1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Nikita Popov <nikic@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include <zend_language_parser.h>
22 #include "zend.h"
23 #include "zend_attributes.h"
24 #include "zend_compile.h"
25 #include "zend_constants.h"
26 #include "zend_llist.h"
27 #include "zend_API.h"
28 #include "zend_exceptions.h"
29 #include "zend_interfaces.h"
30 #include "zend_virtual_cwd.h"
31 #include "zend_multibyte.h"
32 #include "zend_language_scanner.h"
33 #include "zend_inheritance.h"
34 #include "zend_vm.h"
35
36 #define SET_NODE(target, src) do { \
37 target ## _type = (src)->op_type; \
38 if ((src)->op_type == IS_CONST) { \
39 target.constant = zend_add_literal(&(src)->u.constant); \
40 } else { \
41 target = (src)->u.op; \
42 } \
43 } while (0)
44
45 #define GET_NODE(target, src) do { \
46 (target)->op_type = src ## _type; \
47 if ((target)->op_type == IS_CONST) { \
48 ZVAL_COPY_VALUE(&(target)->u.constant, CT_CONSTANT(src)); \
49 } else { \
50 (target)->u.op = src; \
51 } \
52 } while (0)
53
54 #define FC(member) (CG(file_context).member)
55
56 typedef struct _zend_loop_var {
57 zend_uchar opcode;
58 zend_uchar var_type;
59 uint32_t var_num;
60 uint32_t try_catch_offset;
61 } zend_loop_var;
62
zend_alloc_cache_slots(unsigned count)63 static inline uint32_t zend_alloc_cache_slots(unsigned count) {
64 if (count == 0) {
65 /* Even if no cache slots are desired, the VM handler may still want to acquire
66 * CACHE_ADDR() unconditionally. Returning zero makes sure that the address
67 * calculation is still legal and ubsan does not complain. */
68 return 0;
69 }
70
71 zend_op_array *op_array = CG(active_op_array);
72 uint32_t ret = op_array->cache_size;
73 op_array->cache_size += count * sizeof(void*);
74 return ret;
75 }
76
zend_alloc_cache_slot(void)77 static inline uint32_t zend_alloc_cache_slot(void) {
78 return zend_alloc_cache_slots(1);
79 }
80
81 ZEND_API zend_op_array *(*zend_compile_file)(zend_file_handle *file_handle, int type);
82 ZEND_API zend_op_array *(*zend_compile_string)(zend_string *source_string, const char *filename);
83
84 #ifndef ZTS
85 ZEND_API zend_compiler_globals compiler_globals;
86 ZEND_API zend_executor_globals executor_globals;
87 #endif
88
89 static zend_op *zend_emit_op(znode *result, zend_uchar opcode, znode *op1, znode *op2);
90 static zend_bool zend_try_ct_eval_array(zval *result, zend_ast *ast);
91
init_op(zend_op * op)92 static void init_op(zend_op *op)
93 {
94 MAKE_NOP(op);
95 op->extended_value = 0;
96 op->lineno = CG(zend_lineno);
97 }
98
get_next_op_number(void)99 static zend_always_inline uint32_t get_next_op_number(void)
100 {
101 return CG(active_op_array)->last;
102 }
103
get_next_op(void)104 static zend_op *get_next_op(void)
105 {
106 zend_op_array *op_array = CG(active_op_array);
107 uint32_t next_op_num = op_array->last++;
108 zend_op *next_op;
109
110 if (UNEXPECTED(next_op_num >= CG(context).opcodes_size)) {
111 CG(context).opcodes_size *= 4;
112 op_array->opcodes = erealloc(op_array->opcodes, CG(context).opcodes_size * sizeof(zend_op));
113 }
114
115 next_op = &(op_array->opcodes[next_op_num]);
116
117 init_op(next_op);
118
119 return next_op;
120 }
121
get_next_brk_cont_element(void)122 static zend_brk_cont_element *get_next_brk_cont_element(void)
123 {
124 CG(context).last_brk_cont++;
125 CG(context).brk_cont_array = erealloc(CG(context).brk_cont_array, sizeof(zend_brk_cont_element) * CG(context).last_brk_cont);
126 return &CG(context).brk_cont_array[CG(context).last_brk_cont-1];
127 }
128
zend_destroy_property_info_internal(zval * zv)129 static void zend_destroy_property_info_internal(zval *zv) /* {{{ */
130 {
131 zend_property_info *property_info = Z_PTR_P(zv);
132
133 zend_string_release(property_info->name);
134 zend_type_release(property_info->type, /* persistent */ 1);
135 free(property_info);
136 }
137 /* }}} */
138
zend_build_runtime_definition_key(zend_string * name,uint32_t start_lineno)139 static zend_string *zend_build_runtime_definition_key(zend_string *name, uint32_t start_lineno) /* {{{ */
140 {
141 zend_string *filename = CG(active_op_array)->filename;
142 zend_string *result = zend_strpprintf(0, "%c%s%s:%" PRIu32 "$%" PRIx32,
143 '\0', ZSTR_VAL(name), ZSTR_VAL(filename), start_lineno, CG(rtd_key_counter)++);
144 return zend_new_interned_string(result);
145 }
146 /* }}} */
147
zend_get_unqualified_name(const zend_string * name,const char ** result,size_t * result_len)148 static zend_bool zend_get_unqualified_name(const zend_string *name, const char **result, size_t *result_len) /* {{{ */
149 {
150 const char *ns_separator = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
151 if (ns_separator != NULL) {
152 *result = ns_separator + 1;
153 *result_len = ZSTR_VAL(name) + ZSTR_LEN(name) - *result;
154 return 1;
155 }
156
157 return 0;
158 }
159 /* }}} */
160
161 struct reserved_class_name {
162 const char *name;
163 size_t len;
164 };
165 static const struct reserved_class_name reserved_class_names[] = {
166 {ZEND_STRL("bool")},
167 {ZEND_STRL("false")},
168 {ZEND_STRL("float")},
169 {ZEND_STRL("int")},
170 {ZEND_STRL("null")},
171 {ZEND_STRL("parent")},
172 {ZEND_STRL("self")},
173 {ZEND_STRL("static")},
174 {ZEND_STRL("string")},
175 {ZEND_STRL("true")},
176 {ZEND_STRL("void")},
177 {ZEND_STRL("iterable")},
178 {ZEND_STRL("object")},
179 {ZEND_STRL("mixed")},
180 {NULL, 0}
181 };
182
zend_is_reserved_class_name(const zend_string * name)183 static zend_bool zend_is_reserved_class_name(const zend_string *name) /* {{{ */
184 {
185 const struct reserved_class_name *reserved = reserved_class_names;
186
187 const char *uqname = ZSTR_VAL(name);
188 size_t uqname_len = ZSTR_LEN(name);
189 zend_get_unqualified_name(name, &uqname, &uqname_len);
190
191 for (; reserved->name; ++reserved) {
192 if (uqname_len == reserved->len
193 && zend_binary_strcasecmp(uqname, uqname_len, reserved->name, reserved->len) == 0
194 ) {
195 return 1;
196 }
197 }
198
199 return 0;
200 }
201 /* }}} */
202
zend_assert_valid_class_name(const zend_string * name)203 void zend_assert_valid_class_name(const zend_string *name) /* {{{ */
204 {
205 if (zend_is_reserved_class_name(name)) {
206 zend_error_noreturn(E_COMPILE_ERROR,
207 "Cannot use '%s' as class name as it is reserved", ZSTR_VAL(name));
208 }
209 }
210 /* }}} */
211
212 typedef struct _builtin_type_info {
213 const char* name;
214 const size_t name_len;
215 const zend_uchar type;
216 } builtin_type_info;
217
218 static const builtin_type_info builtin_types[] = {
219 {ZEND_STRL("null"), IS_NULL},
220 {ZEND_STRL("false"), IS_FALSE},
221 {ZEND_STRL("int"), IS_LONG},
222 {ZEND_STRL("float"), IS_DOUBLE},
223 {ZEND_STRL("string"), IS_STRING},
224 {ZEND_STRL("bool"), _IS_BOOL},
225 {ZEND_STRL("void"), IS_VOID},
226 {ZEND_STRL("iterable"), IS_ITERABLE},
227 {ZEND_STRL("object"), IS_OBJECT},
228 {ZEND_STRL("mixed"), IS_MIXED},
229 {NULL, 0, IS_UNDEF}
230 };
231
232 typedef struct {
233 const char *name;
234 size_t name_len;
235 const char *correct_name;
236 } confusable_type_info;
237
238 static const confusable_type_info confusable_types[] = {
239 {ZEND_STRL("boolean"), "bool"},
240 {ZEND_STRL("integer"), "int"},
241 {ZEND_STRL("double"), "float"},
242 {ZEND_STRL("resource"), NULL},
243 {NULL, 0, NULL},
244 };
245
zend_lookup_builtin_type_by_name(const zend_string * name)246 static zend_always_inline zend_uchar zend_lookup_builtin_type_by_name(const zend_string *name) /* {{{ */
247 {
248 const builtin_type_info *info = &builtin_types[0];
249
250 for (; info->name; ++info) {
251 if (ZSTR_LEN(name) == info->name_len
252 && zend_binary_strcasecmp(ZSTR_VAL(name), ZSTR_LEN(name), info->name, info->name_len) == 0
253 ) {
254 return info->type;
255 }
256 }
257
258 return 0;
259 }
260 /* }}} */
261
zend_is_confusable_type(const zend_string * name,const char ** correct_name)262 static zend_always_inline zend_bool zend_is_confusable_type(const zend_string *name, const char **correct_name) /* {{{ */
263 {
264 const confusable_type_info *info = confusable_types;
265
266 /* Intentionally using case-sensitive comparison here, because "integer" is likely intended
267 * as a scalar type, while "Integer" is likely a class type. */
268 for (; info->name; ++info) {
269 if (ZSTR_LEN(name) == info->name_len
270 && memcmp(ZSTR_VAL(name), info->name, info->name_len) == 0
271 ) {
272 *correct_name = info->correct_name;
273 return 1;
274 }
275 }
276
277 return 0;
278 }
279 /* }}} */
280
zend_is_not_imported(zend_string * name)281 static zend_bool zend_is_not_imported(zend_string *name) {
282 /* Assuming "name" is unqualified here. */
283 return !FC(imports) || zend_hash_find_ptr_lc(FC(imports), name) == NULL;
284 }
285
zend_oparray_context_begin(zend_oparray_context * prev_context)286 void zend_oparray_context_begin(zend_oparray_context *prev_context) /* {{{ */
287 {
288 *prev_context = CG(context);
289 CG(context).opcodes_size = INITIAL_OP_ARRAY_SIZE;
290 CG(context).vars_size = 0;
291 CG(context).literals_size = 0;
292 CG(context).fast_call_var = -1;
293 CG(context).try_catch_offset = -1;
294 CG(context).current_brk_cont = -1;
295 CG(context).last_brk_cont = 0;
296 CG(context).brk_cont_array = NULL;
297 CG(context).labels = NULL;
298 }
299 /* }}} */
300
zend_oparray_context_end(zend_oparray_context * prev_context)301 void zend_oparray_context_end(zend_oparray_context *prev_context) /* {{{ */
302 {
303 if (CG(context).brk_cont_array) {
304 efree(CG(context).brk_cont_array);
305 CG(context).brk_cont_array = NULL;
306 }
307 if (CG(context).labels) {
308 zend_hash_destroy(CG(context).labels);
309 FREE_HASHTABLE(CG(context).labels);
310 CG(context).labels = NULL;
311 }
312 CG(context) = *prev_context;
313 }
314 /* }}} */
315
zend_reset_import_tables(void)316 static void zend_reset_import_tables(void) /* {{{ */
317 {
318 if (FC(imports)) {
319 zend_hash_destroy(FC(imports));
320 efree(FC(imports));
321 FC(imports) = NULL;
322 }
323
324 if (FC(imports_function)) {
325 zend_hash_destroy(FC(imports_function));
326 efree(FC(imports_function));
327 FC(imports_function) = NULL;
328 }
329
330 if (FC(imports_const)) {
331 zend_hash_destroy(FC(imports_const));
332 efree(FC(imports_const));
333 FC(imports_const) = NULL;
334 }
335 }
336 /* }}} */
337
zend_end_namespace(void)338 static void zend_end_namespace(void) /* {{{ */ {
339 FC(in_namespace) = 0;
340 zend_reset_import_tables();
341 if (FC(current_namespace)) {
342 zend_string_release_ex(FC(current_namespace), 0);
343 FC(current_namespace) = NULL;
344 }
345 }
346 /* }}} */
347
zend_file_context_begin(zend_file_context * prev_context)348 void zend_file_context_begin(zend_file_context *prev_context) /* {{{ */
349 {
350 *prev_context = CG(file_context);
351 FC(imports) = NULL;
352 FC(imports_function) = NULL;
353 FC(imports_const) = NULL;
354 FC(current_namespace) = NULL;
355 FC(in_namespace) = 0;
356 FC(has_bracketed_namespaces) = 0;
357 FC(declarables).ticks = 0;
358 zend_hash_init(&FC(seen_symbols), 8, NULL, NULL, 0);
359 }
360 /* }}} */
361
zend_file_context_end(zend_file_context * prev_context)362 void zend_file_context_end(zend_file_context *prev_context) /* {{{ */
363 {
364 zend_end_namespace();
365 zend_hash_destroy(&FC(seen_symbols));
366 CG(file_context) = *prev_context;
367 }
368 /* }}} */
369
zend_init_compiler_data_structures(void)370 void zend_init_compiler_data_structures(void) /* {{{ */
371 {
372 zend_stack_init(&CG(loop_var_stack), sizeof(zend_loop_var));
373 zend_stack_init(&CG(delayed_oplines_stack), sizeof(zend_op));
374 zend_stack_init(&CG(short_circuiting_opnums), sizeof(uint32_t));
375 CG(active_class_entry) = NULL;
376 CG(in_compilation) = 0;
377 CG(skip_shebang) = 0;
378
379 CG(encoding_declared) = 0;
380 CG(memoized_exprs) = NULL;
381 CG(memoize_mode) = 0;
382 }
383 /* }}} */
384
zend_register_seen_symbol(zend_string * name,uint32_t kind)385 static void zend_register_seen_symbol(zend_string *name, uint32_t kind) {
386 zval *zv = zend_hash_find(&FC(seen_symbols), name);
387 if (zv) {
388 Z_LVAL_P(zv) |= kind;
389 } else {
390 zval tmp;
391 ZVAL_LONG(&tmp, kind);
392 zend_hash_add_new(&FC(seen_symbols), name, &tmp);
393 }
394 }
395
zend_have_seen_symbol(zend_string * name,uint32_t kind)396 static zend_bool zend_have_seen_symbol(zend_string *name, uint32_t kind) {
397 zval *zv = zend_hash_find(&FC(seen_symbols), name);
398 return zv && (Z_LVAL_P(zv) & kind) != 0;
399 }
400
file_handle_dtor(zend_file_handle * fh)401 ZEND_API void file_handle_dtor(zend_file_handle *fh) /* {{{ */
402 {
403
404 zend_file_handle_dtor(fh);
405 }
406 /* }}} */
407
init_compiler(void)408 void init_compiler(void) /* {{{ */
409 {
410 CG(arena) = zend_arena_create(64 * 1024);
411 CG(active_op_array) = NULL;
412 memset(&CG(context), 0, sizeof(CG(context)));
413 zend_init_compiler_data_structures();
414 zend_init_rsrc_list();
415 zend_llist_init(&CG(open_files), sizeof(zend_file_handle), (void (*)(void *)) file_handle_dtor, 0);
416 CG(unclean_shutdown) = 0;
417
418 CG(delayed_variance_obligations) = NULL;
419 CG(delayed_autoloads) = NULL;
420 }
421 /* }}} */
422
shutdown_compiler(void)423 void shutdown_compiler(void) /* {{{ */
424 {
425 /* Reset filename before destroying the arena, as file cache may use arena allocated strings. */
426 zend_restore_compiled_filename(NULL);
427
428 zend_stack_destroy(&CG(loop_var_stack));
429 zend_stack_destroy(&CG(delayed_oplines_stack));
430 zend_stack_destroy(&CG(short_circuiting_opnums));
431 zend_arena_destroy(CG(arena));
432
433 if (CG(delayed_variance_obligations)) {
434 zend_hash_destroy(CG(delayed_variance_obligations));
435 FREE_HASHTABLE(CG(delayed_variance_obligations));
436 CG(delayed_variance_obligations) = NULL;
437 }
438 if (CG(delayed_autoloads)) {
439 zend_hash_destroy(CG(delayed_autoloads));
440 FREE_HASHTABLE(CG(delayed_autoloads));
441 CG(delayed_autoloads) = NULL;
442 }
443 }
444 /* }}} */
445
zend_set_compiled_filename(zend_string * new_compiled_filename)446 ZEND_API zend_string *zend_set_compiled_filename(zend_string *new_compiled_filename) /* {{{ */
447 {
448 CG(compiled_filename) = zend_string_copy(new_compiled_filename);
449 return new_compiled_filename;
450 }
451 /* }}} */
452
zend_restore_compiled_filename(zend_string * original_compiled_filename)453 ZEND_API void zend_restore_compiled_filename(zend_string *original_compiled_filename) /* {{{ */
454 {
455 if (CG(compiled_filename)) {
456 zend_string_release(CG(compiled_filename));
457 CG(compiled_filename) = NULL;
458 }
459 CG(compiled_filename) = original_compiled_filename;
460 }
461 /* }}} */
462
zend_get_compiled_filename(void)463 ZEND_API zend_string *zend_get_compiled_filename(void) /* {{{ */
464 {
465 return CG(compiled_filename);
466 }
467 /* }}} */
468
zend_get_compiled_lineno(void)469 ZEND_API int zend_get_compiled_lineno(void) /* {{{ */
470 {
471 return CG(zend_lineno);
472 }
473 /* }}} */
474
zend_is_compiling(void)475 ZEND_API zend_bool zend_is_compiling(void) /* {{{ */
476 {
477 return CG(in_compilation);
478 }
479 /* }}} */
480
get_temporary_variable(void)481 static zend_always_inline uint32_t get_temporary_variable(void) /* {{{ */
482 {
483 return (uint32_t)CG(active_op_array)->T++;
484 }
485 /* }}} */
486
lookup_cv(zend_string * name)487 static int lookup_cv(zend_string *name) /* {{{ */{
488 zend_op_array *op_array = CG(active_op_array);
489 int i = 0;
490 zend_ulong hash_value = zend_string_hash_val(name);
491
492 while (i < op_array->last_var) {
493 if (ZSTR_H(op_array->vars[i]) == hash_value
494 && zend_string_equals(op_array->vars[i], name)) {
495 return EX_NUM_TO_VAR(i);
496 }
497 i++;
498 }
499 i = op_array->last_var;
500 op_array->last_var++;
501 if (op_array->last_var > CG(context).vars_size) {
502 CG(context).vars_size += 16; /* FIXME */
503 op_array->vars = erealloc(op_array->vars, CG(context).vars_size * sizeof(zend_string*));
504 }
505
506 op_array->vars[i] = zend_string_copy(name);
507 return EX_NUM_TO_VAR(i);
508 }
509 /* }}} */
510
zval_make_interned_string(zval * zv)511 static inline zend_string *zval_make_interned_string(zval *zv) /* {{{ */
512 {
513 ZEND_ASSERT(Z_TYPE_P(zv) == IS_STRING);
514 Z_STR_P(zv) = zend_new_interned_string(Z_STR_P(zv));
515 if (ZSTR_IS_INTERNED(Z_STR_P(zv))) {
516 Z_TYPE_FLAGS_P(zv) = 0;
517 }
518 return Z_STR_P(zv);
519 }
520
521 /* Common part of zend_add_literal and zend_append_individual_literal */
zend_insert_literal(zend_op_array * op_array,zval * zv,int literal_position)522 static inline void zend_insert_literal(zend_op_array *op_array, zval *zv, int literal_position) /* {{{ */
523 {
524 zval *lit = CT_CONSTANT_EX(op_array, literal_position);
525 if (Z_TYPE_P(zv) == IS_STRING) {
526 zval_make_interned_string(zv);
527 }
528 ZVAL_COPY_VALUE(lit, zv);
529 Z_EXTRA_P(lit) = 0;
530 }
531 /* }}} */
532
533 /* Is used while compiling a function, using the context to keep track
534 of an approximate size to avoid to relocate to often.
