptr == NULL)) { + if (zend_assign_to_string_offset(&EX_T((opline+1)->op2.var), value, (opline+1)->op1_type TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(op_data->op2.var).str_offset.str)+EX_T(op_data->op2.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T((opline+1)->op2.var).str_offset.str)+EX_T((opline+1)->op2.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (IS_TMP_FREE(free_op_data1)) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, IS_TMP_FREE(free_op_data1) TSRMLS_CC); + if (IS_TMP_FREE(free_op_data1)) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } FREE_OP_VAR_PTR(free_op_data2); @@ -29951,48 +32118,71 @@ static int ZEND_FASTCALL ZEND_ASSIGN_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER } /* assign_dim has two opcodes! */ + CHECK_EXCEPTION(); ZEND_VM_INC_OPCODE(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval *value; + zval **variable_ptr_ptr; - zval *value = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - zval **variable_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SAVE_OPLINE(); + value = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (IS_CV == IS_VAR && !variable_ptr_ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL)) { if (zend_assign_to_string_offset(&EX_T(opline->op1.var), value, IS_CV TSRMLS_CC)) { if (RETURN_VALUE_USED(opline)) { - EX_T(opline->result.var).var.ptr_ptr = &EX_T(opline->result.var).var.ptr; - ALLOC_ZVAL(EX_T(opline->result.var).var.ptr); - INIT_PZVAL(EX_T(opline->result.var).var.ptr); - ZVAL_STRINGL(EX_T(opline->result.var).var.ptr, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + zval *retval; + + ALLOC_ZVAL(retval); + ZVAL_STRINGL(retval, Z_STRVAL_P(EX_T(opline->op1.var).str_offset.str)+EX_T(opline->op1.var).str_offset.offset, 1, 1); + INIT_PZVAL(retval); + AI_SET_PTR(&EX_T(opline->result.var), retval); } } else if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, EG(uninitialized_zval_ptr)); - PZVAL_LOCK(EG(uninitialized_zval_ptr)); + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); + } + } else if (IS_CV == IS_VAR && UNEXPECTED(*variable_ptr_ptr == &EG(error_zval))) { + if (0) { + zval_dtor(value); + } + if (RETURN_VALUE_USED(opline)) { + PZVAL_LOCK(&EG(uninitialized_zval)); + AI_SET_PTR(&EX_T(opline->result.var), &EG(uninitialized_zval)); } } else { - value = zend_assign_to_variable(variable_ptr_ptr, value, 0 TSRMLS_CC); + if (0) { + value = zend_assign_tmp_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } else { + value = zend_assign_to_variable(variable_ptr_ptr, value TSRMLS_CC); + } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, value); PZVAL_LOCK(value); + AI_SET_PTR(&EX_T(opline->result.var), value); } } /* zend_assign_to_variable() always takes care of op2, never free it! */ + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zend_free_op free_op2; zval **variable_ptr_ptr; - zval **value_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op2.var, BP_VAR_W TSRMLS_CC); + zval **value_ptr_ptr; + + SAVE_OPLINE(); + value_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_CV == IS_VAR && value_ptr_ptr && @@ -30005,19 +32195,19 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER zend_error(E_STRICT, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { - ZEND_VM_NEXT_OPCODE(); + HANDLE_EXCEPTION(); } return ZEND_ASSIGN_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); } else if (IS_CV == IS_VAR && opline->extended_value == ZEND_RETURNS_NEW) { PZVAL_LOCK(*value_ptr_ptr); } - if (IS_CV == IS_VAR && EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr) { + if (IS_CV == IS_VAR && UNEXPECTED(EX_T(opline->op1.var).var.ptr_ptr == &EX_T(opline->op1.var).var.ptr)) { zend_error_noreturn(E_ERROR, "Cannot assign by reference to overloaded object"); } - variable_ptr_ptr = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); - if ((IS_CV == IS_VAR && !value_ptr_ptr) || - (IS_CV == IS_VAR && !variable_ptr_ptr)) { + variable_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); + if ((IS_CV == IS_VAR && UNEXPECTED(value_ptr_ptr == NULL)) || + (IS_CV == IS_VAR && UNEXPECTED(variable_ptr_ptr == NULL))) { zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); } zend_assign_to_variable_reference(variable_ptr_ptr, value_ptr_ptr TSRMLS_CC); @@ -30027,43 +32217,47 @@ static int ZEND_FASTCALL ZEND_ASSIGN_REF_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER } if (RETURN_VALUE_USED(opline)) { - AI_SET_PTR(EX_T(opline->result.var).var, *variable_ptr_ptr); PZVAL_LOCK(*variable_ptr_ptr); + AI_SET_PTR(&EX_T(opline->result.var), *variable_ptr_ptr); } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE zval *function_name; char *function_name_strval; int function_name_strlen; + SAVE_OPLINE(); zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope)); - function_name = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + function_name = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); - if (Z_TYPE_P(function_name)!=IS_STRING) { + if (IS_CV != IS_CONST && + UNEXPECTED(Z_TYPE_P(function_name) != IS_STRING)) { zend_error_noreturn(E_ERROR, "Method name must be a string"); } function_name_strval = Z_STRVAL_P(function_name); function_name_strlen = Z_STRLEN_P(function_name); - EX(object) = _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); + EX(object) = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); - if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) { - if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + if (EXPECTED(EX(object) != NULL) && + EXPECTED(Z_TYPE_P(EX(object)) == IS_OBJECT)) { + if (UNEXPECTED(Z_OBJ_HT_P(EX(object))->get_method == NULL)) { zend_error_noreturn(E_ERROR, "Object does not support method calls"); } /* First, locate the function. */ EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen, ((IS_CV == IS_CONST) ? (opline->op2.literal + 1) : NULL) TSRMLS_CC); - if (!EX(fbc)) { + if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); } @@ -30087,15 +32281,17 @@ static int ZEND_FASTCALL ZEND_INIT_METHOD_CALL_SPEC_CV_CV_HANDLER(ZEND_OPCODE_H } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE int switch_expr_is_overloaded=0; + SAVE_OPLINE(); if (IS_CV==IS_VAR) { if (EX_T(opline->op1.var).var.ptr_ptr) { PZVAL_LOCK(EX_T(opline->op1.var).var.ptr); @@ -30105,8 +32301,8 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) } } is_equal_function(&EX_T(opline->result.var).tmp_var, - _get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC), - _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC) TSRMLS_CC); + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC), + _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC) TSRMLS_CC); if (switch_expr_is_overloaded) { /* We only free op1 if this is a string offset, @@ -30118,47 +32314,32 @@ static int ZEND_FASTCALL ZEND_CASE_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) EX_T(opline->op1.var).var.ptr_ptr = NULL; EX_T(opline->op1.var).var.ptr = NULL; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval *array_ptr = &EX_T(opline->result.var).tmp_var; zval *expr_ptr; - zval *offset=_get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); - ulong hval; - long index; -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - zval **expr_ptr_ptr = NULL; + SAVE_OPLINE(); + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { + zval **expr_ptr_ptr = _get_zval_ptr_ptr_cv_BP_VAR_W(EX_CVs(), opline->op1.var TSRMLS_CC); - if (opline->extended_value) { - expr_ptr_ptr=_get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_W TSRMLS_CC); + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); expr_ptr = *expr_ptr_ptr; + Z_ADDREF_P(expr_ptr); } else { - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); - } -#else - expr_ptr=_get_zval_ptr_cv(opline->op1.var, BP_VAR_R TSRMLS_CC); -#endif - - if (0) { /* temporary variable */ - zval *new_expr; + expr_ptr=_get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op1.var TSRMLS_CC); + if (0) { /* temporary variable */ + zval *new_expr; - ALLOC_ZVAL(new_expr); - INIT_PZVAL_COPY(new_expr, expr_ptr); - expr_ptr = new_expr; - } else { -#if 0 || IS_CV == IS_VAR || IS_CV == IS_CV - if (opline->extended_value) { - SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); - expr_ptr = *expr_ptr_ptr; - Z_ADDREF_P(expr_ptr); - } else -#endif - if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { + ALLOC_ZVAL(new_expr); + INIT_PZVAL_COPY(new_expr, expr_ptr); + expr_ptr = new_expr; + } else if (IS_CV == IS_CONST || PZVAL_IS_REF(expr_ptr)) { zval *new_expr; ALLOC_ZVAL(new_expr); @@ -30169,7 +32350,13 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_ Z_ADDREF_P(expr_ptr); } } - if (offset) { + + if (IS_CV != IS_UNUSED) { + + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + ulong hval; + long index; + switch (Z_TYPE_P(offset)) { case IS_DOUBLE: index = zend_dval_to_lval(Z_DVAL_P(offset)); @@ -30178,7 +32365,7 @@ static int ZEND_FASTCALL ZEND_ADD_ARRAY_ELEMENT_SPEC_CV_CV_HANDLER(ZEND_OPCODE_ case IS_BOOL: index = Z_LVAL_P(offset); num_index: - zend_hash_index_update(Z_ARRVAL_P(array_ptr), index, &expr_ptr, sizeof(zval *), NULL); + zend_hash_index_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), index, &expr_ptr, sizeof(zval *), NULL); break; case IS_STRING: if (IS_CV == IS_CONST) { @@ -30191,10 +32378,10 @@ num_index: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - zend_hash_quick_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); + zend_hash_quick_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval, &expr_ptr, sizeof(zval *), NULL); break; case IS_NULL: - zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL(EX_T(opline->result.var).tmp_var), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -30204,19 +32391,20 @@ num_index: } } else { - zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL); + zend_hash_next_index_insert(Z_ARRVAL(EX_T(opline->result.var).tmp_var), &expr_ptr, sizeof(zval *), NULL); } - if (opline->extended_value) { + if ((IS_CV == IS_VAR || IS_CV == IS_CV) && opline->extended_value) { } else { } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE array_init(&EX_T(opline->result.var).tmp_var); if (IS_CV == IS_UNUSED) { @@ -30230,13 +32418,17 @@ static int ZEND_FASTCALL ZEND_INIT_ARRAY_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER static int ZEND_FASTCALL ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval **container; + zval *offset; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); + if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { SEPARATE_ZVAL_IF_NOT_REF(container); @@ -30270,24 +32462,10 @@ num_index_dim: hval = zend_hash_func(Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1); } } - if (zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval) == SUCCESS && - ht == &EG(symbol_table)) { - zend_execute_data *ex; - - for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->op_array && ex->symbol_table == ht) { - int i; - - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hval && - ex->op_array->vars[i].name_len == offset->value.str.len && - !memcmp(ex->op_array->vars[i].name, offset->value.str.val, offset->value.str.len)) { - ex->CVs[i] = NULL; - break; - } - } - } - } + if (ht == &EG(symbol_table)) { + zend_delete_global_variable_ex(offset->value.str.val, offset->value.str.len, hval TSRMLS_CC); + } else { + zend_hash_quick_del(ht, Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, hval); } if (IS_CV == IS_CV || IS_CV == IS_VAR) { zval_ptr_dtor(&offset); @@ -30304,7 +32482,7 @@ num_index_dim: break; } case IS_OBJECT: - if (!Z_OBJ_HT_P(*container)->unset_dimension) { + if (UNEXPECTED(Z_OBJ_HT_P(*container)->unset_dimension == NULL)) { zend_error_noreturn(E_ERROR, "Cannot use object as array"); } if (0) { @@ -30328,15 +32506,20 @@ num_index_dim: } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE + + zval **container; + zval *offset; - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_UNSET TSRMLS_CC); - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_UNSET(EX_CVs(), opline->op1.var TSRMLS_CC); + offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (IS_CV != IS_VAR || container) { if (IS_CV == IS_CV && container != &EG(uninitialized_zval_ptr)) { @@ -30363,22 +32546,26 @@ static int