535 Literals are truncated to actual size in the second compiler pass (pass_two()). */
zend_add_literal(zval * zv)536 static int zend_add_literal(zval *zv) /* {{{ */
537 {
538 zend_op_array *op_array = CG(active_op_array);
539 int i = op_array->last_literal;
540 op_array->last_literal++;
541 if (i >= CG(context).literals_size) {
542 while (i >= CG(context).literals_size) {
543 CG(context).literals_size += 16; /* FIXME */
544 }
545 op_array->literals = (zval*)erealloc(op_array->literals, CG(context).literals_size * sizeof(zval));
546 }
547 zend_insert_literal(op_array, zv, i);
548 return i;
549 }
550 /* }}} */
551
zend_add_literal_string(zend_string ** str)552 static inline int zend_add_literal_string(zend_string **str) /* {{{ */
553 {
554 int ret;
555 zval zv;
556 ZVAL_STR(&zv, *str);
557 ret = zend_add_literal(&zv);
558 *str = Z_STR(zv);
559 return ret;
560 }
561 /* }}} */
562
zend_add_func_name_literal(zend_string * name)563 static int zend_add_func_name_literal(zend_string *name) /* {{{ */
564 {
565 /* Original name */
566 int ret = zend_add_literal_string(&name);
567
568 /* Lowercased name */
569 zend_string *lc_name = zend_string_tolower(name);
570 zend_add_literal_string(&lc_name);
571
572 return ret;
573 }
574 /* }}} */
575
zend_add_ns_func_name_literal(zend_string * name)576 static int zend_add_ns_func_name_literal(zend_string *name) /* {{{ */
577 {
578 const char *unqualified_name;
579 size_t unqualified_name_len;
580
581 /* Original name */
582 int ret = zend_add_literal_string(&name);
583
584 /* Lowercased name */
585 zend_string *lc_name = zend_string_tolower(name);
586 zend_add_literal_string(&lc_name);
587
588 /* Lowercased unqualfied name */
589 if (zend_get_unqualified_name(name, &unqualified_name, &unqualified_name_len)) {
590 lc_name = zend_string_alloc(unqualified_name_len, 0);
591 zend_str_tolower_copy(ZSTR_VAL(lc_name), unqualified_name, unqualified_name_len);
592 zend_add_literal_string(&lc_name);
593 }
594
595 return ret;
596 }
597 /* }}} */
598
zend_add_class_name_literal(zend_string * name)599 static int zend_add_class_name_literal(zend_string *name) /* {{{ */
600 {
601 /* Original name */
602 int ret = zend_add_literal_string(&name);
603
604 /* Lowercased name */
605 zend_string *lc_name = zend_string_tolower(name);
606 zend_add_literal_string(&lc_name);
607
608 return ret;
609 }
610 /* }}} */
611
zend_add_const_name_literal(zend_string * name,zend_bool unqualified)612 static int zend_add_const_name_literal(zend_string *name, zend_bool unqualified) /* {{{ */
613 {
614 zend_string *tmp_name;
615
616 int ret = zend_add_literal_string(&name);
617
618 size_t ns_len = 0, after_ns_len = ZSTR_LEN(name);
619 const char *after_ns = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
620 if (after_ns) {
621 after_ns += 1;
622 ns_len = after_ns - ZSTR_VAL(name) - 1;
623 after_ns_len = ZSTR_LEN(name) - ns_len - 1;
624
625 /* lowercased namespace name & original constant name */
626 tmp_name = zend_string_init(ZSTR_VAL(name), ZSTR_LEN(name), 0);
627 zend_str_tolower(ZSTR_VAL(tmp_name), ns_len);
628 zend_add_literal_string(&tmp_name);
629
630 if (!unqualified) {
631 return ret;
632 }
633 } else {
634 after_ns = ZSTR_VAL(name);
635 }
636
637 /* original unqualified constant name */
638 tmp_name = zend_string_init(after_ns, after_ns_len, 0);
639 zend_add_literal_string(&tmp_name);
640
641 return ret;
642 }
643 /* }}} */
644
645 #define LITERAL_STR(op, str) do { \
646 zval _c; \
647 ZVAL_STR(&_c, str); \
648 op.constant = zend_add_literal(&_c); \
649 } while (0)
650
zend_stop_lexing(void)651 void zend_stop_lexing(void)
652 {
653 if (LANG_SCNG(on_event)) {
654 LANG_SCNG(on_event)(ON_STOP, END, 0, NULL, 0, LANG_SCNG(on_event_context));
655 }
656
657 LANG_SCNG(yy_cursor) = LANG_SCNG(yy_limit);
658 }
659
zend_begin_loop(zend_uchar free_opcode,const znode * loop_var,zend_bool is_switch)660 static inline void zend_begin_loop(
661 zend_uchar free_opcode, const znode *loop_var, zend_bool is_switch) /* {{{ */
662 {
663 zend_brk_cont_element *brk_cont_element;
664 int parent = CG(context).current_brk_cont;
665 zend_loop_var info = {0};
666
667 CG(context).current_brk_cont = CG(context).last_brk_cont;
668 brk_cont_element = get_next_brk_cont_element();
669 brk_cont_element->parent = parent;
670 brk_cont_element->is_switch = is_switch;
671
672 if (loop_var && (loop_var->op_type & (IS_VAR|IS_TMP_VAR))) {
673 uint32_t start = get_next_op_number();
674
675 info.opcode = free_opcode;
676 info.var_type = loop_var->op_type;
677 info.var_num = loop_var->u.op.var;
678 brk_cont_element->start = start;
679 } else {
680 info.opcode = ZEND_NOP;
681 /* The start field is used to free temporary variables in case of exceptions.
682 * We won't try to free something of we don't have loop variable. */
683 brk_cont_element->start = -1;
684 }
685
686 zend_stack_push(&CG(loop_var_stack), &info);
687 }
688 /* }}} */
689
zend_end_loop(int cont_addr,const znode * var_node)690 static inline void zend_end_loop(int cont_addr, const znode *var_node) /* {{{ */
691 {
692 uint32_t end = get_next_op_number();
693 zend_brk_cont_element *brk_cont_element
694 = &CG(context).brk_cont_array[CG(context).current_brk_cont];
695 brk_cont_element->cont = cont_addr;
696 brk_cont_element->brk = end;
697 CG(context).current_brk_cont = brk_cont_element->parent;
698
699 zend_stack_del_top(&CG(loop_var_stack));
700 }
701 /* }}} */
702
zend_do_free(znode * op1)703 void zend_do_free(znode *op1) /* {{{ */
704 {
705 if (op1->op_type == IS_TMP_VAR) {
706 zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
707
708 while (opline->opcode == ZEND_END_SILENCE ||
709 opline->opcode == ZEND_OP_DATA) {
710 opline--;
711 }
712
713 if (opline->result_type == IS_TMP_VAR && opline->result.var == op1->u.op.var) {
714 switch (opline->opcode) {
715 case ZEND_BOOL:
716 case ZEND_BOOL_NOT:
717 /* boolean resuls don't have to be freed */
718 return;
719 case ZEND_POST_INC_STATIC_PROP:
720 case ZEND_POST_DEC_STATIC_PROP:
721 case ZEND_POST_INC_OBJ:
722 case ZEND_POST_DEC_OBJ:
723 case ZEND_POST_INC:
724 case ZEND_POST_DEC:
725 /* convert $i++ to ++$i */
726 opline->opcode -= 2;
727 opline->result_type = IS_UNUSED;
728 return;
729 case ZEND_ASSIGN:
730 case ZEND_ASSIGN_DIM:
731 case ZEND_ASSIGN_OBJ:
732 case ZEND_ASSIGN_STATIC_PROP:
733 case ZEND_ASSIGN_OP:
734 case ZEND_ASSIGN_DIM_OP:
735 case ZEND_ASSIGN_OBJ_OP:
736 case ZEND_ASSIGN_STATIC_PROP_OP:
737 case ZEND_PRE_INC_STATIC_PROP:
738 case ZEND_PRE_DEC_STATIC_PROP:
739 case ZEND_PRE_INC_OBJ:
740 case ZEND_PRE_DEC_OBJ:
741 case ZEND_PRE_INC:
742 case ZEND_PRE_DEC:
743 opline->result_type = IS_UNUSED;
744 return;
745 }
746 }
747
748 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
749 } else if (op1->op_type == IS_VAR) {
750 zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
751 while (opline->opcode == ZEND_END_SILENCE ||
752 opline->opcode == ZEND_EXT_FCALL_END ||
753 opline->opcode == ZEND_OP_DATA) {
754 opline--;
755 }
756 if (opline->result_type == IS_VAR
757 && opline->result.var == op1->u.op.var) {
758 if (opline->opcode == ZEND_FETCH_THIS) {
759 opline->opcode = ZEND_NOP;
760 opline->result_type = IS_UNUSED;
761 } else {
762 opline->result_type = IS_UNUSED;
763 }
764 } else {
765 while (opline >= CG(active_op_array)->opcodes) {
766 if ((opline->opcode == ZEND_FETCH_LIST_R ||
767 opline->opcode == ZEND_FETCH_LIST_W) &&
768 opline->op1_type == IS_VAR &&
769 opline->op1.var == op1->u.op.var) {
770 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
771 return;
772 }
773 if (opline->result_type == IS_VAR
774 && opline->result.var == op1->u.op.var) {
775 if (opline->opcode == ZEND_NEW) {
776 zend_emit_op(NULL, ZEND_FREE, op1, NULL);
777 }
778 break;
779 }
780 opline--;
781 }
782 }
783 } else if (op1->op_type == IS_CONST) {
784 /* Destroy value without using GC: When opcache moves arrays into SHM it will
785 * free the zend_array structure, so references to it from outside the op array
786 * become invalid. GC would cause such a reference in the root buffer. */
787 zval_ptr_dtor_nogc(&op1->u.constant);
788 }
789 }
790 /* }}} */
791
zend_add_class_modifier(uint32_t flags,uint32_t new_flag)792 uint32_t zend_add_class_modifier(uint32_t flags, uint32_t new_flag) /* {{{ */
793 {
794 uint32_t new_flags = flags | new_flag;
795 if ((flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flag & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) {
796 zend_throw_exception(zend_ce_compile_error,
797 "Multiple abstract modifiers are not allowed", 0);
798 return 0;
799 }
800 if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
801 zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
802 return 0;
803 }
804 if ((new_flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flags & ZEND_ACC_FINAL)) {
805 zend_throw_exception(zend_ce_compile_error,
806 "Cannot use the final modifier on an abstract class", 0);
807 return 0;
808 }
809 return new_flags;
810 }
811 /* }}} */
812
zend_add_member_modifier(uint32_t flags,uint32_t new_flag)813 uint32_t zend_add_member_modifier(uint32_t flags, uint32_t new_flag) /* {{{ */
814 {
815 uint32_t new_flags = flags | new_flag;
816 if ((flags & ZEND_ACC_PPP_MASK) && (new_flag & ZEND_ACC_PPP_MASK)) {
817 zend_throw_exception(zend_ce_compile_error,
818 "Multiple access type modifiers are not allowed", 0);
819 return 0;
820 }
821 if ((flags & ZEND_ACC_ABSTRACT) && (new_flag & ZEND_ACC_ABSTRACT)) {
822 zend_throw_exception(zend_ce_compile_error, "Multiple abstract modifiers are not allowed", 0);
823 return 0;
824 }
825 if ((flags & ZEND_ACC_STATIC) && (new_flag & ZEND_ACC_STATIC)) {
826 zend_throw_exception(zend_ce_compile_error, "Multiple static modifiers are not allowed", 0);
827 return 0;
828 }
829 if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
830 zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
831 return 0;
832 }
833 if ((new_flags & ZEND_ACC_ABSTRACT) && (new_flags & ZEND_ACC_FINAL)) {
834 zend_throw_exception(zend_ce_compile_error,
835 "Cannot use the final modifier on an abstract class member", 0);
836 return 0;
837 }
838 return new_flags;
839 }
840 /* }}} */
841
zend_create_member_string(zend_string * class_name,zend_string * member_name)842 ZEND_API zend_string *zend_create_member_string(zend_string *class_name, zend_string *member_name) {
843 return zend_string_concat3(
844 ZSTR_VAL(class_name), ZSTR_LEN(class_name),
845 "::", sizeof("::") - 1,
846 ZSTR_VAL(member_name), ZSTR_LEN(member_name));
847 }
848
zend_concat_names(char * name1,size_t name1_len,char * name2,size_t name2_len)849 zend_string *zend_concat_names(char *name1, size_t name1_len, char *name2, size_t name2_len) {
850 return zend_string_concat3(name1, name1_len, "\\", 1, name2, name2_len);
851 }
852
zend_prefix_with_ns(zend_string * name)853 zend_string *zend_prefix_with_ns(zend_string *name) {
854 if (FC(current_namespace)) {
855 zend_string *ns = FC(current_namespace);
856 return zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
857 } else {
858 return zend_string_copy(name);
859 }
860 }
861
zend_resolve_non_class_name(zend_string * name,uint32_t type,zend_bool * is_fully_qualified,zend_bool case_sensitive,HashTable * current_import_sub)862 zend_string *zend_resolve_non_class_name(
863 zend_string *name, uint32_t type, zend_bool *is_fully_qualified,
864 zend_bool case_sensitive, HashTable *current_import_sub
865 ) {
866 char *compound;
867 *is_fully_qualified = 0;
868
869 if (ZSTR_VAL(name)[0] == '\\') {
870 /* Remove \ prefix (only relevant if this is a string rather than a label) */
871 *is_fully_qualified = 1;
872 return zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
873 }
874
875 if (type == ZEND_NAME_FQ) {
876 *is_fully_qualified = 1;
877 return zend_string_copy(name);
878 }
879
880 if (type == ZEND_NAME_RELATIVE) {
881 *is_fully_qualified = 1;
882 return zend_prefix_with_ns(name);
883 }
884
885 if (current_import_sub) {
886 /* If an unqualified name is a function/const alias, replace it. */
887 zend_string *import_name;
888 if (case_sensitive) {
889 import_name = zend_hash_find_ptr(current_import_sub, name);
890 } else {
891 import_name = zend_hash_find_ptr_lc(current_import_sub, name);
892 }
893
894 if (import_name) {
895 *is_fully_qualified = 1;
896 return zend_string_copy(import_name);
897 }
898 }
899
900 compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
901 if (compound) {
902 *is_fully_qualified = 1;
903 }
904
905 if (compound && FC(imports)) {
906 /* If the first part of a qualified name is an alias, substitute it. */
907 size_t len = compound - ZSTR_VAL(name);
908 zend_string *import_name = zend_hash_str_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
909
910 if (import_name) {
911 return zend_concat_names(
912 ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
913 }
914 }
915
916 return zend_prefix_with_ns(name);
917 }
918 /* }}} */
919
zend_resolve_function_name(zend_string * name,uint32_t type,zend_bool * is_fully_qualified)920 zend_string *zend_resolve_function_name(zend_string *name, uint32_t type, zend_bool *is_fully_qualified) /* {{{ */
921 {
922 return zend_resolve_non_class_name(
923 name, type, is_fully_qualified, 0, FC(imports_function));
924 }
925 /* }}} */
926
zend_resolve_const_name(zend_string * name,uint32_t type,zend_bool * is_fully_qualified)927 zend_string *zend_resolve_const_name(zend_string *name, uint32_t type, zend_bool *is_fully_qualified) /* {{{ */ {
928 return zend_resolve_non_class_name(
929 name, type, is_fully_qualified, 1, FC(imports_const));
930 }
931 /* }}} */
932
zend_resolve_class_name(zend_string * name,uint32_t type)933 zend_string *zend_resolve_class_name(zend_string *name, uint32_t type) /* {{{ */
934 {
935 char *compound;
936
937 if (type == ZEND_NAME_RELATIVE) {
938 return zend_prefix_with_ns(name);
939 }
940
941 if (type == ZEND_NAME_FQ || ZSTR_VAL(name)[0] == '\\') {
942 /* Remove \ prefix (only relevant if this is a string rather than a label) */
943 if (ZSTR_VAL(name)[0] == '\\') {
944 name = zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
945 } else {
946 zend_string_addref(name);
947 }
948 /* Ensure that \self, \parent and \static are not used */
949 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type(name)) {
950 zend_error_noreturn(E_COMPILE_ERROR, "'\\%s' is an invalid class name", ZSTR_VAL(name));
951 }
952 return name;
953 }
954
955 if (FC(imports)) {
956 compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
957 if (compound) {
958 /* If the first part of a qualified name is an alias, substitute it. */
959 size_t len = compound - ZSTR_VAL(name);
960 zend_string *import_name =
961 zend_hash_str_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
962
963 if (import_name) {
964 return zend_concat_names(
965 ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
966 }
967 } else {
968 /* If an unqualified name is an alias, replace it. */
969 zend_string *import_name
970 = zend_hash_find_ptr_lc(FC(imports), name);
971
972 if (import_name) {
973 return zend_string_copy(import_name);
974 }
975 }
976 }
977
978 /* If not fully qualified and not an alias, prepend the current namespace */
979 return zend_prefix_with_ns(name);
980 }
981 /* }}} */
982
zend_resolve_class_name_ast(zend_ast * ast)983 zend_string *zend_resolve_class_name_ast(zend_ast *ast) /* {{{ */
984 {
985 zval *class_name = zend_ast_get_zval(ast);
986 if (Z_TYPE_P(class_name) != IS_STRING) {
987 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
988 }
989 return zend_resolve_class_name(Z_STR_P(class_name), ast->attr);
990 }
991 /* }}} */
992
label_ptr_dtor(zval * zv)993 static void label_ptr_dtor(zval *zv) /* {{{ */
994 {
995 efree_size(Z_PTR_P(zv), sizeof(zend_label));
996 }
997 /* }}} */
998
str_dtor(zval * zv)999 static void str_dtor(zval *zv) /* {{{ */ {
1000 zend_string_release_ex(Z_STR_P(zv), 0);
1001 }
1002 /* }}} */
1003
1004 static zend_bool zend_is_call(zend_ast *ast);
1005
zend_add_try_element(uint32_t try_op)1006 static uint32_t zend_add_try_element(uint32_t try_op) /* {{{ */
1007 {
1008 zend_op_array *op_array = CG(active_op_array);
1009 uint32_t try_catch_offset = op_array->last_try_catch++;
1010 zend_try_catch_element *elem;
1011
1012 op_array->try_catch_array = safe_erealloc(
1013 op_array->try_catch_array, sizeof(zend_try_catch_element), op_array->last_try_catch, 0);
1014
1015 elem = &op_array->try_catch_array[try_catch_offset];
1016 elem->try_op = try_op;
1017 elem->catch_op = 0;
1018 elem->finally_op = 0;
1019 elem->finally_end = 0;
1020
1021 return try_catch_offset;
1022 }
1023 /* }}} */
1024
function_add_ref(zend_function * function)1025 ZEND_API void function_add_ref(zend_function *function) /* {{{ */
1026 {
1027 if (function->type == ZEND_USER_FUNCTION) {
1028 zend_op_array *op_array = &function->op_array;
1029
1030 if (op_array->refcount) {
1031 (*op_array->refcount)++;
1032 }
1033 if (op_array->static_variables
1034 && !(GC_FLAGS(op_array->static_variables) & IS_ARRAY_IMMUTABLE)) {
1035 GC_ADDREF(op_array->static_variables);
1036 }
1037
1038 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
1039 ZEND_ASSERT(op_array->fn_flags & ZEND_ACC_PRELOADED);
1040 ZEND_MAP_PTR_NEW(op_array->run_time_cache);
1041 ZEND_MAP_PTR_NEW(op_array->static_variables_ptr);
1042 } else {
1043 ZEND_MAP_PTR_INIT(op_array->static_variables_ptr, &op_array->static_variables);
1044 ZEND_MAP_PTR_INIT(op_array->run_time_cache, zend_arena_alloc(&CG(arena), sizeof(void*)));
1045 ZEND_MAP_PTR_SET(op_array->run_time_cache, NULL);
1046 }
1047 }
1048
1049 if (function->common.function_name) {
1050 zend_string_addref(function->common.function_name);
1051 }
1052 }
1053 /* }}} */
1054
do_bind_function_error(zend_string * lcname,zend_op_array * op_array,zend_bool compile_time)1055 static zend_never_inline ZEND_COLD ZEND_NORETURN void do_bind_function_error(zend_string *lcname, zend_op_array *op_array, zend_bool compile_time) /* {{{ */
1056 {
1057 zval *zv = zend_hash_find_ex(compile_time ? CG(function_table) : EG(function_table), lcname, 1);
1058 int error_level = compile_time ? E_COMPILE_ERROR : E_ERROR;
1059 zend_function *old_function;
1060
1061 ZEND_ASSERT(zv != NULL);
1062 old_function = (zend_function*)Z_PTR_P(zv);
1063 if (old_function->type == ZEND_USER_FUNCTION
1064 && old_function->op_array.last > 0) {
1065 zend_error_noreturn(error_level, "Cannot redeclare %s() (previously declared in %s:%d)",
1066 op_array ? ZSTR_VAL(op_array->function_name) : ZSTR_VAL(old_function->common.function_name),
1067 ZSTR_VAL(old_function->op_array.filename),
1068 old_function->op_array.opcodes[0].lineno);
1069 } else {
1070 zend_error_noreturn(error_level, "Cannot redeclare %s()",
1071 op_array ? ZSTR_VAL(op_array->function_name) : ZSTR_VAL(old_function->common.function_name));
1072 }
1073 }
1074
do_bind_function(zval * lcname)1075 ZEND_API zend_result do_bind_function(zval *lcname) /* {{{ */
1076 {
1077 zend_function *function;
1078 zval *rtd_key, *zv;
1079
1080 rtd_key = lcname + 1;
1081 zv = zend_hash_find_ex(EG(function_table), Z_STR_P(rtd_key), 1);
1082 if (UNEXPECTED(!zv)) {
1083 do_bind_function_error(Z_STR_P(lcname), NULL, 0);
1084 return FAILURE;
1085 }
1086 function = (zend_function*)Z_PTR_P(zv);
1087 if (UNEXPECTED(function->common.fn_flags & ZEND_ACC_PRELOADED)
1088 && !(CG(compiler_options) & ZEND_COMPILE_PRELOAD)) {
1089 zv = zend_hash_add(EG(function_table), Z_STR_P(lcname), zv);
1090 } else {
1091 zv = zend_hash_set_bucket_key(EG(function_table), (Bucket*)zv, Z_STR_P(lcname));
1092 }
1093 if (UNEXPECTED(!zv)) {
1094 do_bind_function_error(Z_STR_P(lcname), &function->op_array, 0);
1095 return FAILURE;
1096 }
1097 return SUCCESS;
1098 }
1099 /* }}} */
1100
do_bind_class(zval * lcname,zend_string * lc_parent_name)1101 ZEND_API zend_result do_bind_class(zval *lcname, zend_string *lc_parent_name) /* {{{ */
1102 {
1103 zend_class_entry *ce;
1104 zval *rtd_key, *zv;
1105
1106 rtd_key = lcname + 1;
1107
1108 zv = zend_hash_find_ex(EG(class_table), Z_STR_P(rtd_key), 1);
1109
1110 if (UNEXPECTED(!zv)) {
1111 ce = zend_hash_find_ptr(EG(class_table), Z_STR_P(lcname));
1112 if (ce) {
1113 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1114 return FAILURE;
1115 } else {
1116 do {
1117 ZEND_ASSERT(EG(current_execute_data)->func->op_array.fn_flags & ZEND_ACC_PRELOADED);
1118 if (zend_preload_autoload
1119 && zend_preload_autoload(EG(current_execute_data)->func->op_array.filename) == SUCCESS) {
1120 zv = zend_hash_find_ex(EG(class_table), Z_STR_P(rtd_key), 1);
1121 if (EXPECTED(zv != NULL)) {
1122 break;
1123 }
1124 }
1125 zend_error_noreturn(E_ERROR, "Class %s wasn't preloaded", Z_STRVAL_P(lcname));
1126 return FAILURE;
1127 } while (0);
1128 }
1129 }
1130
1131 /* Register the derived class */
1132 ce = (zend_class_entry*)Z_PTR_P(zv);
1133 zv = zend_hash_set_bucket_key(EG(class_table), (Bucket*)zv, Z_STR_P(lcname));
1134 if (UNEXPECTED(!zv)) {
1135 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1136 return FAILURE;
1137 }
1138
1139 if (zend_do_link_class(ce, lc_parent_name) == FAILURE) {
1140 /* Reload bucket pointer, the hash table may have been reallocated */
1141 zv = zend_hash_find(EG(class_table), Z_STR_P(lcname));
1142 zend_hash_set_bucket_key(EG(class_table), (Bucket *) zv, Z_STR_P(rtd_key));
1143 return FAILURE;
1144 }
1145
1146 return SUCCESS;
1147 }
1148 /* }}} */
1149
add_type_string(zend_string * type,zend_string * new_type)1150 static zend_string *add_type_string(zend_string *type, zend_string *new_type) {
1151 zend_string *result;
1152 if (type == NULL) {
1153 return zend_string_copy(new_type);
1154 }
1155
1156 result = zend_string_concat3(
1157 ZSTR_VAL(type), ZSTR_LEN(type), "|", 1, ZSTR_VAL(new_type), ZSTR_LEN(new_type));
1158 zend_string_release(type);
1159 return result;
1160 }
1161
resolve_class_name(zend_string * name,zend_class_entry * scope)1162 static zend_string *resolve_class_name(zend_string *name, zend_class_entry *scope) {
1163 if (scope) {
1164 if (zend_string_equals_literal_ci(name, "self")) {
1165 name = scope->name;
1166 } else if (zend_string_equals_literal_ci(name, "parent") && scope->parent) {
1167 name = scope->parent->name;
1168 }
1169 }
1170
1171 /* The resolved name for anonymous classes contains null bytes. Cut off everything after the
1172 * null byte here, to avoid larger parts of the type being omitted by printing code later. */
1173 size_t len = strlen(ZSTR_VAL(name));
1174 if (len != ZSTR_LEN(name)) {
1175 ZEND_ASSERT(scope && "This should only happen with resolved types");
1176 return zend_string_init(ZSTR_VAL(name), len, 0);
1177 }
1178 return zend_string_copy(name);
1179 }
1180
zend_type_to_string_resolved(zend_type type,zend_class_entry * scope)1181 zend_string *zend_type_to_string_resolved(zend_type type, zend_class_entry *scope) {
1182 zend_string *str = NULL;
1183
1184 if (ZEND_TYPE_HAS_LIST(type)) {
1185 zend_type *list_type;
1186 ZEND_TYPE_LIST_FOREACH(ZEND_TYPE_LIST(type), list_type) {
1187 if (ZEND_TYPE_HAS_CE(*list_type)) {
1188 str = add_type_string(str, ZEND_TYPE_CE(*list_type)->name);
1189 } else {
1190 zend_string *resolved = resolve_class_name(ZEND_TYPE_NAME(*list_type), scope);
1191 str = add_type_string(str, resolved);
1192 zend_string_release(resolved);
1193 }
1194 } ZEND_TYPE_LIST_FOREACH_END();
1195 } else if (ZEND_TYPE_HAS_NAME(type)) {
1196 str = resolve_class_name(ZEND_TYPE_NAME(type), scope);
1197 } else if (ZEND_TYPE_HAS_CE(type)) {
1198 str = zend_string_copy(ZEND_TYPE_CE(type)->name);
1199 }
1200
1201 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
1202
1203 if (type_mask == MAY_BE_ANY) {
1204 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_MIXED));
1205
1206 return str;
1207 }
1208 if (type_mask & MAY_BE_STATIC) {
1209 zend_string *name = ZSTR_KNOWN(ZEND_STR_STATIC);
1210 if (scope) {
1211 zend_class_entry *called_scope = zend_get_called_scope(EG(current_execute_data));
1212 if (called_scope) {
1213 name = called_scope->name;
1214 }
1215 }
1216 str = add_type_string(str, name);
1217 }
1218 if (type_mask & MAY_BE_CALLABLE) {
1219 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_CALLABLE));
1220 }
1221 if (type_mask & MAY_BE_ITERABLE) {
1222 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_ITERABLE));
1223 }
1224 if (type_mask & MAY_BE_OBJECT) {
1225 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_OBJECT));
1226 }
1227 if (type_mask & MAY_BE_ARRAY) {
1228 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_ARRAY));
1229 }
1230 if (type_mask & MAY_BE_STRING) {
1231 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_STRING));
1232 }
1233 if (type_mask & MAY_BE_LONG) {
1234 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_INT));
1235 }
1236 if (type_mask & MAY_BE_DOUBLE) {
1237 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_FLOAT));
1238 }
1239 if ((type_mask & MAY_BE_BOOL) == MAY_BE_BOOL) {
1240 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_BOOL));
1241 } else if (type_mask & MAY_BE_FALSE) {
1242 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_FALSE));
1243 }
1244 if (type_mask & MAY_BE_VOID) {
1245 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_VOID));
1246 }
1247
1248 if (type_mask & MAY_BE_NULL) {
1249 zend_bool is_union = !str || memchr(ZSTR_VAL(str), '|', ZSTR_LEN(str)) != NULL;
1250 if (!is_union) {
1251 zend_string *nullable_str = zend_string_concat2("?", 1, ZSTR_VAL(str), ZSTR_LEN(str));
1252 zend_string_release(str);
1253 return nullable_str;
1254 }
1255
1256 str = add_type_string(str, ZSTR_KNOWN(ZEND_STR_NULL_LOWERCASE));
1257 }
1258 return str;
1259 }
1260
zend_type_to_string(zend_type type)1261 ZEND_API zend_string *zend_type_to_string(zend_type type) {
1262 return zend_type_to_string_resolved(type, NULL);
1263 }
1264
is_generator_compatible_class_type(zend_string * name)1265 static zend_bool is_generator_compatible_class_type(zend_string *name) {
1266 return zend_string_equals_literal_ci(name, "Traversable")
1267 || zend_string_equals_literal_ci(name, "Iterator")
1268 || zend_string_equals_literal_ci(name, "Generator");
1269 }
1270
zend_mark_function_as_generator()1271 static void zend_mark_function_as_generator() /* {{{ */
1272 {
1273 if (!CG(active_op_array)->function_name) {
1274 zend_error_noreturn(E_COMPILE_ERROR,
1275 "The \"yield\" expression can only be used inside a function");
1276 }
1277
1278 if (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
1279 zend_type return_type = CG(active_op_array)->arg_info[-1].type;
1280 zend_bool valid_type = (ZEND_TYPE_FULL_MASK(return_type) & (MAY_BE_ITERABLE | MAY_BE_OBJECT)) != 0;
1281 if (!valid_type) {
1282 zend_type *single_type;
1283 ZEND_TYPE_FOREACH(return_type, single_type) {
1284 if (ZEND_TYPE_HAS_NAME(*single_type)
1285 && is_generator_compatible_class_type(ZEND_TYPE_NAME(*single_type))) {
1286 valid_type = 1;
1287 break;
1288 }
1289 } ZEND_TYPE_FOREACH_END();
1290 }
1291
1292 if (!valid_type) {
1293 zend_string *str = zend_type_to_string(return_type);
1294 zend_error_noreturn(E_COMPILE_ERROR,
1295 "Generator return type must be a supertype of Generator, %s given",
1296 ZSTR_VAL(str));
1297 }
1298 }
1299
1300 CG(active_op_array)->fn_flags |= ZEND_ACC_GENERATOR;
1301 }
1302 /* }}} */
1303
zend_build_delayed_early_binding_list(const zend_op_array * op_array)1304 ZEND_API uint32_t zend_build_delayed_early_binding_list(const zend_op_array *op_array) /* {{{ */
1305 {
1306 if (op_array->fn_flags & ZEND_ACC_EARLY_BINDING) {
1307 uint32_t first_early_binding_opline = (uint32_t)-1;
1308 uint32_t *prev_opline_num = &first_early_binding_opline;
1309 zend_op *opline = op_array->opcodes;
1310 zend_op *end = opline + op_array->last;
1311
1312 while (opline < end) {
1313 if (opline->opcode == ZEND_DECLARE_CLASS_DELAYED) {
1314 *prev_opline_num = opline - op_array->opcodes;
1315 prev_opline_num = &opline->result.opline_num;
1316 }
1317 ++opline;
1318 }
1319 *prev_opline_num = -1;
1320 return first_early_binding_opline;
1321 }
1322 return (uint32_t)-1;
1323 }
1324 /* }}} */
1325
zend_do_delayed_early_binding(zend_op_array * op_array,uint32_t first_early_binding_opline)1326 ZEND_API void zend_do_delayed_early_binding(zend_op_array *op_array, uint32_t first_early_binding_opline) /* {{{ */
1327 {
1328 if (first_early_binding_opline != (uint32_t)-1) {
1329 zend_bool orig_in_compilation = CG(in_compilation);
1330 uint32_t opline_num = first_early_binding_opline;
1331 void **run_time_cache;
1332
1333 if (!ZEND_MAP_PTR(op_array->run_time_cache)) {
1334 void *ptr;
1335
1336 ZEND_ASSERT(op_array->fn_flags & ZEND_ACC_HEAP_RT_CACHE);
1337 ptr = emalloc(op_array->cache_size + sizeof(void*));
1338 ZEND_MAP_PTR_INIT(op_array->run_time_cache, ptr);
1339 ptr = (char*)ptr + sizeof(void*);
1340 ZEND_MAP_PTR_SET(op_array->run_time_cache, ptr);
1341 memset(ptr, 0, op_array->cache_size);
1342 }
1343 run_time_cache = RUN_TIME_CACHE(op_array);
1344
1345 CG(in_compilation) = 1;
1346 while (opline_num != (uint32_t)-1) {
1347 const zend_op *opline = &op_array->opcodes[opline_num];
1348 zval *lcname = RT_CONSTANT(opline, opline->op1);
1349 zval *zv = zend_hash_find_ex(EG(class_table), Z_STR_P(lcname + 1), 1);
1350
1351 if (zv) {
1352 zend_class_entry *ce = Z_CE_P(zv);
1353 zend_string *lc_parent_name = Z_STR_P(RT_CONSTANT(opline, opline->op2));
1354 zend_class_entry *parent_ce = zend_hash_find_ex_ptr(EG(class_table), lc_parent_name, 1);
1355
1356 if (parent_ce) {
1357 if (zend_try_early_bind(ce, parent_ce, Z_STR_P(lcname), zv)) {
1358 /* Store in run-time cache */
1359 ((void**)((char*)run_time_cache + opline->extended_value))[0] = ce;
1360 }
1361 }
1362 }
1363 opline_num = op_array->opcodes[opline_num].result.opline_num;
1364 }
1365 CG(in_compilation) = orig_in_compilation;
1366 }
1367 }
1368 /* }}} */
1369
zend_mangle_property_name(const char * src1,size_t src1_length,const char * src2,size_t src2_length,bool internal)1370 ZEND_API zend_string *zend_mangle_property_name(const char *src1, size_t src1_length, const char *src2, size_t src2_length, bool internal) /* {{{ */
1371 {
1372 size_t prop_name_length = 1 + src1_length + 1 + src2_length;
1373 zend_string *prop_name = zend_string_alloc(prop_name_length, internal);
1374
1375 ZSTR_VAL(prop_name)[0] = '\0';
1376 memcpy(ZSTR_VAL(prop_name) + 1, src1, src1_length+1);
1377 memcpy(ZSTR_VAL(prop_name) + 1 + src1_length + 1, src2, src2_length+1);
1378 return prop_name;
1379 }
1380 /* }}} */
1381
zend_strnlen(const char * s,size_t maxlen)1382 static zend_always_inline size_t zend_strnlen(const char* s, size_t maxlen) /* {{{ */
1383 {
1384 size_t len = 0;
1385 while (*s++ && maxlen--) len++;
1386 return len;
1387 }
1388 /* }}} */
1389
zend_unmangle_property_name_ex(const zend_string * name,const char ** class_name,const char ** prop_name,size_t * prop_len)1390 ZEND_API zend_result zend_unmangle_property_name_ex(const zend_string *name, const char **class_name, const char **prop_name, size_t *prop_len) /* {{{ */
1391 {
1392 size_t class_name_len;
1393 size_t anonclass_src_len;
1394
1395 *class_name = NULL;
1396
1397 if (!ZSTR_LEN(name) || ZSTR_VAL(name)[0] != '\0') {
1398 *prop_name = ZSTR_VAL(name);
1399 if (prop_len) {
1400 *prop_len = ZSTR_LEN(name);
1401 }
1402 return SUCCESS;
1403 }
1404 if (ZSTR_LEN(name) < 3 || ZSTR_VAL(name)[1] == '\0') {
1405 zend_error(E_NOTICE, "Illegal member variable name");
1406 *prop_name = ZSTR_VAL(name);
1407 if (prop_len) {
1408 *prop_len = ZSTR_LEN(name);
1409 }
1410 return FAILURE;
1411 }
1412
1413 class_name_len = zend_strnlen(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 2);
1414 if (class_name_len >= ZSTR_LEN(name) - 2 || ZSTR_VAL(name)[class_name_len + 1] != '\0') {
1415 zend_error(E_NOTICE, "Corrupt member variable name");
1416 *prop_name = ZSTR_VAL(name);
1417 if (prop_len) {
1418 *prop_len = ZSTR_LEN(name);
1419 }
1420 return FAILURE;
1421 }
1422
1423 *class_name = ZSTR_VAL(name) + 1;
1424 anonclass_src_len = zend_strnlen(*class_name + class_name_len + 1, ZSTR_LEN(name) - class_name_len - 2);
1425 if (class_name_len + anonclass_src_len + 2 != ZSTR_LEN(name)) {
1426 class_name_len += anonclass_src_len + 1;
1427 }
1428 *prop_name = ZSTR_VAL(name) + class_name_len + 2;
1429 if (prop_len) {
1430 *prop_len = ZSTR_LEN(name) - class_name_len - 2;
1431 }
1432 return SUCCESS;
1433 }
1434 /* }}} */
1435
can_ct_eval_const(zend_constant * c)1436 static zend_bool can_ct_eval_const(zend_constant *c) {
1437 if (ZEND_CONSTANT_FLAGS(c) & CONST_DEPRECATED) {
1438 return 0;
1439 }
1440 if ((ZEND_CONSTANT_FLAGS(c) & CONST_PERSISTENT)