ZEND_FASTCALL ZEND_UNSET_OBJ_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } static int ZEND_FASTCALL zend_isset_isempty_dim_prop_obj_handler_SPEC_CV_CV(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) { - zend_op *opline = EX(opline); + USE_OPLINE - zval **container = _get_zval_ptr_ptr_cv(opline->op1.var, BP_VAR_IS TSRMLS_CC); + zval **container; zval **value = NULL; int result = 0; ulong hval; long index; + SAVE_OPLINE(); + container = _get_zval_ptr_ptr_cv_BP_VAR_IS(EX_CVs(), opline->op1.var TSRMLS_CC); + if (IS_CV != IS_VAR || container) { - zval *offset = _get_zval_ptr_cv(opline->op2.var, BP_VAR_R TSRMLS_CC); + zval *offset = _get_zval_ptr_cv_BP_VAR_R(EX_CVs(), opline->op2.var TSRMLS_CC); if (Z_TYPE_PP(container) == IS_ARRAY && !prop_dim) { HashTable *ht; @@ -30469,7 +32656,7 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - tmp = *offset; + ZVAL_COPY_VALUE(&tmp, offset); zval_copy_ctor(&tmp); convert_to_long(&tmp); offset = &tmp; @@ -30492,13 +32679,13 @@ num_index_prop: } Z_TYPE(EX_T(opline->result.var).tmp_var) = IS_BOOL; - if (opline->extended_value & ZEND_ISSET) { Z_LVAL(EX_T(opline->result.var).tmp_var) = result; - } else /* if (opline->extended_value & ZEND_ISEMPTY) */ { + } else { Z_LVAL(EX_T(opline->result.var).tmp_var) = !result; } + CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } @@ -30514,7 +32701,7 @@ static int ZEND_FASTCALL ZEND_ISSET_ISEMPTY_PROP_OBJ_SPEC_CV_CV_HANDLER(ZEND_OP static int ZEND_FASTCALL ZEND_NULL_HANDLER(ZEND_OPCODE_HANDLER_ARGS) { - zend_error_noreturn(E_ERROR, "Invalid opcode %d/%d/%d.", EX(opline)->opcode, EX(opline)->op1_type, EX(opline)->op2_type); + zend_error_noreturn(E_ERROR, "Invalid opcode %d/%d/%d.", OPLINE->opcode, OPLINE->op1_type, OPLINE->op2_type); } @@ -33200,27 +35387,27 @@ void zend_init_opcodes_handlers(void) ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_CATCH_SPEC_CV_HANDLER, + ZEND_CATCH_SPEC_CONST_CV_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, + ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_CATCH_SPEC_CV_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_CATCH_SPEC_CV_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_CATCH_SPEC_CV_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, ZEND_NULL_HANDLER, - ZEND_CATCH_SPEC_CV_HANDLER, ZEND_THROW_SPEC_CONST_HANDLER, ZEND_THROW_SPEC_CONST_HANDLER, ZEND_THROW_SPEC_CONST_HANDLER, diff --git a/Zend/zend_vm_execute.skl b/Zend/zend_vm_execute.skl index 18d0e29356..6f6fed9834 100644 --- a/Zend/zend_vm_execute.skl +++ b/Zend/zend_vm_execute.skl @@ -2,6 +2,7 @@ ZEND_API void {%EXECUTOR_NAME%}(zend_op_array *op_array TSRMLS_DC) { + DCL_OPLINE zend_execute_data *execute_data; zend_bool nested = 0; zend_bool original_in_execution = EG(in_execution); @@ -36,29 +37,27 @@ zend_vm_enter: EX(nested) = nested; nested = 1; - if (op_array->start_op) { - ZEND_VM_SET_OPCODE(op_array->start_op); - } else { - ZEND_VM_SET_OPCODE(op_array->opcodes); - } + LOAD_REGS(); if (op_array->this_var != -1 && EG(This)) { Z_ADDREF_P(EG(This)); /* For $this pointer */ if (!EG(active_symbol_table)) { - EX(CVs)[op_array->this_var] = (zval**)EX(CVs) + (op_array->last_var + op_array->this_var); - *EX(CVs)[op_array->this_var] = EG(This); + EX_CV(op_array->this_var) = (zval**)EX_CVs() + (op_array->last_var + op_array->this_var); + *EX_CV(op_array->this_var) = EG(This); } else { - if (zend_hash_add(EG(active_symbol_table), "this", sizeof("this"), &EG(This), sizeof(zval *), (void**)&EX(CVs)[op_array->this_var])==FAILURE) { + if (zend_hash_add(EG(active_symbol_table), "this", sizeof("this"), &EG(This), sizeof(zval *), (void**)&EX_CV(op_array->this_var))==FAILURE) { Z_DELREF_P(EG(This)); } } } + EX(opline) = op_array->start_op ? op_array->start_op : op_array->opcodes; EG(opline_ptr) = &EX(opline); + LOAD_OPLINE(); EX(function_state).function = (zend_function *) op_array; EX(function_state).arguments = NULL; - + while (1) { {%ZEND_VM_CONTINUE_LABEL%} #ifdef ZEND_WIN32 diff --git a/Zend/zend_vm_gen.php b/Zend/zend_vm_gen.php index 0f0c9e6ace..602e1c12eb 100644 --- a/Zend/zend_vm_gen.php +++ b/Zend/zend_vm_gen.php @@ -118,75 +118,75 @@ $op2_free = array( ); $op1_get_zval_ptr = array( - "ANY" => "get_zval_ptr(opline->op1_type, &opline->op1, EX(Ts), &free_op1, \\1)", - "TMP" => "_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)", - "VAR" => "_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)", + "ANY" => "get_zval_ptr(opline->op1_type, &opline->op1, EX_Ts(), &free_op1, \\1)", + "TMP" => "_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC)", "CONST" => "opline->op1.zv", "UNUSED" => "NULL", - "CV" => "_get_zval_ptr_cv(opline->op1.