1441 && !(CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION)
1442 && !((ZEND_CONSTANT_FLAGS(c) & CONST_NO_FILE_CACHE)
1443 && (CG(compiler_options) & ZEND_COMPILE_WITH_FILE_CACHE))) {
1444 return 1;
1445 }
1446 if (Z_TYPE(c->value) < IS_OBJECT
1447 && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1448 return 1;
1449 }
1450 return 0;
1451 }
1452
zend_try_ct_eval_const(zval * zv,zend_string * name,zend_bool is_fully_qualified)1453 static zend_bool zend_try_ct_eval_const(zval *zv, zend_string *name, zend_bool is_fully_qualified) /* {{{ */
1454 {
1455 zend_constant *c = zend_hash_find_ptr(EG(zend_constants), name);
1456 if (c && can_ct_eval_const(c)) {
1457 ZVAL_COPY_OR_DUP(zv, &c->value);
1458 return 1;
1459 }
1460
1461 {
1462 /* Substitute true, false and null (including unqualified usage in namespaces) */
1463 const char *lookup_name = ZSTR_VAL(name);
1464 size_t lookup_len = ZSTR_LEN(name);
1465
1466 if (!is_fully_qualified) {
1467 zend_get_unqualified_name(name, &lookup_name, &lookup_len);
1468 }
1469
1470 if ((c = zend_get_special_const(lookup_name, lookup_len))) {
1471 ZVAL_COPY_VALUE(zv, &c->value);
1472 return 1;
1473 }
1474
1475 return 0;
1476 }
1477 }
1478 /* }}} */
1479
zend_is_scope_known()1480 static inline zend_bool zend_is_scope_known() /* {{{ */
1481 {
1482 if (CG(active_op_array)->fn_flags & ZEND_ACC_CLOSURE) {
1483 /* Closures can be rebound to a different scope */
1484 return 0;
1485 }
1486
1487 if (!CG(active_class_entry)) {
1488 /* The scope is known if we're in a free function (no scope), but not if we're in
1489 * a file/eval (which inherits including/eval'ing scope). */
1490 return CG(active_op_array)->function_name != NULL;
1491 }
1492
1493 /* For traits self etc refers to the using class, not the trait itself */
1494 return (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) == 0;
1495 }
1496 /* }}} */
1497
class_name_refers_to_active_ce(zend_string * class_name,uint32_t fetch_type)1498 static inline zend_bool class_name_refers_to_active_ce(zend_string *class_name, uint32_t fetch_type) /* {{{ */
1499 {
1500 if (!CG(active_class_entry)) {
1501 return 0;
1502 }
1503 if (fetch_type == ZEND_FETCH_CLASS_SELF && zend_is_scope_known()) {
1504 return 1;
1505 }
1506 return fetch_type == ZEND_FETCH_CLASS_DEFAULT
1507 && zend_string_equals_ci(class_name, CG(active_class_entry)->name);
1508 }
1509 /* }}} */
1510
zend_get_class_fetch_type(zend_string * name)1511 uint32_t zend_get_class_fetch_type(zend_string *name) /* {{{ */
1512 {
1513 if (zend_string_equals_literal_ci(name, "self")) {
1514 return ZEND_FETCH_CLASS_SELF;
1515 } else if (zend_string_equals_literal_ci(name, "parent")) {
1516 return ZEND_FETCH_CLASS_PARENT;
1517 } else if (zend_string_equals_literal_ci(name, "static")) {
1518 return ZEND_FETCH_CLASS_STATIC;
1519 } else {
1520 return ZEND_FETCH_CLASS_DEFAULT;
1521 }
1522 }
1523 /* }}} */
1524
zend_get_class_fetch_type_ast(zend_ast * name_ast)1525 static uint32_t zend_get_class_fetch_type_ast(zend_ast *name_ast) /* {{{ */
1526 {
1527 /* Fully qualified names are always default refs */
1528 if (name_ast->attr == ZEND_NAME_FQ) {
1529 return ZEND_FETCH_CLASS_DEFAULT;
1530 }
1531
1532 return zend_get_class_fetch_type(zend_ast_get_str(name_ast));
1533 }
1534 /* }}} */
1535
zend_resolve_const_class_name_reference(zend_ast * ast,const char * type)1536 static zend_string *zend_resolve_const_class_name_reference(zend_ast *ast, const char *type)
1537 {
1538 zend_string *class_name = zend_ast_get_str(ast);
1539 if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type_ast(ast)) {
1540 zend_error_noreturn(E_COMPILE_ERROR,
1541 "Cannot use '%s' as %s, as it is reserved",
1542 ZSTR_VAL(class_name), type);
1543 }
1544 return zend_resolve_class_name(class_name, ast->attr);
1545 }
1546
zend_ensure_valid_class_fetch_type(uint32_t fetch_type)1547 static void zend_ensure_valid_class_fetch_type(uint32_t fetch_type) /* {{{ */
1548 {
1549 if (fetch_type != ZEND_FETCH_CLASS_DEFAULT && zend_is_scope_known()) {
1550 zend_class_entry *ce = CG(active_class_entry);
1551 if (!ce) {
1552 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"%s\" when no class scope is active",
1553 fetch_type == ZEND_FETCH_CLASS_SELF ? "self" :
1554 fetch_type == ZEND_FETCH_CLASS_PARENT ? "parent" : "static");
1555 } else if (fetch_type == ZEND_FETCH_CLASS_PARENT && !ce->parent_name) {
1556 zend_error_noreturn(E_COMPILE_ERROR,
1557 "Cannot use \"parent\" when current class scope has no parent");
1558 }
1559 }
1560 }
1561 /* }}} */
1562
zend_try_compile_const_expr_resolve_class_name(zval * zv,zend_ast * class_ast)1563 static zend_bool zend_try_compile_const_expr_resolve_class_name(zval *zv, zend_ast *class_ast) /* {{{ */
1564 {
1565 uint32_t fetch_type;
1566 zval *class_name;
1567
1568 if (class_ast->kind != ZEND_AST_ZVAL) {
1569 return 0;
1570 }
1571
1572 class_name = zend_ast_get_zval(class_ast);
1573
1574 if (Z_TYPE_P(class_name) != IS_STRING) {
1575 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
1576 }
1577
1578 fetch_type = zend_get_class_fetch_type(Z_STR_P(class_name));
1579 zend_ensure_valid_class_fetch_type(fetch_type);
1580
1581 switch (fetch_type) {
1582 case ZEND_FETCH_CLASS_SELF:
1583 if (CG(active_class_entry) && zend_is_scope_known()) {
1584 ZVAL_STR_COPY(zv, CG(active_class_entry)->name);
1585 return 1;
1586 }
1587 return 0;
1588 case ZEND_FETCH_CLASS_PARENT:
1589 if (CG(active_class_entry) && CG(active_class_entry)->parent_name
1590 && zend_is_scope_known()) {
1591 ZVAL_STR_COPY(zv, CG(active_class_entry)->parent_name);
1592 return 1;
1593 }
1594 return 0;
1595 case ZEND_FETCH_CLASS_STATIC:
1596 return 0;
1597 case ZEND_FETCH_CLASS_DEFAULT:
1598 ZVAL_STR(zv, zend_resolve_class_name_ast(class_ast));
1599 return 1;
1600 EMPTY_SWITCH_DEFAULT_CASE()
1601 }
1602 }
1603 /* }}} */
1604
1605 /* We don't use zend_verify_const_access because we need to deal with unlinked classes. */
zend_verify_ct_const_access(zend_class_constant * c,zend_class_entry * scope)1606 static zend_bool zend_verify_ct_const_access(zend_class_constant *c, zend_class_entry *scope)
1607 {
1608 if (Z_ACCESS_FLAGS(c->value) & ZEND_ACC_PUBLIC) {
1609 return 1;
1610 } else if (Z_ACCESS_FLAGS(c->value) & ZEND_ACC_PRIVATE) {
1611 return c->ce == scope;
1612 } else {
1613 zend_class_entry *ce = c->ce;
1614 while (1) {
1615 if (ce == scope) {
1616 return 1;
1617 }
1618 if (!ce->parent) {
1619 break;
1620 }
1621 if (ce->ce_flags & ZEND_ACC_RESOLVED_PARENT) {
1622 ce = ce->parent;
1623 } else {
1624 ce = zend_hash_find_ptr_lc(CG(class_table), ce->parent_name);
1625 if (!ce) {
1626 break;
1627 }
1628 }
1629 }
1630 /* Reverse case cannot be true during compilation */
1631 return 0;
1632 }
1633 }
1634
zend_try_ct_eval_class_const(zval * zv,zend_string * class_name,zend_string * name)1635 static zend_bool zend_try_ct_eval_class_const(zval *zv, zend_string *class_name, zend_string *name) /* {{{ */
1636 {
1637 uint32_t fetch_type = zend_get_class_fetch_type(class_name);
1638 zend_class_constant *cc;
1639 zval *c;
1640
1641 if (class_name_refers_to_active_ce(class_name, fetch_type)) {
1642 cc = zend_hash_find_ptr(&CG(active_class_entry)->constants_table, name);
1643 } else if (fetch_type == ZEND_FETCH_CLASS_DEFAULT && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1644 zend_class_entry *ce = zend_hash_find_ptr_lc(CG(class_table), class_name);
1645 if (ce) {
1646 cc = zend_hash_find_ptr(&ce->constants_table, name);
1647 } else {
1648 return 0;
1649 }
1650 } else {
1651 return 0;
1652 }
1653
1654 if (CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION) {
1655 return 0;
1656 }
1657
1658 if (!cc || !zend_verify_ct_const_access(cc, CG(active_class_entry))) {
1659 return 0;
1660 }
1661
1662 c = &cc->value;
1663
1664 /* Substitute case-sensitive (or lowercase) persistent class constants */
1665 if (Z_TYPE_P(c) < IS_OBJECT) {
1666 ZVAL_COPY_OR_DUP(zv, c);
1667 return 1;
1668 }
1669
1670 return 0;
1671 }
1672 /* }}} */
1673
zend_add_to_list(void * result,void * item)1674 static void zend_add_to_list(void *result, void *item) /* {{{ */
1675 {
1676 void** list = *(void**)result;
1677 size_t n = 0;
1678
1679 if (list) {
1680 while (list[n]) {
1681 n++;
1682 }
1683 }
1684
1685 list = erealloc(list, sizeof(void*) * (n+2));
1686
1687 list[n] = item;
1688 list[n+1] = NULL;
1689
1690 *(void**)result = list;
1691 }
1692 /* }}} */
1693
zend_do_extended_stmt(void)1694 void zend_do_extended_stmt(void) /* {{{ */
1695 {
1696 zend_op *opline;
1697
1698 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_STMT)) {
1699 return;
1700 }
1701
1702 opline = get_next_op();
1703
1704 opline->opcode = ZEND_EXT_STMT;
1705 }
1706 /* }}} */
1707
zend_do_extended_fcall_begin(void)1708 void zend_do_extended_fcall_begin(void) /* {{{ */
1709 {
1710 zend_op *opline;
1711
1712 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_FCALL)) {
1713 return;
1714 }
1715
1716 opline = get_next_op();
1717
1718 opline->opcode = ZEND_EXT_FCALL_BEGIN;
1719 }
1720 /* }}} */
1721
zend_do_extended_fcall_end(void)1722 void zend_do_extended_fcall_end(void) /* {{{ */
1723 {
1724 zend_op *opline;
1725
1726 if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_FCALL)) {
1727 return;
1728 }
1729
1730 opline = get_next_op();
1731
1732 opline->opcode = ZEND_EXT_FCALL_END;
1733 }
1734 /* }}} */
1735
zend_is_auto_global_str(const char * name,size_t len)1736 zend_bool zend_is_auto_global_str(const char *name, size_t len) /* {{{ */ {
1737 zend_auto_global *auto_global;
1738
1739 if ((auto_global = zend_hash_str_find_ptr(CG(auto_globals), name, len)) != NULL) {
1740 if (auto_global->armed) {
1741 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1742 }
1743 return 1;
1744 }
1745 return 0;
1746 }
1747 /* }}} */
1748
zend_is_auto_global(zend_string * name)1749 zend_bool zend_is_auto_global(zend_string *name) /* {{{ */
1750 {
1751 zend_auto_global *auto_global;
1752
1753 if ((auto_global = zend_hash_find_ptr(CG(auto_globals), name)) != NULL) {
1754 if (auto_global->armed) {
1755 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1756 }
1757 return 1;
1758 }
1759 return 0;
1760 }
1761 /* }}} */
1762
zend_register_auto_global(zend_string * name,zend_bool jit,zend_auto_global_callback auto_global_callback)1763 zend_result zend_register_auto_global(zend_string *name, zend_bool jit, zend_auto_global_callback auto_global_callback) /* {{{ */
1764 {
1765 zend_auto_global auto_global;
1766 zend_result retval;
1767
1768 auto_global.name = name;
1769 auto_global.auto_global_callback = auto_global_callback;
1770 auto_global.jit = jit;
1771
1772 retval = zend_hash_add_mem(CG(auto_globals), auto_global.name, &auto_global, sizeof(zend_auto_global)) != NULL ? SUCCESS : FAILURE;
1773
1774 return retval;
1775 }
1776 /* }}} */
1777
zend_activate_auto_globals(void)1778 ZEND_API void zend_activate_auto_globals(void) /* {{{ */
1779 {
1780 zend_auto_global *auto_global;
1781
1782 ZEND_HASH_FOREACH_PTR(CG(auto_globals), auto_global) {
1783 if (auto_global->jit) {
1784 auto_global->armed = 1;
1785 } else if (auto_global->auto_global_callback) {
1786 auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1787 } else {
1788 auto_global->armed = 0;
1789 }
1790 } ZEND_HASH_FOREACH_END();
1791 }
1792 /* }}} */
1793
zendlex(zend_parser_stack_elem * elem)1794 int ZEND_FASTCALL zendlex(zend_parser_stack_elem *elem) /* {{{ */
1795 {
1796 zval zv;
1797 int ret;
1798
1799 if (CG(increment_lineno)) {
1800 CG(zend_lineno)++;
1801 CG(increment_lineno) = 0;
1802 }
1803
1804 ret = lex_scan(&zv, elem);
1805 ZEND_ASSERT(!EG(exception) || ret == T_ERROR);
1806 return ret;
1807
1808 }
1809 /* }}} */
1810
zend_initialize_class_data(zend_class_entry * ce,zend_bool nullify_handlers)1811 ZEND_API void zend_initialize_class_data(zend_class_entry *ce, zend_bool nullify_handlers) /* {{{ */
1812 {
1813 zend_bool persistent_hashes = ce->type == ZEND_INTERNAL_CLASS;
1814
1815 ce->refcount = 1;
1816 ce->ce_flags = ZEND_ACC_CONSTANTS_UPDATED;
1817
1818 if (CG(compiler_options) & ZEND_COMPILE_GUARDS) {
1819 ce->ce_flags |= ZEND_ACC_USE_GUARDS;
1820 }
1821
1822 ce->default_properties_table = NULL;
1823 ce->default_static_members_table = NULL;
1824 zend_hash_init(&ce->properties_info, 8, NULL, (persistent_hashes ? zend_destroy_property_info_internal : NULL), persistent_hashes);
1825 zend_hash_init(&ce->constants_table, 8, NULL, NULL, persistent_hashes);
1826 zend_hash_init(&ce->function_table, 8, NULL, ZEND_FUNCTION_DTOR, persistent_hashes);
1827
1828 if (ce->type == ZEND_INTERNAL_CLASS) {
1829 ZEND_MAP_PTR_INIT(ce->static_members_table, NULL);
1830 } else {
1831 ZEND_MAP_PTR_INIT(ce->static_members_table, &ce->default_static_members_table);
1832 ce->info.user.doc_comment = NULL;
1833 }
1834
1835 ce->default_properties_count = 0;
1836 ce->default_static_members_count = 0;
1837 ce->properties_info_table = NULL;
1838 ce->attributes = NULL;
1839
1840 if (nullify_handlers) {
1841 ce->constructor = NULL;
1842 ce->destructor = NULL;
1843 ce->clone = NULL;
1844 ce->__get = NULL;
1845 ce->__set = NULL;
1846 ce->__unset = NULL;
1847 ce->__isset = NULL;
1848 ce->__call = NULL;
1849 ce->__callstatic = NULL;
1850 ce->__tostring = NULL;
1851 ce->__serialize = NULL;
1852 ce->__unserialize = NULL;
1853 ce->__debugInfo = NULL;
1854 ce->create_object = NULL;
1855 ce->get_iterator = NULL;
1856 ce->iterator_funcs_ptr = NULL;
1857 ce->get_static_method = NULL;
1858 ce->parent = NULL;
1859 ce->parent_name = NULL;
1860 ce->num_interfaces = 0;
1861 ce->interfaces = NULL;
1862 ce->num_traits = 0;
1863 ce->trait_names = NULL;
1864 ce->trait_aliases = NULL;
1865 ce->trait_precedences = NULL;
1866 ce->serialize = NULL;
1867 ce->unserialize = NULL;
1868 if (ce->type == ZEND_INTERNAL_CLASS) {
1869 ce->info.internal.module = NULL;
1870 ce->info.internal.builtin_functions = NULL;
1871 }
1872 }
1873 }
1874 /* }}} */
1875
zend_get_compiled_variable_name(const zend_op_array * op_array,uint32_t var)1876 ZEND_API zend_string *zend_get_compiled_variable_name(const zend_op_array *op_array, uint32_t var) /* {{{ */
1877 {
1878 return op_array->vars[EX_VAR_TO_NUM(var)];
1879 }
1880 /* }}} */
1881
zend_ast_append_str(zend_ast * left_ast,zend_ast * right_ast)1882 zend_ast *zend_ast_append_str(zend_ast *left_ast, zend_ast *right_ast) /* {{{ */
1883 {
1884 zval *left_zv = zend_ast_get_zval(left_ast);
1885 zend_string *left = Z_STR_P(left_zv);
1886 zend_string *right = zend_ast_get_str(right_ast);
1887
1888 zend_string *result;
1889 size_t left_len = ZSTR_LEN(left);
1890 size_t len = left_len + ZSTR_LEN(right) + 1; /* left\right */
1891
1892 result = zend_string_extend(left, len, 0);
1893 ZSTR_VAL(result)[left_len] = '\\';
1894 memcpy(&ZSTR_VAL(result)[left_len + 1], ZSTR_VAL(right), ZSTR_LEN(right));
1895 ZSTR_VAL(result)[len] = '\0';
1896 zend_string_release_ex(right, 0);
1897
1898 ZVAL_STR(left_zv, result);
1899 return left_ast;
1900 }
1901 /* }}} */
1902
zend_negate_num_string(zend_ast * ast)1903 zend_ast *zend_negate_num_string(zend_ast *ast) /* {{{ */
1904 {
1905 zval *zv = zend_ast_get_zval(ast);
1906 if (Z_TYPE_P(zv) == IS_LONG) {
1907 if (Z_LVAL_P(zv) == 0) {
1908 ZVAL_NEW_STR(zv, zend_string_init("-0", sizeof("-0")-1, 0));
1909 } else {
1910 ZEND_ASSERT(Z_LVAL_P(zv) > 0);
1911 Z_LVAL_P(zv) *= -1;
1912 }
1913 } else if (Z_TYPE_P(zv) == IS_STRING) {
1914 size_t orig_len = Z_STRLEN_P(zv);
1915 Z_STR_P(zv) = zend_string_extend(Z_STR_P(zv), orig_len + 1, 0);
1916 memmove(Z_STRVAL_P(zv) + 1, Z_STRVAL_P(zv), orig_len + 1);
1917 Z_STRVAL_P(zv)[0] = '-';
1918 } else {
1919 ZEND_UNREACHABLE();
1920 }
1921 return ast;
1922 }
1923 /* }}} */
1924
zend_verify_namespace(void)1925 void zend_verify_namespace(void) /* {{{ */
1926 {
1927 if (FC(has_bracketed_namespaces) && !FC(in_namespace)) {
1928 zend_error_noreturn(E_COMPILE_ERROR, "No code may exist outside of namespace {}");
1929 }
1930 }
1931 /* }}} */
1932
1933 /* {{{ zend_dirname
1934 Returns directory name component of path */
zend_dirname(char * path,size_t len)1935 ZEND_API size_t zend_dirname(char *path, size_t len)
1936 {
1937 register char *end = path + len - 1;
1938 unsigned int len_adjust = 0;
1939
1940 #ifdef ZEND_WIN32
1941 /* Note that on Win32 CWD is per drive (heritage from CP/M).
1942 * This means dirname("c:foo") maps to "c:." or "c:" - which means CWD on C: drive.
1943 */
1944 if ((2 <= len) && isalpha((int)((unsigned char *)path)[0]) && (':' == path[1])) {
1945 /* Skip over the drive spec (if any) so as not to change */
1946 path += 2;
1947 len_adjust += 2;
1948 if (2 == len) {
1949 /* Return "c:" on Win32 for dirname("c:").
1950 * It would be more consistent to return "c:."
1951 * but that would require making the string *longer*.
1952 */
1953 return len;
1954 }
1955 }
1956 #endif
1957
1958 if (len == 0) {
1959 /* Illegal use of this function */
1960 return 0;
1961 }
1962
1963 /* Strip trailing slashes */
1964 while (end >= path && IS_SLASH_P(end)) {
1965 end--;
1966 }
1967 if (end < path) {
1968 /* The path only contained slashes */
1969 path[0] = DEFAULT_SLASH;
1970 path[1] = '\0';
1971 return 1 + len_adjust;
1972 }
1973
1974 /* Strip filename */
1975 while (end >= path && !IS_SLASH_P(end)) {
1976 end--;
1977 }
1978 if (end < path) {
1979 /* No slash found, therefore return '.' */
1980 path[0] = '.';
1981 path[1] = '\0';
1982 return 1 + len_adjust;
1983 }
1984
1985 /* Strip slashes which came before the file name */
1986 while (end >= path && IS_SLASH_P(end)) {
1987 end--;
1988 }
1989 if (end < path) {
1990 path[0] = DEFAULT_SLASH;
1991 path[1] = '\0';
1992 return 1 + len_adjust;
1993 }
1994 *(end+1) = '\0';
1995
1996 return (size_t)(end + 1 - path) + len_adjust;
1997 }
1998 /* }}} */
1999
zend_adjust_for_fetch_type(zend_op * opline,znode * result,uint32_t type)2000 static void zend_adjust_for_fetch_type(zend_op *opline, znode *result, uint32_t type) /* {{{ */
2001 {
2002 zend_uchar factor = (opline->opcode == ZEND_FETCH_STATIC_PROP_R) ? 1 : 3;
2003
2004 switch (type) {
2005 case BP_VAR_R:
2006 opline->result_type = IS_TMP_VAR;
2007 result->op_type = IS_TMP_VAR;
2008 return;
2009 case BP_VAR_W:
2010 opline->opcode += 1 * factor;
2011 return;
2012 case BP_VAR_RW:
2013 opline->opcode += 2 * factor;
2014 return;
2015 case BP_VAR_IS:
2016 opline->result_type = IS_TMP_VAR;
2017 result->op_type = IS_TMP_VAR;
2018 opline->opcode += 3 * factor;
2019 return;
2020 case BP_VAR_FUNC_ARG:
2021 opline->opcode += 4 * factor;
2022 return;
2023 case BP_VAR_UNSET:
2024 opline->opcode += 5 * factor;
2025 return;
2026 EMPTY_SWITCH_DEFAULT_CASE()
2027 }
2028 }
2029 /* }}} */
2030
zend_make_var_result(znode * result,zend_op * opline)2031 static inline void zend_make_var_result(znode *result, zend_op *opline) /* {{{ */
2032 {
2033 opline->result_type = IS_VAR;
2034 opline->result.var = get_temporary_variable();
2035 GET_NODE(result, opline->result);
2036 }
2037 /* }}} */
2038
zend_make_tmp_result(znode * result,zend_op * opline)2039 static inline void zend_make_tmp_result(znode *result, zend_op *opline) /* {{{ */
2040 {
2041 opline->result_type = IS_TMP_VAR;
2042 opline->result.var = get_temporary_variable();
2043 GET_NODE(result, opline->result);
2044 }
2045 /* }}} */
2046
zend_emit_op(znode * result,zend_uchar opcode,znode * op1,znode * op2)2047 static zend_op *zend_emit_op(znode *result, zend_uchar opcode, znode *op1, znode *op2) /* {{{ */
2048 {
2049 zend_op *opline = get_next_op();
2050 opline->opcode = opcode;
2051
2052 if (op1 != NULL) {
2053 SET_NODE(opline->op1, op1);
2054 }
2055
2056 if (op2 != NULL) {
2057 SET_NODE(opline->op2, op2);
2058 }
2059
2060 if (result) {
2061 zend_make_var_result(result, opline);
2062 }
2063 return opline;
2064 }
2065 /* }}} */
2066
zend_emit_op_tmp(znode * result,zend_uchar opcode,znode * op1,znode * op2)2067 static zend_op *zend_emit_op_tmp(znode *result, zend_uchar opcode, znode *op1, znode *op2) /* {{{ */
2068 {
2069 zend_op *opline = get_next_op();
2070 opline->opcode = opcode;
2071
2072 if (op1 != NULL) {
2073 SET_NODE(opline->op1, op1);
2074 }
2075
2076 if (op2 != NULL) {
2077 SET_NODE(opline->op2, op2);
2078 }
2079
2080 if (result) {
2081 zend_make_tmp_result(result, opline);
2082 }
2083
2084 return opline;
2085 }
2086 /* }}} */
2087
zend_emit_tick(void)2088 static void zend_emit_tick(void) /* {{{ */
2089 {
2090 zend_op *opline;
2091
2092 /* This prevents a double TICK generated by the parser statement of "declare()" */
2093 if (CG(active_op_array)->last && CG(active_op_array)->opcodes[CG(active_op_array)->last - 1].opcode == ZEND_TICKS) {
2094 return;
2095 }
2096
2097 opline = get_next_op();
2098
2099 opline->opcode = ZEND_TICKS;
2100 opline->extended_value = FC(declarables).ticks;
2101 }
2102 /* }}} */
2103
zend_emit_op_data(znode * value)2104 static inline zend_op *zend_emit_op_data(znode *value) /* {{{ */
2105 {
2106 return zend_emit_op(NULL, ZEND_OP_DATA, value, NULL);
2107 }
2108 /* }}} */
2109
zend_emit_jump(uint32_t opnum_target)2110 static inline uint32_t zend_emit_jump(uint32_t opnum_target) /* {{{ */
2111 {
2112 uint32_t opnum = get_next_op_number();
2113 zend_op *opline = zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
2114 opline->op1.opline_num = opnum_target;
2115 return opnum;
2116 }
2117 /* }}} */
2118
zend_is_smart_branch(const zend_op * opline)2119 ZEND_API bool zend_is_smart_branch(const zend_op *opline) /* {{{ */
2120 {
2121 switch (opline->opcode) {
2122 case ZEND_IS_IDENTICAL:
2123 case ZEND_IS_NOT_IDENTICAL:
2124 case ZEND_IS_EQUAL:
2125 case ZEND_IS_NOT_EQUAL:
2126 case ZEND_IS_SMALLER:
2127 case ZEND_IS_SMALLER_OR_EQUAL:
2128 case ZEND_CASE:
2129 case ZEND_CASE_STRICT:
2130 case ZEND_ISSET_ISEMPTY_CV:
2131 case ZEND_ISSET_ISEMPTY_VAR:
2132 case ZEND_ISSET_ISEMPTY_DIM_OBJ:
2133 case ZEND_ISSET_ISEMPTY_PROP_OBJ:
2134 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
2135 case ZEND_INSTANCEOF:
2136 case ZEND_TYPE_CHECK:
2137 case ZEND_DEFINED:
2138 case ZEND_IN_ARRAY:
2139 case ZEND_ARRAY_KEY_EXISTS:
2140 return 1;
2141 default:
2142 return 0;
2143 }
2144 }
2145 /* }}} */
2146
zend_emit_cond_jump(zend_uchar opcode,znode * cond,uint32_t opnum_target)2147 static inline uint32_t zend_emit_cond_jump(zend_uchar opcode, znode *cond, uint32_t opnum_target) /* {{{ */
2148 {
2149 uint32_t opnum = get_next_op_number();
2150 zend_op *opline;
2151
2152 if (cond->op_type == IS_TMP_VAR && opnum > 0) {
2153 opline = CG(active_op_array)->opcodes + opnum - 1;
2154 if (opline->result_type == IS_TMP_VAR
2155 && opline->result.var == cond->u.op.var
2156 && zend_is_smart_branch(opline)) {
2157 if (opcode == ZEND_JMPZ) {
2158 opline->result_type = IS_TMP_VAR | IS_SMART_BRANCH_JMPZ;
2159 } else {
2160 ZEND_ASSERT(opcode == ZEND_JMPNZ);
2161 opline->result_type = IS_TMP_VAR | IS_SMART_BRANCH_JMPNZ;
2162 }
2163 }
2164 }
2165 opline = zend_emit_op(NULL, opcode, cond, NULL);
2166 opline->op2.opline_num = opnum_target;
2167 return opnum;
2168 }
2169 /* }}} */
2170
zend_update_jump_target(uint32_t opnum_jump,uint32_t opnum_target)2171 static inline void zend_update_jump_target(uint32_t opnum_jump, uint32_t opnum_target) /* {{{ */
2172 {
2173 zend_op *opline = &CG(active_op_array)->opcodes[opnum_jump];
2174 switch (opline->opcode) {
2175 case ZEND_JMP:
2176 opline->op1.opline_num = opnum_target;
2177 break;
2178 case ZEND_JMPZ:
2179 case ZEND_JMPNZ:
2180 case ZEND_JMPZ_EX:
2181 case ZEND_JMPNZ_EX:
2182 case ZEND_JMP_SET:
2183 case ZEND_COALESCE:
2184 case ZEND_JMP_NULL:
2185 opline->op2.opline_num = opnum_target;
2186 break;
2187 EMPTY_SWITCH_DEFAULT_CASE()
2188 }
2189 }
2190 /* }}} */
2191
zend_update_jump_target_to_next(uint32_t opnum_jump)2192 static inline void zend_update_jump_target_to_next(uint32_t opnum_jump) /* {{{ */
2193 {
2194 zend_update_jump_target(opnum_jump, get_next_op_number());
2195 }
2196 /* }}} */
2197
zend_delayed_emit_op(znode * result,zend_uchar opcode,znode * op1,znode * op2)2198 static inline zend_op *zend_delayed_emit_op(znode *result, zend_uchar opcode, znode *op1, znode *op2) /* {{{ */
2199 {
2200 zend_op tmp_opline;
2201
2202 init_op(&tmp_opline);
2203
2204 tmp_opline.opcode = opcode;
2205 if (op1 != NULL) {
2206 SET_NODE(tmp_opline.op1, op1);
2207 }
2208 if (op2 != NULL) {
2209 SET_NODE(tmp_opline.op2, op2);
2210 }
2211 if (result) {
2212 zend_make_var_result(result, &tmp_opline);
2213 }
2214
2215 zend_stack_push(&CG(delayed_oplines_stack), &tmp_opline);
2216 return zend_stack_top(&CG(delayed_oplines_stack));
2217 }
2218 /* }}} */
2219
zend_delayed_compile_begin(void)2220 static inline uint32_t zend_delayed_compile_begin(void) /* {{{ */
2221 {
2222 return zend_stack_count(&CG(delayed_oplines_stack));
2223 }
2224 /* }}} */
2225
zend_delayed_compile_end(uint32_t offset)2226 static zend_op *zend_delayed_compile_end(uint32_t offset) /* {{{ */
2227 {
2228 zend_op *opline = NULL, *oplines = zend_stack_base(&CG(delayed_oplines_stack));
2229 uint32_t i, count = zend_stack_count(&CG(delayed_oplines_stack));
2230
2231 ZEND_ASSERT(count >= offset);
2232 for (i = offset; i < count; ++i) {
2233 opline = get_next_op();
2234 memcpy(opline, &oplines[i], sizeof(zend_op));
2235 if (opline->opcode == ZEND_JMP_NULL) {
2236 uint32_t opnum = get_next_op_number() - 1;
2237 zend_stack_push(&CG(short_circuiting_opnums), &opnum);
2238 }
2239 }
2240
2241 CG(delayed_oplines_stack).top = offset;
2242 return opline;
2243 }
2244 /* }}} */
2245
zend_ast_kind_is_short_circuited(zend_ast_kind ast_kind)2246 static zend_bool zend_ast_kind_is_short_circuited(zend_ast_kind ast_kind)
2247 {
2248 switch (ast_kind) {
2249 case ZEND_AST_DIM:
2250 case ZEND_AST_PROP:
2251 case ZEND_AST_NULLSAFE_PROP:
2252 case ZEND_AST_STATIC_PROP:
2253 case ZEND_AST_METHOD_CALL:
2254 case ZEND_AST_NULLSAFE_METHOD_CALL:
2255 case ZEND_AST_STATIC_CALL:
2256 return 1;
2257 default:
2258 return 0;
2259 }
2260 }
2261
zend_ast_is_short_circuited(const zend_ast * ast)2262 static zend_bool zend_ast_is_short_circuited(const zend_ast *ast)
2263 {
2264 switch (ast->kind) {
2265 case ZEND_AST_DIM:
2266 case ZEND_AST_PROP:
2267 case ZEND_AST_STATIC_PROP:
2268 case ZEND_AST_METHOD_CALL:
2269 case ZEND_AST_STATIC_CALL:
2270 return zend_ast_is_short_circuited(ast->child[0]);
2271 case ZEND_AST_NULLSAFE_PROP:
2272 case ZEND_AST_NULLSAFE_METHOD_CALL:
2273 return 1;
2274 default:
2275 return 0;
2276 }
2277 }
2278
2279 /* Mark nodes that are an inner part of a short-circuiting chain.
2280 * We should not perform a "commit" on them, as it will be performed by the outer-most node.