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_cv_\\1(EX_CVs(), opline->op1.var TSRMLS_CC)", ); $op2_get_zval_ptr = array( - "ANY" => "get_zval_ptr(opline->op2_type, &opline->op2, EX(Ts), &free_op2, \\1)", - "TMP" => "_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC)", - "VAR" => "_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC)", + "ANY" => "get_zval_ptr(opline->op2_type, &opline->op2, EX_Ts(), &free_op2, \\1)", + "TMP" => "_get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC)", "CONST" => "opline->op2.zv", "UNUSED" => "NULL", - "CV" => "_get_zval_ptr_cv(opline->op2.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_cv_\\1(EX_CVs(), opline->op2.var TSRMLS_CC)", ); $op1_get_zval_ptr_ptr = array( - "ANY" => "get_zval_ptr_ptr(opline->op1_type, &opline->op1, EX(Ts), &free_op1, \\1)", + "ANY" => "get_zval_ptr_ptr(opline->op1_type, &opline->op1, EX_Ts(), &free_op1, \\1)", "TMP" => "NULL", - "VAR" => "_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC)", "CONST" => "NULL", "UNUSED" => "NULL", - "CV" => "_get_zval_ptr_ptr_cv(opline->op1.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_ptr_cv_\\1(EX_CVs(), opline->op1.var TSRMLS_CC)", ); $op2_get_zval_ptr_ptr = array( - "ANY" => "get_zval_ptr_ptr(opline->op2_type, &opline->op2, EX(Ts), &free_op2, \\1)", + "ANY" => "get_zval_ptr_ptr(opline->op2_type, &opline->op2, EX_Ts(), &free_op2, \\1)", "TMP" => "NULL", - "VAR" => "_get_zval_ptr_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC)", "CONST" => "NULL", "UNUSED" => "NULL", - "CV" => "_get_zval_ptr_ptr_cv(opline->op2.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_ptr_cv_\\1(EX_CVs(), opline->op2.var TSRMLS_CC)", ); $op1_get_obj_zval_ptr = array( - "ANY" => "get_obj_zval_ptr(opline->op1_type, &opline->op1, EX(Ts), &free_op1, \\1)", - "TMP" => "_get_zval_ptr_tmp(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)", - "VAR" => "_get_zval_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)", + "ANY" => "get_obj_zval_ptr(opline->op1_type, &opline->op1, EX_Ts(), &free_op1, \\1)", + "TMP" => "_get_zval_ptr_tmp(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC)", "CONST" => "opline->op1.zv", "UNUSED" => "_get_obj_zval_ptr_unused(TSRMLS_C)", - "CV" => "_get_zval_ptr_cv(opline->op1.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_cv_\\1(EX_CVs(), opline->op1.var TSRMLS_CC)", ); $op2_get_obj_zval_ptr = array( - "ANY" => "get_obj_zval_ptr(opline->op2_type, &opline->op2, EX(Ts), &free_op2, \\1)", - "TMP" => "_get_zval_ptr_tmp(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC)", - "VAR" => "_get_zval_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC)", + "ANY" => "get_obj_zval_ptr(opline->op2_type, &opline->op2, EX_Ts(), &free_op2, \\1)", + "TMP" => "_get_zval_ptr_tmp(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC)", "CONST" => "opline->op2.zv", "UNUSED" => "_get_obj_zval_ptr_unused(TSRMLS_C)", - "CV" => "_get_zval_ptr_cv(opline->op2.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_cv_\\1(EX_CVs(), opline->op2.var TSRMLS_CC)", ); $op1_get_obj_zval_ptr_ptr = array( - "ANY" => "get_obj_zval_ptr_ptr(opline->op1_type, &opline->op1, EX(Ts), &free_op1, \\1)", + "ANY" => "get_obj_zval_ptr_ptr(opline->op1_type, &opline->op1, EX_Ts(), &free_op1, \\1)", "TMP" => "NULL", - "VAR" => "_get_zval_ptr_ptr_var(opline->op1.var, EX(Ts), &free_op1 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_ptr_var(opline->op1.var, EX_Ts(), &free_op1 TSRMLS_CC)", "CONST" => "NULL", "UNUSED" => "_get_obj_zval_ptr_ptr_unused(TSRMLS_C)", - "CV" => "_get_zval_ptr_ptr_cv(opline->op1.