2281 * We do this to avoid passing down an argument in various compile functions. */
2282
2283 #define ZEND_SHORT_CIRCUITING_INNER 0x8000
2284
zend_short_circuiting_mark_inner(zend_ast * ast)2285 static void zend_short_circuiting_mark_inner(zend_ast *ast) {
2286 if (zend_ast_kind_is_short_circuited(ast->kind)) {
2287 ast->attr |= ZEND_SHORT_CIRCUITING_INNER;
2288 }
2289 }
2290
zend_short_circuiting_checkpoint()2291 static uint32_t zend_short_circuiting_checkpoint()
2292 {
2293 return zend_stack_count(&CG(short_circuiting_opnums));
2294 }
2295
zend_short_circuiting_commit(uint32_t checkpoint,znode * result,zend_ast * ast)2296 static void zend_short_circuiting_commit(uint32_t checkpoint, znode *result, zend_ast *ast)
2297 {
2298 zend_bool is_short_circuited = zend_ast_kind_is_short_circuited(ast->kind)
2299 || ast->kind == ZEND_AST_ISSET || ast->kind == ZEND_AST_EMPTY;
2300 if (!is_short_circuited) {
2301 ZEND_ASSERT(zend_stack_count(&CG(short_circuiting_opnums)) == checkpoint
2302 && "Short circuiting stack should be empty");
2303 return;
2304 }
2305
2306 if (ast->attr & ZEND_SHORT_CIRCUITING_INNER) {
2307 /* Outer-most node will commit. */
2308 return;
2309 }
2310
2311 while (zend_stack_count(&CG(short_circuiting_opnums)) != checkpoint) {
2312 uint32_t opnum = *(uint32_t *) zend_stack_top(&CG(short_circuiting_opnums));
2313 zend_op *opline = &CG(active_op_array)->opcodes[opnum];
2314 opline->op2.opline_num = get_next_op_number();
2315 SET_NODE(opline->result, result);
2316 opline->extended_value =
2317 ast->kind == ZEND_AST_ISSET ? ZEND_SHORT_CIRCUITING_CHAIN_ISSET :
2318 ast->kind == ZEND_AST_EMPTY ? ZEND_SHORT_CIRCUITING_CHAIN_EMPTY :
2319 ZEND_SHORT_CIRCUITING_CHAIN_EXPR;
2320 zend_stack_del_top(&CG(short_circuiting_opnums));
2321 }
2322 }
2323
zend_emit_jmp_null(znode * obj_node)2324 static void zend_emit_jmp_null(znode *obj_node)
2325 {
2326 uint32_t jmp_null_opnum = get_next_op_number();
2327 zend_op *opline = zend_emit_op(NULL, ZEND_JMP_NULL, obj_node, NULL);
2328 if (opline->op1_type == IS_CONST) {
2329 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
2330 }
2331 zend_stack_push(&CG(short_circuiting_opnums), &jmp_null_opnum);
2332 }
2333
2334 #define ZEND_MEMOIZE_NONE 0
2335 #define ZEND_MEMOIZE_COMPILE 1
2336 #define ZEND_MEMOIZE_FETCH 2
2337
zend_compile_memoized_expr(znode * result,zend_ast * expr)2338 static void zend_compile_memoized_expr(znode *result, zend_ast *expr) /* {{{ */
2339 {
2340 int memoize_mode = CG(memoize_mode);
2341 if (memoize_mode == ZEND_MEMOIZE_COMPILE) {
2342 znode memoized_result;
2343
2344 /* Go through normal compilation */
2345 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
2346 zend_compile_expr(result, expr);
2347 CG(memoize_mode) = ZEND_MEMOIZE_COMPILE;
2348
2349 if (result->op_type == IS_VAR) {
2350 zend_emit_op(&memoized_result, ZEND_COPY_TMP, result, NULL);
2351 } else if (result->op_type == IS_TMP_VAR) {
2352 zend_emit_op_tmp(&memoized_result, ZEND_COPY_TMP, result, NULL);
2353 } else {
2354 if (result->op_type == IS_CONST) {
2355 Z_TRY_ADDREF(result->u.constant);
2356 }
2357 memoized_result = *result;
2358 }
2359
2360 zend_hash_index_update_mem(
2361 CG(memoized_exprs), (uintptr_t) expr, &memoized_result, sizeof(znode));
2362 } else if (memoize_mode == ZEND_MEMOIZE_FETCH) {
2363 znode *memoized_result = zend_hash_index_find_ptr(CG(memoized_exprs), (uintptr_t) expr);
2364 *result = *memoized_result;
2365 if (result->op_type == IS_CONST) {
2366 Z_TRY_ADDREF(result->u.constant);
2367 }
2368 } else {
2369 ZEND_UNREACHABLE();
2370 }
2371 }
2372 /* }}} */
2373
zend_type_get_num_classes(zend_type type)2374 static size_t zend_type_get_num_classes(zend_type type) {
2375 if (!ZEND_TYPE_HAS_CLASS(type)) {
2376 return 0;
2377 }
2378 if (ZEND_TYPE_HAS_LIST(type)) {
2379 return ZEND_TYPE_LIST(type)->num_types;
2380 }
2381 return 1;
2382 }
2383
zend_emit_return_type_check(znode * expr,zend_arg_info * return_info,zend_bool implicit)2384 static void zend_emit_return_type_check(
2385 znode *expr, zend_arg_info *return_info, zend_bool implicit) /* {{{ */
2386 {
2387 zend_type type = return_info->type;
2388 if (ZEND_TYPE_IS_SET(type)) {
2389 zend_op *opline;
2390
2391 /* `return ...;` is illegal in a void function (but `return;` isn't) */
2392 if (ZEND_TYPE_CONTAINS_CODE(type, IS_VOID)) {
2393 if (expr) {
2394 if (expr->op_type == IS_CONST && Z_TYPE(expr->u.constant) == IS_NULL) {
2395 zend_error_noreturn(E_COMPILE_ERROR,
2396 "A void function must not return a value "
2397 "(did you mean \"return;\" instead of \"return null;\"?)");
2398 } else {
2399 zend_error_noreturn(E_COMPILE_ERROR, "A void function must not return a value");
2400 }
2401 }
2402 /* we don't need run-time check */
2403 return;
2404 }
2405
2406 if (!expr && !implicit) {
2407 if (ZEND_TYPE_ALLOW_NULL(type)) {
2408 zend_error_noreturn(E_COMPILE_ERROR,
2409 "A function with return type must return a value "
2410 "(did you mean \"return null;\" instead of \"return;\"?)");
2411 } else {
2412 zend_error_noreturn(E_COMPILE_ERROR,
2413 "A function with return type must return a value");
2414 }
2415 }
2416
2417 if (expr && ZEND_TYPE_PURE_MASK(type) == MAY_BE_ANY) {
2418 /* we don't need run-time check for mixed return type */
2419 return;
2420 }
2421
2422 if (expr && expr->op_type == IS_CONST && ZEND_TYPE_CONTAINS_CODE(type, Z_TYPE(expr->u.constant))) {
2423 /* we don't need run-time check */
2424 return;
2425 }
2426
2427 opline = zend_emit_op(NULL, ZEND_VERIFY_RETURN_TYPE, expr, NULL);
2428 if (expr && expr->op_type == IS_CONST) {
2429 opline->result_type = expr->op_type = IS_TMP_VAR;
2430 opline->result.var = expr->u.op.var = get_temporary_variable();
2431 }
2432
2433 opline->op2.num = zend_alloc_cache_slots(zend_type_get_num_classes(return_info->type));
2434 }
2435 }
2436 /* }}} */
2437
zend_emit_final_return(bool return_one)2438 void zend_emit_final_return(bool return_one) /* {{{ */
2439 {
2440 znode zn;
2441 zend_op *ret;
2442 zend_bool returns_reference = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
2443
2444 if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE)
2445 && !(CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR)) {
2446 zend_emit_return_type_check(NULL, CG(active_op_array)->arg_info - 1, 1);
2447 }
2448
2449 zn.op_type = IS_CONST;
2450 if (return_one) {
2451 ZVAL_LONG(&zn.u.constant, 1);
2452 } else {
2453 ZVAL_NULL(&zn.u.constant);
2454 }
2455
2456 ret = zend_emit_op(NULL, returns_reference ? ZEND_RETURN_BY_REF : ZEND_RETURN, &zn, NULL);
2457 ret->extended_value = -1;
2458 }
2459 /* }}} */
2460
zend_is_variable(zend_ast * ast)2461 static inline zend_bool zend_is_variable(zend_ast *ast) /* {{{ */
2462 {
2463 return ast->kind == ZEND_AST_VAR
2464 || ast->kind == ZEND_AST_DIM
2465 || ast->kind == ZEND_AST_PROP
2466 || ast->kind == ZEND_AST_NULLSAFE_PROP
2467 || ast->kind == ZEND_AST_STATIC_PROP;
2468 }
2469 /* }}} */
2470
zend_is_call(zend_ast * ast)2471 static inline zend_bool zend_is_call(zend_ast *ast) /* {{{ */
2472 {
2473 return ast->kind == ZEND_AST_CALL
2474 || ast->kind == ZEND_AST_METHOD_CALL
2475 || ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL
2476 || ast->kind == ZEND_AST_STATIC_CALL;
2477 }
2478 /* }}} */
2479
zend_is_variable_or_call(zend_ast * ast)2480 static inline zend_bool zend_is_variable_or_call(zend_ast *ast) /* {{{ */
2481 {
2482 return zend_is_variable(ast) || zend_is_call(ast);
2483 }
2484 /* }}} */
2485
zend_is_unticked_stmt(zend_ast * ast)2486 static inline zend_bool zend_is_unticked_stmt(zend_ast *ast) /* {{{ */
2487 {
2488 return ast->kind == ZEND_AST_STMT_LIST || ast->kind == ZEND_AST_LABEL
2489 || ast->kind == ZEND_AST_PROP_DECL || ast->kind == ZEND_AST_CLASS_CONST_GROUP
2490 || ast->kind == ZEND_AST_USE_TRAIT || ast->kind == ZEND_AST_METHOD;
2491 }
2492 /* }}} */
2493
zend_can_write_to_variable(zend_ast * ast)2494 static inline zend_bool zend_can_write_to_variable(zend_ast *ast) /* {{{ */
2495 {
2496 while (
2497 ast->kind == ZEND_AST_DIM
2498 || ast->kind == ZEND_AST_PROP
2499 ) {
2500 ast = ast->child[0];
2501 }
2502
2503 return zend_is_variable_or_call(ast) && !zend_ast_is_short_circuited(ast);
2504 }
2505 /* }}} */
2506
zend_is_const_default_class_ref(zend_ast * name_ast)2507 static inline zend_bool zend_is_const_default_class_ref(zend_ast *name_ast) /* {{{ */
2508 {
2509 if (name_ast->kind != ZEND_AST_ZVAL) {
2510 return 0;
2511 }
2512
2513 return ZEND_FETCH_CLASS_DEFAULT == zend_get_class_fetch_type_ast(name_ast);
2514 }
2515 /* }}} */
2516
zend_handle_numeric_op(znode * node)2517 static inline void zend_handle_numeric_op(znode *node) /* {{{ */
2518 {
2519 if (node->op_type == IS_CONST && Z_TYPE(node->u.constant) == IS_STRING) {
2520 zend_ulong index;
2521
2522 if (ZEND_HANDLE_NUMERIC(Z_STR(node->u.constant), index)) {
2523 zval_ptr_dtor(&node->u.constant);
2524 ZVAL_LONG(&node->u.constant, index);
2525 }
2526 }
2527 }
2528 /* }}} */
2529
zend_handle_numeric_dim(zend_op * opline,znode * dim_node)2530 static inline void zend_handle_numeric_dim(zend_op *opline, znode *dim_node) /* {{{ */
2531 {
2532 if (Z_TYPE(dim_node->u.constant) == IS_STRING) {
2533 zend_ulong index;
2534
2535 if (ZEND_HANDLE_NUMERIC(Z_STR(dim_node->u.constant), index)) {
2536 /* For numeric indexes we also keep the original value to use by ArrayAccess
2537 * See bug #63217
2538 */
2539 int c = zend_add_literal(&dim_node->u.constant);
2540 ZEND_ASSERT(opline->op2.constant + 1 == c);
2541 ZVAL_LONG(CT_CONSTANT(opline->op2), index);
2542 Z_EXTRA_P(CT_CONSTANT(opline->op2)) = ZEND_EXTRA_VALUE;
2543 return;
2544 }
2545 }
2546 }
2547 /* }}} */
2548
zend_set_class_name_op1(zend_op * opline,znode * class_node)2549 static inline void zend_set_class_name_op1(zend_op *opline, znode *class_node) /* {{{ */
2550 {
2551 if (class_node->op_type == IS_CONST) {
2552 opline->op1_type = IS_CONST;
2553 opline->op1.constant = zend_add_class_name_literal(
2554 Z_STR(class_node->u.constant));
2555 } else {
2556 SET_NODE(opline->op1, class_node);
2557 }
2558 }
2559 /* }}} */
2560
zend_compile_class_ref(znode * result,zend_ast * name_ast,uint32_t fetch_flags)2561 static void zend_compile_class_ref(znode *result, zend_ast *name_ast, uint32_t fetch_flags) /* {{{ */
2562 {
2563 uint32_t fetch_type;
2564
2565 if (name_ast->kind != ZEND_AST_ZVAL) {
2566 znode name_node;
2567
2568 zend_compile_expr(&name_node, name_ast);
2569
2570 if (name_node.op_type == IS_CONST) {
2571 zend_string *name;
2572
2573 if (Z_TYPE(name_node.u.constant) != IS_STRING) {
2574 zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
2575 }
2576
2577 name = Z_STR(name_node.u.constant);
2578 fetch_type = zend_get_class_fetch_type(name);
2579
2580 if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
2581 result->op_type = IS_CONST;
2582 ZVAL_STR(&result->u.constant, zend_resolve_class_name(name, ZEND_NAME_FQ));
2583 } else {
2584 zend_ensure_valid_class_fetch_type(fetch_type);
2585 result->op_type = IS_UNUSED;
2586 result->u.op.num = fetch_type | fetch_flags;
2587 }
2588
2589 zend_string_release_ex(name, 0);
2590 } else {
2591 zend_op *opline = zend_emit_op(result, ZEND_FETCH_CLASS, NULL, &name_node);
2592 opline->op1.num = ZEND_FETCH_CLASS_DEFAULT | fetch_flags;
2593 }
2594 return;
2595 }
2596
2597 /* Fully qualified names are always default refs */
2598 if (name_ast->attr == ZEND_NAME_FQ) {
2599 result->op_type = IS_CONST;
2600 ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2601 return;
2602 }
2603
2604 fetch_type = zend_get_class_fetch_type(zend_ast_get_str(name_ast));
2605 if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
2606 result->op_type = IS_CONST;
2607 ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2608 } else {
2609 zend_ensure_valid_class_fetch_type(fetch_type);
2610 result->op_type = IS_UNUSED;
2611 result->u.op.num = fetch_type | fetch_flags;
2612 }
2613 }
2614 /* }}} */
2615
zend_try_compile_cv(znode * result,zend_ast * ast)2616 static zend_result zend_try_compile_cv(znode *result, zend_ast *ast) /* {{{ */
2617 {
2618 zend_ast *name_ast = ast->child[0];
2619 if (name_ast->kind == ZEND_AST_ZVAL) {
2620 zval *zv = zend_ast_get_zval(name_ast);
2621 zend_string *name;
2622
2623 if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
2624 name = zval_make_interned_string(zv);
2625 } else {
2626 name = zend_new_interned_string(zval_get_string_func(zv));
2627 }
2628
2629 if (zend_is_auto_global(name)) {
2630 return FAILURE;
2631 }
2632
2633 result->op_type = IS_CV;
2634 result->u.op.var = lookup_cv(name);
2635
2636 if (UNEXPECTED(Z_TYPE_P(zv) != IS_STRING)) {
2637 zend_string_release_ex(name, 0);
2638 }
2639
2640 return SUCCESS;
2641 }
2642
2643 return FAILURE;
2644 }
2645 /* }}} */
2646
zend_compile_simple_var_no_cv(znode * result,zend_ast * ast,uint32_t type,bool delayed)2647 static zend_op *zend_compile_simple_var_no_cv(znode *result, zend_ast *ast, uint32_t type, bool delayed) /* {{{ */
2648 {
2649 zend_ast *name_ast = ast->child[0];
2650 znode name_node;
2651 zend_op *opline;
2652
2653 zend_compile_expr(&name_node, name_ast);
2654 if (name_node.op_type == IS_CONST) {
2655 convert_to_string(&name_node.u.constant);
2656 }
2657
2658 if (delayed) {
2659 opline = zend_delayed_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2660 } else {
2661 opline = zend_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2662 }
2663
2664 if (name_node.op_type == IS_CONST &&
2665 zend_is_auto_global(Z_STR(name_node.u.constant))) {
2666
2667 opline->extended_value = ZEND_FETCH_GLOBAL;
2668 } else {
2669 opline->extended_value = ZEND_FETCH_LOCAL;
2670 }
2671
2672 zend_adjust_for_fetch_type(opline, result, type);
2673 return opline;
2674 }
2675 /* }}} */
2676
is_this_fetch(zend_ast * ast)2677 static zend_bool is_this_fetch(zend_ast *ast) /* {{{ */
2678 {
2679 if (ast->kind == ZEND_AST_VAR && ast->child[0]->kind == ZEND_AST_ZVAL) {
2680 zval *name = zend_ast_get_zval(ast->child[0]);
2681 return Z_TYPE_P(name) == IS_STRING && zend_string_equals_literal(Z_STR_P(name), "this");
2682 }
2683
2684 return 0;
2685 }
2686 /* }}} */
2687
this_guaranteed_exists()2688 static zend_bool this_guaranteed_exists() /* {{{ */
2689 {
2690 zend_op_array *op_array = CG(active_op_array);
2691 /* Instance methods always have a $this.