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_ptr_cv_\\1(EX_CVs(), opline->op1.var TSRMLS_CC)", ); $op2_get_obj_zval_ptr_ptr = array( - "ANY" => "get_obj_zval_ptr_ptr(opline->op2_type, &opline->op2, EX(Ts), &free_op2, \\1)", + "ANY" => "get_obj_zval_ptr_ptr(opline->op2_type, &opline->op2, EX_Ts(), &free_op2, \\1)", "TMP" => "NULL", - "VAR" => "_get_zval_ptr_ptr_var(opline->op2.var, EX(Ts), &free_op2 TSRMLS_CC)", + "VAR" => "_get_zval_ptr_ptr_var(opline->op2.var, EX_Ts(), &free_op2 TSRMLS_CC)", "CONST" => "NULL", "UNUSED" => "_get_obj_zval_ptr_ptr_unused(TSRMLS_C)", - "CV" => "_get_zval_ptr_ptr_cv(opline->op2.var, \\1 TSRMLS_CC)", + "CV" => "_get_zval_ptr_ptr_cv_\\1(EX_CVs(), opline->op2.var TSRMLS_CC)", ); $op1_is_tmp_free = array( @@ -504,7 +504,7 @@ function gen_handler($f, $spec, $kind, $name, $op1, $op2, $use, $code, $lineno) } break; case ZEND_VM_KIND_GOTO: - out($f,$name.($spec?"_SPEC":"").$prefix[$op1].$prefix[$op2]."_HANDLER:\n"); + out($f,$name.($spec?"_SPEC":"").$prefix[$op1].$prefix[$op2]."_HANDLER: ZEND_VM_GUARD(".$name.($spec?"_SPEC":"").$prefix[$op1].$prefix[$op2].");\n"); break; } @@ -694,7 +694,7 @@ function gen_null_handler($f) { $done = 1; out($f,"static int ZEND_FASTCALL ZEND_NULL_HANDLER(ZEND_OPCODE_HANDLER_ARGS)\n"); out($f,"{\n"); - out($f,"\tzend_error_noreturn(E_ERROR, \"Invalid opcode %d/%d/%d.\", EX(opline)->opcode, EX(opline)->op1_type, EX(opline)->op2_type);\n"); + out($f,"\tzend_error_noreturn(E_ERROR, \"Invalid opcode %d/%d/%d.\", OPLINE->opcode, OPLINE->op1_type, OPLINE->op2_type);\n"); out($f,"}\n\n"); } } @@ -768,11 +768,11 @@ function gen_executor_code($f, $spec, $kind, $prolog) { break; case ZEND_VM_KIND_SWITCH: out($f,"default:\n"); - out($f,"\tzend_error_noreturn(E_ERROR, \"Invalid opcode %d/%d/%d.\", EX(opline)->opcode, EX(opline)->op1_type, EX(opline)->op2_type);\n"); + out($f,"\tzend_error_noreturn(E_ERROR, \"Invalid opcode %d/%d/%d.\", OPLINE->opcode, OPLINE->op1_type, OPLINE->op2_type);\n"); break; case ZEND_VM_KIND_GOTO: out($f,"ZEND_NULL_HANDLER:\n"); - out($f,"\tzend_error_noreturn(E_ERROR, \"Invalid opcode %d/%d/%d.\", EX(opline)->opcode, EX(opline)->op1_type, EX(opline)->op2_type);\n"); + out($f,"\tzend_error_noreturn(E_ERROR, \"Invalid opcode %d/%d/%d.\", OPLINE->opcode, OPLINE->op1_type, OPLINE->op2_type);\n"); break; } } @@ -800,18 +800,60 @@ function gen_executor($f, $skl, $spec, $kind, $executor_name, $initializer_name, out($f,"static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op);\n\n"); switch ($kind) { case ZEND_VM_KIND_CALL: - out($f,"\n"); - out($f,"#define ZEND_VM_CONTINUE() return 0\n"); - out($f,"#define ZEND_VM_RETURN() return 1\n"); - out($f,"#define ZEND_VM_ENTER() return 2\n"); - out($f,"#define ZEND_VM_LEAVE() return 3\n"); + out($f,"\n"); + out($f,"#undef OPLINE\n"); + out($f,"#undef DCL_OPLINE\n"); + out($f,"#undef USE_OPLINE\n"); + out($f,"#undef LOAD_OPLINE\n"); + out($f,"#undef SAVE_OPLINE\n"); + out($f,"#define OPLINE EX(opline)\n"); + out($f,"#define DCL_OPLINE\n"); + out($f,"#define USE_OPLINE zend_op *opline = EX(opline);\n"); + out($f,"#define LOAD_OPLINE()\n"); + out($f,"#define SAVE_OPLINE()\n"); + out($f,"#undef CHECK_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION_LEAVE\n"); + out($f,"#define CHECK_EXCEPTION() LOAD_OPLINE()\n"); + out($f,"#define HANDLE_EXCEPTION() LOAD_OPLINE(); ZEND_VM_CONTINUE()\n"); + out($f,"#define HANDLE_EXCEPTION_LEAVE() LOAD_OPLINE(); ZEND_VM_LEAVE()\n"); + out($f,"#define LOAD_REGS()\n"); + out($f,"#define ZEND_VM_CONTINUE() return 0\n"); + out($f,"#define ZEND_VM_RETURN() return 1\n"); + out($f,"#define ZEND_VM_ENTER() return 2\n"); + out($f,"#define ZEND_VM_LEAVE() return 3\n"); out($f,"#define ZEND_VM_DISPATCH(opcode, opline) return zend_vm_get_opcode_handler(opcode, opline)(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);\n\n"); out($f,"#define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC\n"); out($f,"#undef EX\n"); out($f,"#define EX(element) execute_data->element\n\n"); + out($f,"#undef EX_CV\n"); + out($f,"#define EX_CV(var) EX(CVs)[var]\n"); + out($f,"#undef EX_CVs\n"); + out($f,"#define EX_CVs() EX(CVs)\n"); + out($f,"#undef EX_T\n"); + out($f,"#define EX_T(offset) (*(temp_variable *)((char *) EX(Ts) + offset))\n"); + out($f,"#undef EX_Ts\n"); + out($f,"#define EX_Ts() EX(Ts)\n\n"); break; case ZEND_VM_KIND_SWITCH: out($f,"\n"); + out($f,"#undef OPLINE\n"); + out($f,"#undef DCL_OPLINE\n"); + out($f,"#undef USE_OPLINE\n"); + out($f,"#undef LOAD_OPLINE\n"); + out($f,"#undef SAVE_OPLINE\n"); + out($f,"#define OPLINE opline\n"); + out($f,"#define DCL_OPLINE zend_op *opline;\n"); + out($f,"#define USE_OPLINE\n"); + out($f,"#define LOAD_OPLINE() opline = EX(opline)\n"); + out($f,"#define SAVE_OPLINE() EX(opline) = opline\n"); + out($f,"#undef CHECK_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION_LEAVE\n"); + out($f,"#define CHECK_EXCEPTION() LOAD_OPLINE()\n"); + out($f,"#define HANDLE_EXCEPTION() LOAD_OPLINE(); ZEND_VM_CONTINUE()\n"); + out($f,"#define HANDLE_EXCEPTION_LEAVE() LOAD_OPLINE(); ZEND_VM_LEAVE()\n"); + out($f,"#define LOAD_REGS() do {Ts = EX(Ts); CVs = EX(CVs);} while (0)\n"); out($f,"#define ZEND_VM_CONTINUE() goto zend_vm_continue\n"); out($f,"#define ZEND_VM_RETURN() EG(in_execution) = original_in_execution; return\n"); out($f,"#define ZEND_VM_ENTER() op_array = EG(active_op_array); goto zend_vm_enter\n"); @@ -820,10 +862,35 @@ function gen_executor($f, $skl, $spec, $kind, $executor_name, $initializer_name, out($f,"#define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC\n"); out($f,"#undef EX\n"); out($f,"#define EX(element) execute_data->element\n\n"); + out($f,"#undef EX_CV\n"); + out($f,"#define EX_CV(var) CVs[var]\n"); + out($f,"#undef EX_CVs\n"); + out($f,"#define EX_CVs() CVs\n"); + out($f,"#undef EX_T\n"); + out($f,"#define EX_T(offset) T(offset)\n"); + out($f,"#undef EX_Ts\n"); + out($f,"#define EX_Ts() Ts\n\n"); break; case ZEND_VM_KIND_GOTO: out($f,"\n"); - out($f,"#define ZEND_VM_CONTINUE() goto *(void**)(EX(opline)->handler)\n"); + out($f,"#undef OPLINE\n"); + out($f,"#undef DCL_OPLINE\n"); + out($f,"#undef USE_OPLINE\n"); + out($f,"#undef LOAD_OPLINE\n"); + out($f,"#undef SAVE_OPLINE\n"); + out($f,"#define OPLINE opline\n"); + out($f,"#define DCL_OPLINE zend_op *opline;\n"); + out($f,"#define USE_OPLINE\n"); + out($f,"#define LOAD_OPLINE() opline = EX(opline)\n"); + out($f,"#define SAVE_OPLINE() EX(opline) = opline\n"); + out($f,"#undef CHECK_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION_LEAVE\n"); + out($f,"#define CHECK_EXCEPTION() if (UNEXPECTED(EG(exception) != NULL)) goto ZEND_HANDLE_EXCEPTION_SPEC_HANDLER\n"); + out($f,"#define HANDLE_EXCEPTION() goto ZEND_HANDLE_EXCEPTION_SPEC_HANDLER\n"); + out($f,"#define HANDLE_EXCEPTION_LEAVE() goto ZEND_HANDLE_EXCEPTION_SPEC_HANDLER\n"); + out($f,"#define LOAD_REGS() do {Ts = EX(Ts); CVs = EX(CVs);} while (0)\n"); + out($f,"#define ZEND_VM_CONTINUE() goto *(void**)(OPLINE->handler)\n"); out($f,"#define ZEND_VM_RETURN() EG(in_execution) = original_in_execution; return\n"); out($f,"#define ZEND_VM_ENTER() op_array = EG(active_op_array); goto zend_vm_enter\n"); out($f,"#define ZEND_VM_LEAVE() ZEND_VM_CONTINUE()\n"); @@ -831,6 +898,14 @@ function gen_executor($f, $skl, $spec, $kind, $executor_name, $initializer_name, out($f,"#define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC\n"); out($f,"#undef EX\n"); out($f,"#define EX(element) execute_data->element\n\n"); + out($f,"#undef EX_CV\n"); + out($f,"#define EX_CV(var) CVs[var]\n"); + out($f,"#undef EX_CVs\n"); + out($f,"#define EX_CVs() CVs\n"); + out($f,"#undef EX_T\n"); + out($f,"#define EX_T(offset) T(offset)\n\n"); + out($f,"#undef EX_Ts\n"); + out($f,"#define EX_Ts() Ts\n\n"); break; } break; @@ -839,6 +914,8 @@ function gen_executor($f, $skl, $spec, $kind, $executor_name, $initializer_name, break; case "HELPER_VARS": if ($kind != ZEND_VM_KIND_CALL) { + out($f,$m[1]."temp_variable *Ts;\n"); + out($f,$m[1]."zval ***CVs;\n"); if ($kind == ZEND_VM_KIND_SWITCH) { out($f,$m[1]."opcode_handler_t dispatch_handler;\n"); } @@ -881,13 +958,13 @@ function gen_executor($f, $skl, $spec, $kind, $executor_name, $initializer_name, // Emit code that dispatches to opcode handler switch ($kind) { case ZEND_VM_KIND_CALL: - out($f, $m[1]."if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) > 0)".