2692 * This also includes closures that have a scope and use $this. */
2693 return op_array->scope != NULL
2694 && (op_array->fn_flags & ZEND_ACC_STATIC) == 0;
2695 }
2696 /* }}} */
2697
zend_compile_simple_var(znode * result,zend_ast * ast,uint32_t type,bool delayed)2698 static zend_op *zend_compile_simple_var(znode *result, zend_ast *ast, uint32_t type, bool delayed) /* {{{ */
2699 {
2700 if (is_this_fetch(ast)) {
2701 zend_op *opline = zend_emit_op(result, ZEND_FETCH_THIS, NULL, NULL);
2702 if ((type == BP_VAR_R) || (type == BP_VAR_IS)) {
2703 opline->result_type = IS_TMP_VAR;
2704 result->op_type = IS_TMP_VAR;
2705 }
2706 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
2707 return opline;
2708 } else if (zend_try_compile_cv(result, ast) == FAILURE) {
2709 return zend_compile_simple_var_no_cv(result, ast, type, delayed);
2710 }
2711 return NULL;
2712 }
2713 /* }}} */
2714
zend_separate_if_call_and_write(znode * node,zend_ast * ast,uint32_t type)2715 static void zend_separate_if_call_and_write(znode *node, zend_ast *ast, uint32_t type) /* {{{ */
2716 {
2717 if (type != BP_VAR_R && type != BP_VAR_IS && zend_is_call(ast)) {
2718 if (node->op_type == IS_VAR) {
2719 zend_op *opline = zend_emit_op(NULL, ZEND_SEPARATE, node, NULL);
2720 opline->result_type = IS_VAR;
2721 opline->result.var = opline->op1.var;
2722 } else {
2723 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
2724 }
2725 }
2726 }
2727 /* }}} */
2728
2729 zend_op *zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type, zend_bool by_ref);
2730 void zend_compile_assign(znode *result, zend_ast *ast);
2731
zend_emit_assign_znode(zend_ast * var_ast,znode * value_node)2732 static inline void zend_emit_assign_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
2733 {
2734 znode dummy_node;
2735 zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN, var_ast,
2736 zend_ast_create_znode(value_node));
2737 zend_compile_expr(&dummy_node, assign_ast);
2738 zend_do_free(&dummy_node);
2739 }
2740 /* }}} */
2741
zend_delayed_compile_dim(znode * result,zend_ast * ast,uint32_t type)2742 static zend_op *zend_delayed_compile_dim(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2743 {
2744 if (ast->attr == ZEND_DIM_ALTERNATIVE_SYNTAX) {
2745 zend_error(E_COMPILE_ERROR, "Array and string offset access syntax with curly braces is no longer supported");
2746 }
2747 zend_ast *var_ast = ast->child[0];
2748 zend_ast *dim_ast = ast->child[1];
2749 zend_op *opline;
2750
2751 znode var_node, dim_node;
2752
2753 zend_short_circuiting_mark_inner(var_ast);
2754 opline = zend_delayed_compile_var(&var_node, var_ast, type, 0);
2755 if (opline && type == BP_VAR_W && (opline->opcode == ZEND_FETCH_STATIC_PROP_W || opline->opcode == ZEND_FETCH_OBJ_W)) {
2756 opline->extended_value |= ZEND_FETCH_DIM_WRITE;
2757 }
2758
2759 zend_separate_if_call_and_write(&var_node, var_ast, type);
2760
2761 if (dim_ast == NULL) {
2762 if (type == BP_VAR_R || type == BP_VAR_IS) {
2763 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
2764 }
2765 if (type == BP_VAR_UNSET) {
2766 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for unsetting");
2767 }
2768 dim_node.op_type = IS_UNUSED;
2769 } else {
2770 zend_compile_expr(&dim_node, dim_ast);
2771 }
2772
2773 opline = zend_delayed_emit_op(result, ZEND_FETCH_DIM_R, &var_node, &dim_node);
2774 zend_adjust_for_fetch_type(opline, result, type);
2775
2776 if (dim_node.op_type == IS_CONST) {
2777 zend_handle_numeric_dim(opline, &dim_node);
2778 }
2779 return opline;
2780 }
2781 /* }}} */
2782
zend_compile_dim(znode * result,zend_ast * ast,uint32_t type)2783 static zend_op *zend_compile_dim(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2784 {
2785 uint32_t offset = zend_delayed_compile_begin();
2786 zend_delayed_compile_dim(result, ast, type);
2787 return zend_delayed_compile_end(offset);
2788 }
2789 /* }}} */
2790
zend_delayed_compile_prop(znode * result,zend_ast * ast,uint32_t type)2791 static zend_op *zend_delayed_compile_prop(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2792 {
2793 zend_ast *obj_ast = ast->child[0];
2794 zend_ast *prop_ast = ast->child[1];
2795
2796 znode obj_node, prop_node;
2797 zend_op *opline;
2798 zend_bool nullsafe = ast->kind == ZEND_AST_NULLSAFE_PROP;
2799
2800 if (is_this_fetch(obj_ast)) {
2801 if (this_guaranteed_exists()) {
2802 obj_node.op_type = IS_UNUSED;
2803 } else {
2804 zend_emit_op(&obj_node, ZEND_FETCH_THIS, NULL, NULL);
2805 }
2806 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
2807
2808 /* We will throw if $this doesn't exist, so there's no need to emit a JMP_NULL
2809 * check for a nullsafe access. */
2810 } else {
2811 zend_short_circuiting_mark_inner(obj_ast);
2812 opline = zend_delayed_compile_var(&obj_node, obj_ast, type, 0);
2813 zend_separate_if_call_and_write(&obj_node, obj_ast, type);
2814 if (nullsafe) {
2815 /* We will push to the short_cirtcuiting_opnums stack in zend_delayed_compile_end(). */
2816 opline = zend_delayed_emit_op(NULL, ZEND_JMP_NULL, &obj_node, NULL);
2817 if (opline->op1_type == IS_CONST) {
2818 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
2819 }
2820 }
2821 }
2822
2823 zend_compile_expr(&prop_node, prop_ast);
2824
2825 opline = zend_delayed_emit_op(result, ZEND_FETCH_OBJ_R, &obj_node, &prop_node);
2826 if (opline->op2_type == IS_CONST) {
2827 convert_to_string(CT_CONSTANT(opline->op2));
2828 opline->extended_value = zend_alloc_cache_slots(3);
2829 }
2830
2831 zend_adjust_for_fetch_type(opline, result, type);
2832
2833 return opline;
2834 }
2835 /* }}} */
2836
zend_compile_prop(znode * result,zend_ast * ast,uint32_t type,bool by_ref)2837 static zend_op *zend_compile_prop(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
2838 {
2839 uint32_t offset = zend_delayed_compile_begin();
2840 zend_op *opline = zend_delayed_compile_prop(result, ast, type);
2841 if (by_ref) { /* shared with cache_slot */
2842 opline->extended_value |= ZEND_FETCH_REF;
2843 }
2844 return zend_delayed_compile_end(offset);
2845 }
2846 /* }}} */
2847
zend_compile_static_prop(znode * result,zend_ast * ast,uint32_t type,bool by_ref,bool delayed)2848 zend_op *zend_compile_static_prop(znode *result, zend_ast *ast, uint32_t type, bool by_ref, bool delayed) /* {{{ */
2849 {
2850 zend_ast *class_ast = ast->child[0];
2851 zend_ast *prop_ast = ast->child[1];
2852
2853 znode class_node, prop_node;
2854 zend_op *opline;
2855
2856 zend_short_circuiting_mark_inner(class_ast);
2857 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
2858
2859 zend_compile_expr(&prop_node, prop_ast);
2860
2861 if (delayed) {
2862 opline = zend_delayed_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
2863 } else {
2864 opline = zend_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
2865 }
2866 if (opline->op1_type == IS_CONST) {
2867 convert_to_string(CT_CONSTANT(opline->op1));
2868 opline->extended_value = zend_alloc_cache_slots(3);
2869 }
2870 if (class_node.op_type == IS_CONST) {
2871 opline->op2_type = IS_CONST;
2872 opline->op2.constant = zend_add_class_name_literal(
2873 Z_STR(class_node.u.constant));
2874 if (opline->op1_type != IS_CONST) {
2875 opline->extended_value = zend_alloc_cache_slot();
2876 }
2877 } else {
2878 SET_NODE(opline->op2, &class_node);
2879 }
2880
2881 if (by_ref && (type == BP_VAR_W || type == BP_VAR_FUNC_ARG)) { /* shared with cache_slot */
2882 opline->extended_value |= ZEND_FETCH_REF;
2883 }
2884
2885 zend_adjust_for_fetch_type(opline, result, type);
2886 return opline;
2887 }
2888 /* }}} */
2889
zend_verify_list_assign_target(zend_ast * var_ast,zend_ast_attr array_style)2890 static void zend_verify_list_assign_target(zend_ast *var_ast, zend_ast_attr array_style) /* {{{ */ {
2891 if (var_ast->kind == ZEND_AST_ARRAY) {
2892 if (var_ast->attr == ZEND_ARRAY_SYNTAX_LONG) {
2893 zend_error_noreturn(E_COMPILE_ERROR, "Cannot assign to array(), use [] instead");
2894 }
2895 if (array_style != var_ast->attr) {
2896 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix [] and list()");
2897 }
2898 } else if (!zend_can_write_to_variable(var_ast)) {
2899 zend_error_noreturn(E_COMPILE_ERROR, "Assignments can only happen to writable values");
2900 }
2901 }
2902 /* }}} */
2903
2904 static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node);
2905
2906 /* Propagate refs used on leaf elements to the surrounding list() structures. */
zend_propagate_list_refs(zend_ast * ast)2907 static zend_bool zend_propagate_list_refs(zend_ast *ast) { /* {{{ */
2908 zend_ast_list *list = zend_ast_get_list(ast);
2909 zend_bool has_refs = 0;
2910 uint32_t i;
2911
2912 for (i = 0; i < list->children; ++i) {
2913 zend_ast *elem_ast = list->child[i];
2914
2915 if (elem_ast) {
2916 zend_ast *var_ast = elem_ast->child[0];
2917 if (var_ast->kind == ZEND_AST_ARRAY) {
2918 elem_ast->attr = zend_propagate_list_refs(var_ast);
2919 }
2920 has_refs |= elem_ast->attr;
2921 }
2922 }
2923
2924 return has_refs;
2925 }
2926 /* }}} */
2927
zend_compile_list_assign(znode * result,zend_ast * ast,znode * expr_node,zend_ast_attr array_style)2928 static void zend_compile_list_assign(
2929 znode *result, zend_ast *ast, znode *expr_node, zend_ast_attr array_style) /* {{{ */
2930 {
2931 zend_ast_list *list = zend_ast_get_list(ast);
2932 uint32_t i;
2933 zend_bool has_elems = 0;
2934 zend_bool is_keyed =
2935 list->children > 0 && list->child[0] != NULL && list->child[0]->child[1] != NULL;
2936
2937 if (list->children && expr_node->op_type == IS_CONST && Z_TYPE(expr_node->u.constant) == IS_STRING) {
2938 zval_make_interned_string(&expr_node->u.constant);
2939 }
2940
2941 for (i = 0; i < list->children; ++i) {
2942 zend_ast *elem_ast = list->child[i];
2943 zend_ast *var_ast, *key_ast;
2944 znode fetch_result, dim_node;
2945 zend_op *opline;
2946
2947 if (elem_ast == NULL) {
2948 if (is_keyed) {
2949 zend_error(E_COMPILE_ERROR,
2950 "Cannot use empty array entries in keyed array assignment");
2951 } else {
2952 continue;
2953 }
2954 }
2955
2956 if (elem_ast->kind == ZEND_AST_UNPACK) {
2957 zend_error(E_COMPILE_ERROR,
2958 "Spread operator is not supported in assignments");
2959 }
2960
2961 var_ast = elem_ast->child[0];
2962 key_ast = elem_ast->child[1];
2963 has_elems = 1;
2964
2965 if (is_keyed) {
2966 if (key_ast == NULL) {
2967 zend_error(E_COMPILE_ERROR,
2968 "Cannot mix keyed and unkeyed array entries in assignments");
2969 }
2970
2971 zend_compile_expr(&dim_node, key_ast);
2972 } else {
2973 if (key_ast != NULL) {
2974 zend_error(E_COMPILE_ERROR,
2975 "Cannot mix keyed and unkeyed array entries in assignments");
2976 }
2977
2978 dim_node.op_type = IS_CONST;
2979 ZVAL_LONG(&dim_node.u.constant, i);
2980 }
2981
2982 if (expr_node->op_type == IS_CONST) {
2983 Z_TRY_ADDREF(expr_node->u.constant);
2984 }
2985
2986 zend_verify_list_assign_target(var_ast, array_style);
2987
2988 opline = zend_emit_op(&fetch_result,
2989 elem_ast->attr ? (expr_node->op_type == IS_CV ? ZEND_FETCH_DIM_W : ZEND_FETCH_LIST_W) : ZEND_FETCH_LIST_R, expr_node, &dim_node);
2990
2991 if (dim_node.op_type == IS_CONST) {
2992 zend_handle_numeric_dim(opline, &dim_node);
2993 }
2994
2995 if (elem_ast->attr) {
2996 zend_emit_op(&fetch_result, ZEND_MAKE_REF, &fetch_result, NULL);
2997 }
2998 if (var_ast->kind == ZEND_AST_ARRAY) {
2999 zend_compile_list_assign(NULL, var_ast, &fetch_result, var_ast->attr);
3000 } else if (elem_ast->attr) {
3001 zend_emit_assign_ref_znode(var_ast, &fetch_result);
3002 } else {
3003 zend_emit_assign_znode(var_ast, &fetch_result);
3004 }
3005 }
3006
3007 if (has_elems == 0) {
3008 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use empty list");
3009 }
3010
3011 if (result) {
3012 *result = *expr_node;
3013 } else {
3014 zend_do_free(expr_node);
3015 }
3016 }
3017 /* }}} */
3018
zend_ensure_writable_variable(const zend_ast * ast)3019 static void zend_ensure_writable_variable(const zend_ast *ast) /* {{{ */
3020 {
3021 if (ast->kind == ZEND_AST_CALL) {
3022 zend_error_noreturn(E_COMPILE_ERROR, "Can't use function return value in write context");
3023 }
3024 if (
3025 ast->kind == ZEND_AST_METHOD_CALL
3026 || ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL
3027 || ast->kind == ZEND_AST_STATIC_CALL
3028 ) {
3029 zend_error_noreturn(E_COMPILE_ERROR, "Can't use method return value in write context");
3030 }
3031 if (zend_ast_is_short_circuited(ast)) {
3032 zend_error_noreturn(E_COMPILE_ERROR, "Can't use nullsafe operator in write context");
3033 }
3034 }
3035 /* }}} */
3036
3037 /* Detects $a... = $a pattern */
zend_is_assign_to_self(zend_ast * var_ast,zend_ast * expr_ast)3038 zend_bool zend_is_assign_to_self(zend_ast *var_ast, zend_ast *expr_ast) /* {{{ */
3039 {
3040 if (expr_ast->kind != ZEND_AST_VAR || expr_ast->child[0]->kind != ZEND_AST_ZVAL) {
3041 return 0;
3042 }
3043
3044 while (zend_is_variable(var_ast) && var_ast->kind != ZEND_AST_VAR) {
3045 var_ast = var_ast->child[0];
3046 }
3047
3048 if (var_ast->kind != ZEND_AST_VAR || var_ast->child[0]->kind != ZEND_AST_ZVAL) {
3049 return 0;
3050 }
3051
3052 {
3053 zend_string *name1 = zval_get_string(zend_ast_get_zval(var_ast->child[0]));
3054 zend_string *name2 = zval_get_string(zend_ast_get_zval(expr_ast->child[0]));
3055 zend_bool result = zend_string_equals(name1, name2);
3056 zend_string_release_ex(name1, 0);
3057 zend_string_release_ex(name2, 0);
3058 return result;
3059 }
3060 }
3061 /* }}} */
3062
zend_compile_assign(znode * result,zend_ast * ast)3063 void zend_compile_assign(znode *result, zend_ast *ast) /* {{{ */
3064 {
3065 zend_ast *var_ast = ast->child[0];
3066 zend_ast *expr_ast = ast->child[1];
3067
3068 znode var_node, expr_node;
3069 zend_op *opline;
3070 uint32_t offset;
3071 if (is_this_fetch(var_ast)) {
3072 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3073 }
3074
3075 zend_ensure_writable_variable(var_ast);
3076
3077 switch (var_ast->kind) {
3078 case ZEND_AST_VAR:
3079 offset = zend_delayed_compile_begin();
3080 zend_delayed_compile_var(&var_node, var_ast, BP_VAR_W, 0);
3081 zend_compile_expr(&expr_node, expr_ast);
3082 zend_delayed_compile_end(offset);
3083 CG(zend_lineno) = zend_ast_get_lineno(var_ast);
3084 zend_emit_op_tmp(result, ZEND_ASSIGN, &var_node, &expr_node);
3085 return;
3086 case ZEND_AST_STATIC_PROP:
3087 offset = zend_delayed_compile_begin();
3088 zend_delayed_compile_var(result, var_ast, BP_VAR_W, 0);
3089 zend_compile_expr(&expr_node, expr_ast);
3090
3091 opline = zend_delayed_compile_end(offset);
3092 opline->opcode = ZEND_ASSIGN_STATIC_PROP;
3093 opline->result_type = IS_TMP_VAR;
3094 result->op_type = IS_TMP_VAR;
3095
3096 zend_emit_op_data(&expr_node);
3097 return;
3098 case ZEND_AST_DIM:
3099 offset = zend_delayed_compile_begin();
3100 zend_delayed_compile_dim(result, var_ast, BP_VAR_W);
3101
3102 if (zend_is_assign_to_self(var_ast, expr_ast)
3103 && !is_this_fetch(expr_ast)) {
3104 /* $a[0] = $a should evaluate the right $a first */
3105 znode cv_node;
3106
3107 if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3108 zend_compile_simple_var_no_cv(&expr_node, expr_ast, BP_VAR_R, 0);
3109 } else {
3110 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3111 }
3112 } else {
3113 zend_compile_expr(&expr_node, expr_ast);
3114 }
3115
3116 opline = zend_delayed_compile_end(offset);
3117 opline->opcode = ZEND_ASSIGN_DIM;
3118 opline->result_type = IS_TMP_VAR;
3119 result->op_type = IS_TMP_VAR;
3120
3121 opline = zend_emit_op_data(&expr_node);
3122 return;
3123 case ZEND_AST_PROP:
3124 case ZEND_AST_NULLSAFE_PROP:
3125 offset = zend_delayed_compile_begin();
3126 zend_delayed_compile_prop(result, var_ast, BP_VAR_W);
3127 zend_compile_expr(&expr_node, expr_ast);
3128
3129 opline = zend_delayed_compile_end(offset);
3130 opline->opcode = ZEND_ASSIGN_OBJ;
3131 opline->result_type = IS_TMP_VAR;
3132 result->op_type = IS_TMP_VAR;
3133
3134 zend_emit_op_data(&expr_node);
3135 return;
3136 case ZEND_AST_ARRAY:
3137 if (zend_propagate_list_refs(var_ast)) {
3138 if (!zend_is_variable_or_call(expr_ast)) {
3139 zend_error_noreturn(E_COMPILE_ERROR,
3140 "Cannot assign reference to non referencable value");
3141 }
3142
3143 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
3144 /* MAKE_REF is usually not necessary for CVs. However, if there are
3145 * self-assignments, this forces the RHS to evaluate first. */
3146 zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
3147 } else {
3148 if (expr_ast->kind == ZEND_AST_VAR) {
3149 /* list($a, $b) = $a should evaluate the right $a first */
3150 znode cv_node;
3151
3152 if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3153 zend_compile_simple_var_no_cv(&expr_node, expr_ast, BP_VAR_R, 0);
3154 } else {
3155 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3156 }
3157 } else {
3158 zend_compile_expr(&expr_node, expr_ast);
3159 }
3160 }
3161
3162 zend_compile_list_assign(result, var_ast, &expr_node, var_ast->attr);
3163 return;
3164 EMPTY_SWITCH_DEFAULT_CASE();
3165 }
3166 }
3167 /* }}} */
3168
zend_compile_assign_ref(znode * result,zend_ast * ast)3169 void zend_compile_assign_ref(znode *result, zend_ast *ast) /* {{{ */
3170 {
3171 zend_ast *target_ast = ast->child[0];
3172 zend_ast *source_ast = ast->child[1];
3173
3174 znode target_node, source_node;
3175 zend_op *opline;
3176 uint32_t offset, flags;
3177
3178 if (is_this_fetch(target_ast)) {
3179 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3180 }
3181 zend_ensure_writable_variable(target_ast);
3182 if (zend_ast_is_short_circuited(source_ast)) {
3183 zend_error_noreturn(E_COMPILE_ERROR, "Cannot take reference of a nullsafe chain");
3184 }
3185
3186 offset = zend_delayed_compile_begin();
3187 zend_delayed_compile_var(&target_node, target_ast, BP_VAR_W, 1);
3188 zend_compile_var(&source_node, source_ast, BP_VAR_W, 1);
3189
3190 if ((target_ast->kind != ZEND_AST_VAR
3191 || target_ast->child[0]->kind != ZEND_AST_ZVAL)
3192 && source_ast->kind != ZEND_AST_ZNODE
3193 && source_node.op_type != IS_CV) {
3194 /* Both LHS and RHS expressions may modify the same data structure,
3195 * and the modification during RHS evaluation may dangle the pointer
3196 * to the result of the LHS evaluation.
3197 * Use MAKE_REF instruction to replace direct pointer with REFERENCE.