$m[3]."\n"); + out($f, $m[1]."if ((ret = OPLINE->handler(execute_data TSRMLS_CC)) > 0)".$m[3]."\n"); break; case ZEND_VM_KIND_SWITCH: - out($f, $m[1]."dispatch_handler = EX(opline)->handler;\nzend_vm_dispatch:\n".$m[1]."switch ((int)dispatch_handler)".$m[3]."\n"); + out($f, $m[1]."dispatch_handler = OPLINE->handler;\nzend_vm_dispatch:\n".$m[1]."switch ((int)dispatch_handler)".$m[3]."\n"); break; case ZEND_VM_KIND_GOTO: - out($f, $m[1]."goto *(void**)(EX(opline)->handler);".$m[3]."\n"); + out($f, $m[1]."goto *(void**)(OPLINE->handler);".$m[3]."\n"); break; } break; @@ -1146,6 +1223,12 @@ function gen_vm($def, $skel) { out($f,"\n/* Old executor */\n\n"); out($f,"#undef EX\n"); out($f,"#define EX(element) execute_data.element\n\n"); + out($f,"#undef EX_CV\n"); + out($f,"#define EX_CV(var) EX(CVs)[var]\n"); + out($f,"#undef EX_CVs\n"); + out($f,"#define EX_CVs() EX(CVs)\n"); + out($f,"#undef EX_T\n"); + out($f,"#define EX_T(offset) (*(temp_variable *)((char *) EX(Ts) + offset))\n\n"); out($f,"#undef ZEND_VM_CONTINUE\n\n"); out($f,"#undef ZEND_VM_RETURN\n\n"); out($f,"#undef ZEND_VM_ENTER\n\n"); @@ -1202,8 +1285,30 @@ function gen_vm($def, $skel) { if (count($export) > 0 && !ZEND_VM_OLD_EXECUTOR && ZEND_VM_KIND != ZEND_VM_KIND_CALL) { + out($f,"#undef OPLINE\n"); + out($f,"#undef DCL_OPLINE\n"); + out($f,"#undef USE_OPLINE\n"); + out($f,"#undef LOAD_OPLINE\n"); + out($f,"#undef SAVE_OPLINE\n"); + out($f,"#define OPLINE EX(opline)\n"); + out($f,"#define DCL_OPLINE\n"); + out($f,"#define USE_OPLINE zend_op *opline = EX(opline);\n"); + out($f,"#define LOAD_OPLINE()\n"); + out($f,"#define SAVE_OPLINE()\n"); + out($f,"#undef CHECK_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION\n"); + out($f,"#undef HANDLE_EXCEPTION_LEAVE\n"); + out($f,"#define CHECK_EXCEPTION() LOAD_OPLINE()\n"); + out($f,"#define HANDLE_EXCEPTION() LOAD_OPLINE(); ZEND_VM_CONTINUE()\n"); + out($f,"#define HANDLE_EXCEPTION_LEAVE() LOAD_OPLINE(); ZEND_VM_LEAVE()\n"); out($f,"#undef EX\n"); out($f,"#define EX(element) execute_data->element\n\n"); + out($f,"#undef EX_CV\n"); + out($f,"#define EX_CV(var) EX(CVs)[var]\n"); + out($f,"#undef EX_CVs\n"); + out($f,"#define EX_CVs() EX(CVs)\n"); + out($f,"#undef EX_T\n"); + out($f,"#define EX_T(offset) (*(temp_variable *)((char *) EX(Ts) + offset))\n\n"); out($f,"#undef ZEND_VM_CONTINUE\n"); out($f,"#undef ZEND_VM_RETURN\n"); out($f,"#undef ZEND_VM_ENTER\n"); diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c index ebd180556b..baa93983a3 100644 --- a/ext/mbstring/mbstring.c +++ b/ext/mbstring/mbstring.c @@ -3168,7 +3168,7 @@ PHP_FUNCTION(mb_encode_mimeheader) mbfl_string_init(&result); ret = mbfl_mime_header_encode(&string, &result, charset, transenc, linefeed, indent); if (ret != NULL) { - RETVAL_STRINGL((char *)ret->val, ret->len, 0) /* the string is already strdup()'ed */ + RETVAL_STRINGL((char *)ret->val, ret->len, 0); /* the string is already strdup()'ed */ } else { RETVAL_FALSE; } @@ -3192,7 +3192,7 @@ PHP_FUNCTION(mb_decode_mimeheader) mbfl_string_init(&result); ret = mbfl_mime_header_decode(&string, &result, MBSTRG(current_internal_encoding)); if (ret != NULL) { - RETVAL_STRINGL((char *)ret->val, ret->len, 0) /* the string is already strdup()'ed */ + RETVAL_STRINGL((char *)ret->val, ret->len, 0); /* the string is already strdup()'ed */ } else { RETVAL_FALSE; } diff --git a/ext/standard/cyr_convert.c b/ext/standard/cyr_convert.c index f4ca7e8502..699d37e790 100644 --- a/ext/standard/cyr_convert.c +++ b/ext/standard/cyr_convert.c @@ -282,7 +282,7 @@ PHP_FUNCTION(convert_cyr_string) str = (unsigned char*) estrndup(input, input_len); php_convert_cyr_string(str, input_len, fr_cs[0], to_cs[0] TSRMLS_CC); - RETVAL_STRING((char *)str, 0) + RETVAL_STRING((char *)str, 0); } /* }}} */ -- 2.40.0