3198 * See: Bug #71539
3199 */
3200 zend_emit_op(&source_node, ZEND_MAKE_REF, &source_node, NULL);
3201 }
3202
3203 opline = zend_delayed_compile_end(offset);
3204
3205 if (source_node.op_type != IS_VAR && zend_is_call(source_ast)) {
3206 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
3207 }
3208
3209 flags = zend_is_call(source_ast) ? ZEND_RETURNS_FUNCTION : 0;
3210
3211 if (opline && opline->opcode == ZEND_FETCH_OBJ_W) {
3212 opline->opcode = ZEND_ASSIGN_OBJ_REF;
3213 opline->extended_value &= ~ZEND_FETCH_REF;
3214 opline->extended_value |= flags;
3215 zend_emit_op_data(&source_node);
3216 *result = target_node;
3217 } else if (opline && opline->opcode == ZEND_FETCH_STATIC_PROP_W) {
3218 opline->opcode = ZEND_ASSIGN_STATIC_PROP_REF;
3219 opline->extended_value &= ~ZEND_FETCH_REF;
3220 opline->extended_value |= flags;
3221 zend_emit_op_data(&source_node);
3222 *result = target_node;
3223 } else {
3224 opline = zend_emit_op(result, ZEND_ASSIGN_REF, &target_node, &source_node);
3225 opline->extended_value = flags;
3226 }
3227 }
3228 /* }}} */
3229
zend_emit_assign_ref_znode(zend_ast * var_ast,znode * value_node)3230 static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
3231 {
3232 znode dummy_node;
3233 zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN_REF, var_ast,
3234 zend_ast_create_znode(value_node));
3235 zend_compile_expr(&dummy_node, assign_ast);
3236 zend_do_free(&dummy_node);
3237 }
3238 /* }}} */
3239
zend_compile_compound_assign(znode * result,zend_ast * ast)3240 void zend_compile_compound_assign(znode *result, zend_ast *ast) /* {{{ */
3241 {
3242 zend_ast *var_ast = ast->child[0];
3243 zend_ast *expr_ast = ast->child[1];
3244 uint32_t opcode = ast->attr;
3245
3246 znode var_node, expr_node;
3247 zend_op *opline;
3248 uint32_t offset, cache_slot;
3249
3250 zend_ensure_writable_variable(var_ast);
3251
3252 switch (var_ast->kind) {
3253 case ZEND_AST_VAR:
3254 offset = zend_delayed_compile_begin();
3255 zend_delayed_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
3256 zend_compile_expr(&expr_node, expr_ast);
3257 zend_delayed_compile_end(offset);
3258 opline = zend_emit_op_tmp(result, ZEND_ASSIGN_OP, &var_node, &expr_node);
3259 opline->extended_value = opcode;
3260 return;
3261 case ZEND_AST_STATIC_PROP:
3262 offset = zend_delayed_compile_begin();
3263 zend_delayed_compile_var(result, var_ast, BP_VAR_RW, 0);
3264 zend_compile_expr(&expr_node, expr_ast);
3265
3266 opline = zend_delayed_compile_end(offset);
3267 cache_slot = opline->extended_value;
3268 opline->opcode = ZEND_ASSIGN_STATIC_PROP_OP;
3269 opline->extended_value = opcode;
3270 opline->result_type = IS_TMP_VAR;
3271 result->op_type = IS_TMP_VAR;
3272
3273 opline = zend_emit_op_data(&expr_node);
3274 opline->extended_value = cache_slot;
3275 return;
3276 case ZEND_AST_DIM:
3277 offset = zend_delayed_compile_begin();
3278 zend_delayed_compile_dim(result, var_ast, BP_VAR_RW);
3279 zend_compile_expr(&expr_node, expr_ast);
3280
3281 opline = zend_delayed_compile_end(offset);
3282 opline->opcode = ZEND_ASSIGN_DIM_OP;
3283 opline->extended_value = opcode;
3284 opline->result_type = IS_TMP_VAR;
3285 result->op_type = IS_TMP_VAR;
3286
3287 zend_emit_op_data(&expr_node);
3288 return;
3289 case ZEND_AST_PROP:
3290 case ZEND_AST_NULLSAFE_PROP:
3291 offset = zend_delayed_compile_begin();
3292 zend_delayed_compile_prop(result, var_ast, BP_VAR_RW);
3293 zend_compile_expr(&expr_node, expr_ast);
3294
3295 opline = zend_delayed_compile_end(offset);
3296 cache_slot = opline->extended_value;
3297 opline->opcode = ZEND_ASSIGN_OBJ_OP;
3298 opline->extended_value = opcode;
3299 opline->result_type = IS_TMP_VAR;
3300 result->op_type = IS_TMP_VAR;
3301
3302 opline = zend_emit_op_data(&expr_node);
3303 opline->extended_value = cache_slot;
3304 return;
3305 EMPTY_SWITCH_DEFAULT_CASE()
3306 }
3307 }
3308 /* }}} */
3309
zend_get_arg_num(zend_function * fn,zend_string * arg_name)3310 static uint32_t zend_get_arg_num(zend_function *fn, zend_string *arg_name) {
3311 // TODO: Caching?
3312 if (fn->type == ZEND_USER_FUNCTION) {
3313 for (uint32_t i = 0; i < fn->common.num_args; i++) {
3314 zend_arg_info *arg_info = &fn->op_array.arg_info[i];
3315 if (zend_string_equals(arg_info->name, arg_name)) {
3316 return i + 1;
3317 }
3318 }
3319 } else {
3320 for (uint32_t i = 0; i < fn->common.num_args; i++) {
3321 zend_internal_arg_info *arg_info = &fn->internal_function.arg_info[i];
3322 size_t len = strlen(arg_info->name);
3323 if (len == ZSTR_LEN(arg_name) && !memcmp(arg_info->name, ZSTR_VAL(arg_name), len)) {
3324 return i + 1;
3325 }
3326 }
3327 }
3328
3329 /* Either an invalid argument name, or collected into a variadic argument. */
3330 return (uint32_t) -1;
3331 }
3332
zend_compile_args(zend_ast * ast,zend_function * fbc,bool * may_have_extra_named_args)3333 uint32_t zend_compile_args(
3334 zend_ast *ast, zend_function *fbc, bool *may_have_extra_named_args) /* {{{ */
3335 {
3336 zend_ast_list *args = zend_ast_get_list(ast);
3337 uint32_t i;
3338 zend_bool uses_arg_unpack = 0;
3339 uint32_t arg_count = 0; /* number of arguments not including unpacks */
3340
3341 /* Whether named arguments are used syntactically, to enforce language level limitations.
3342 * May not actually use named argument passing. */
3343 zend_bool uses_named_args = 0;
3344 /* Whether there may be any undef arguments due to the use of named arguments. */
3345 zend_bool may_have_undef = 0;
3346 /* Whether there may be any extra named arguments collected into a variadic. */
3347 *may_have_extra_named_args = 0;
3348
3349 for (i = 0; i < args->children; ++i) {
3350 zend_ast *arg = args->child[i];
3351 zend_string *arg_name = NULL;
3352 uint32_t arg_num = i + 1;
3353
3354 znode arg_node;
3355 zend_op *opline;
3356 zend_uchar opcode;
3357
3358 if (arg->kind == ZEND_AST_UNPACK) {
3359 if (uses_named_args) {
3360 zend_error_noreturn(E_COMPILE_ERROR,
3361 "Cannot combine named arguments and argument unpacking");
3362 }
3363
3364 uses_arg_unpack = 1;
3365 fbc = NULL;
3366
3367 zend_compile_expr(&arg_node, arg->child[0]);
3368 opline = zend_emit_op(NULL, ZEND_SEND_UNPACK, &arg_node, NULL);
3369 opline->op2.num = arg_count;
3370 opline->result.var = EX_NUM_TO_VAR(arg_count - 1);
3371
3372 /* Unpack may contain named arguments. */
3373 may_have_undef = 1;
3374 if (!fbc || (fbc->common.fn_flags & ZEND_ACC_VARIADIC)) {
3375 *may_have_extra_named_args = 1;
3376 }
3377 continue;
3378 }
3379
3380 if (arg->kind == ZEND_AST_NAMED_ARG) {
3381 if (uses_arg_unpack) {
3382 zend_error_noreturn(E_COMPILE_ERROR,
3383 "Cannot combine named arguments and argument unpacking");
3384 }
3385
3386 uses_named_args = 1;
3387 arg_name = zval_make_interned_string(zend_ast_get_zval(arg->child[0]));
3388 arg = arg->child[1];
3389
3390 if (fbc) {
3391 arg_num = zend_get_arg_num(fbc, arg_name);
3392 if (arg_num == arg_count + 1 && !may_have_undef) {
3393 /* Using named arguments, but passing in order. */
3394 arg_name = NULL;
3395 arg_count++;
3396 } else {
3397 // TODO: We could track which arguments were passed, even if out of order.
3398 may_have_undef = 1;
3399 if (arg_num == (uint32_t) -1 && (fbc->common.fn_flags & ZEND_ACC_VARIADIC)) {
3400 *may_have_extra_named_args = 1;
3401 }
3402 }
3403 } else {
3404 arg_num = (uint32_t) -1;
3405 may_have_undef = 1;
3406 *may_have_extra_named_args = 1;
3407 }
3408 } else {
3409 if (uses_arg_unpack) {
3410 zend_error_noreturn(E_COMPILE_ERROR,
3411 "Cannot use positional argument after argument unpacking");
3412 }
3413
3414 if (uses_named_args) {
3415 zend_error_noreturn(E_COMPILE_ERROR,
3416 "Cannot use positional argument after named argument");
3417 }
3418
3419 arg_count++;
3420 }
3421
3422 if (zend_is_call(arg)) {
3423 zend_compile_var(&arg_node, arg, BP_VAR_R, 0);
3424 if (arg_node.op_type & (IS_CONST|IS_TMP_VAR)) {
3425 /* Function call was converted into builtin instruction */
3426 if (!fbc || ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3427 opcode = ZEND_SEND_VAL_EX;
3428 } else {
3429 opcode = ZEND_SEND_VAL;
3430 }
3431 } else {
3432 if (fbc && arg_num != (uint32_t) -1) {
3433 if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3434 opcode = ZEND_SEND_VAR_NO_REF;
3435 } else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3436 opcode = ZEND_SEND_VAL;
3437 } else {
3438 opcode = ZEND_SEND_VAR;
3439 }
3440 } else {
3441 opcode = ZEND_SEND_VAR_NO_REF_EX;
3442 }
3443 }
3444 } else if (zend_is_variable(arg) && !zend_ast_is_short_circuited(arg)) {
3445 if (fbc && arg_num != (uint32_t) -1) {
3446 if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3447 zend_compile_var(&arg_node, arg, BP_VAR_W, 1);
3448 opcode = ZEND_SEND_REF;
3449 } else {
3450 zend_compile_var(&arg_node, arg, BP_VAR_R, 0);
3451 opcode = (arg_node.op_type == IS_TMP_VAR) ? ZEND_SEND_VAL : ZEND_SEND_VAR;
3452 }
3453 } else {
3454 do {
3455 if (arg->kind == ZEND_AST_VAR) {
3456 CG(zend_lineno) = zend_ast_get_lineno(ast);
3457 if (is_this_fetch(arg)) {
3458 zend_emit_op(&arg_node, ZEND_FETCH_THIS, NULL, NULL);
3459 opcode = ZEND_SEND_VAR_EX;
3460 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
3461 break;
3462 } else if (zend_try_compile_cv(&arg_node, arg) == SUCCESS) {
3463 opcode = ZEND_SEND_VAR_EX;
3464 break;
3465 }
3466 }
3467 opline = zend_emit_op(NULL, ZEND_CHECK_FUNC_ARG, NULL, NULL);
3468 if (arg_name) {
3469 opline->op2_type = IS_CONST;
3470 zend_string_addref(arg_name);
3471 opline->op2.constant = zend_add_literal_string(&arg_name);
3472 opline->result.num = zend_alloc_cache_slots(2);
3473 } else {
3474 opline->op2.num = arg_num;
3475 }
3476 zend_compile_var(&arg_node, arg, BP_VAR_FUNC_ARG, 1);
3477 opcode = ZEND_SEND_FUNC_ARG;
3478 } while (0);
3479 }
3480 } else {
3481 zend_compile_expr(&arg_node, arg);
3482 if (arg_node.op_type == IS_VAR) {
3483 /* pass ++$a or something similar */
3484 if (fbc && arg_num != (uint32_t) -1) {
3485 if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3486 opcode = ZEND_SEND_VAR_NO_REF;
3487 } else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3488 opcode = ZEND_SEND_VAL;
3489 } else {
3490 opcode = ZEND_SEND_VAR;
3491 }
3492 } else {
3493 opcode = ZEND_SEND_VAR_NO_REF_EX;
3494 }
3495 } else if (arg_node.op_type == IS_CV) {
3496 if (fbc && arg_num != (uint32_t) -1) {
3497 if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3498 opcode = ZEND_SEND_REF;
3499 } else {
3500 opcode = ZEND_SEND_VAR;
3501 }
3502 } else {
3503 opcode = ZEND_SEND_VAR_EX;
3504 }
3505 } else {
3506 /* Delay "Only variables can be passed by reference" error to execution */
3507 if (fbc && arg_num != (uint32_t) -1 && !ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3508 opcode = ZEND_SEND_VAL;
3509 } else {
3510 opcode = ZEND_SEND_VAL_EX;
3511 }
3512 }
3513 }
3514
3515 opline = zend_emit_op(NULL, opcode, &arg_node, NULL);
3516 if (arg_name) {
3517 opline->op2_type = IS_CONST;
3518 zend_string_addref(arg_name);
3519 opline->op2.constant = zend_add_literal_string(&arg_name);
3520 opline->result.num = zend_alloc_cache_slots(2);
3521 } else {
3522 opline->op2.opline_num = arg_num;
3523 opline->result.var = EX_NUM_TO_VAR(arg_num - 1);
3524 }
3525 }
3526
3527 if (may_have_undef) {
3528 zend_emit_op(NULL, ZEND_CHECK_UNDEF_ARGS, NULL, NULL);
3529 }
3530
3531 return arg_count;
3532 }
3533 /* }}} */
3534
zend_get_call_op(const zend_op * init_op,zend_function * fbc)3535 ZEND_API zend_uchar zend_get_call_op(const zend_op *init_op, zend_function *fbc) /* {{{ */
3536 {
3537 if (fbc) {
3538 if (fbc->type == ZEND_INTERNAL_FUNCTION && !(CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS)) {
3539 if (init_op->opcode == ZEND_INIT_FCALL && !zend_execute_internal) {
3540 if (!(fbc->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED))) {
3541 return ZEND_DO_ICALL;
3542 } else {
3543 return ZEND_DO_FCALL_BY_NAME;
3544 }
3545 }
3546 } else if (!(CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS)){
3547 if (zend_execute_ex == execute_ex && !(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
3548 return ZEND_DO_UCALL;
3549 }
3550 }
3551 } else if (zend_execute_ex == execute_ex &&
3552 !zend_execute_internal &&
3553 (init_op->opcode == ZEND_INIT_FCALL_BY_NAME ||
3554 init_op->opcode == ZEND_INIT_NS_FCALL_BY_NAME)) {
3555 return ZEND_DO_FCALL_BY_NAME;
3556 }
3557 return ZEND_DO_FCALL;
3558 }
3559 /* }}} */
3560
zend_compile_call_common(znode * result,zend_ast * args_ast,zend_function * fbc)3561 void zend_compile_call_common(znode *result, zend_ast *args_ast, zend_function *fbc) /* {{{ */
3562 {
3563 zend_op *opline;
3564 uint32_t opnum_init = get_next_op_number() - 1;
3565 uint32_t arg_count;
3566 bool may_have_extra_named_args;
3567
3568 arg_count = zend_compile_args(args_ast, fbc, &may_have_extra_named_args);
3569
3570 zend_do_extended_fcall_begin();
3571
3572 opline = &CG(active_op_array)->opcodes[opnum_init];
3573 opline->extended_value = arg_count;
3574
3575 if (opline->opcode == ZEND_INIT_FCALL) {
3576 opline->op1.num = zend_vm_calc_used_stack(arg_count, fbc);
3577 }
3578
3579 opline = zend_emit_op(result, zend_get_call_op(opline, fbc), NULL, NULL);
3580 if (may_have_extra_named_args) {
3581 opline->extended_value = ZEND_FCALL_MAY_HAVE_EXTRA_NAMED_PARAMS;
3582 }
3583 zend_do_extended_fcall_end();
3584 }
3585 /* }}} */
3586
zend_compile_function_name(znode * name_node,zend_ast * name_ast)3587 zend_bool zend_compile_function_name(znode *name_node, zend_ast *name_ast) /* {{{ */
3588 {
3589 zend_string *orig_name = zend_ast_get_str(name_ast);
3590 zend_bool is_fully_qualified;
3591
3592 name_node->op_type = IS_CONST;
3593 ZVAL_STR(&name_node->u.constant, zend_resolve_function_name(
3594 orig_name, name_ast->attr, &is_fully_qualified));
3595
3596 return !is_fully_qualified && FC(current_namespace);
3597 }
3598 /* }}} */
3599
zend_compile_ns_call(znode * result,znode * name_node,zend_ast * args_ast)3600 void zend_compile_ns_call(znode *result, znode *name_node, zend_ast *args_ast) /* {{{ */
3601 {
3602 zend_op *opline = get_next_op();
3603 opline->opcode = ZEND_INIT_NS_FCALL_BY_NAME;
3604 opline->op2_type = IS_CONST;
3605 opline->op2.constant = zend_add_ns_func_name_literal(
3606 Z_STR(name_node->u.constant));
3607 opline->result.num = zend_alloc_cache_slot();
3608
3609 zend_compile_call_common(result, args_ast, NULL);
3610 }
3611 /* }}} */
3612
zend_compile_dynamic_call(znode * result,znode * name_node,zend_ast * args_ast)3613 void zend_compile_dynamic_call(znode *result, znode *name_node, zend_ast *args_ast) /* {{{ */
3614 {
3615 if (name_node->op_type == IS_CONST && Z_TYPE(name_node->u.constant) == IS_STRING) {
3616 const char *colon;
3617 zend_string *str = Z_STR(name_node->u.constant);
3618 if ((colon = zend_memrchr(ZSTR_VAL(str), ':', ZSTR_LEN(str))) != NULL && colon > ZSTR_VAL(str) && *(colon - 1) == ':') {
3619 zend_string *class = zend_string_init(ZSTR_VAL(str), colon - ZSTR_VAL(str) - 1, 0);
3620 zend_string *method = zend_string_init(colon + 1, ZSTR_LEN(str) - (colon - ZSTR_VAL(str)) - 1, 0);
3621 zend_op *opline = get_next_op();
3622
3623 opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
3624 opline->op1_type = IS_CONST;
3625 opline->op1.constant = zend_add_class_name_literal(class);
3626 opline->op2_type = IS_CONST;
3627 opline->op2.constant = zend_add_func_name_literal(method);
3628 /* 2 slots, for class and method */
3629 opline->result.num = zend_alloc_cache_slots(2);
3630 zval_ptr_dtor(&name_node->u.constant);
3631 } else {
3632 zend_op *opline = get_next_op();
3633
3634 opline->opcode = ZEND_INIT_FCALL_BY_NAME;
3635 opline->op2_type = IS_CONST;
3636 opline->op2.constant = zend_add_func_name_literal(str);
3637 opline->result.num = zend_alloc_cache_slot();
3638 }
3639 } else {
3640 zend_emit_op(NULL, ZEND_INIT_DYNAMIC_CALL, NULL, name_node);
3641 }
3642
3643 zend_compile_call_common(result, args_ast, NULL);
3644 }
3645 /* }}} */
3646
zend_args_contain_unpack_or_named(zend_ast_list * args)3647 static inline zend_bool zend_args_contain_unpack_or_named(zend_ast_list *args) /* {{{ */
3648 {
3649 uint32_t i;
3650 for (i = 0; i < args->children; ++i) {
3651 zend_ast *arg = args->child[i];
3652 if (arg->kind == ZEND_AST_UNPACK || arg->kind == ZEND_AST_NAMED_ARG) {
3653 return 1;
3654 }
3655 }
3656 return 0;
3657 }
3658 /* }}} */
3659
zend_compile_func_strlen(znode * result,zend_ast_list * args)3660 zend_result zend_compile_func_strlen(znode *result, zend_ast_list *args) /* {{{ */
3661 {
3662 znode arg_node;
3663
3664 if (args->children != 1) {
3665 return FAILURE;
3666 }
3667
3668 zend_compile_expr(&arg_node, args->child[0]);
3669 if (arg_node.op_type == IS_CONST && Z_TYPE(arg_node.u.constant) == IS_STRING) {
3670 result->op_type = IS_CONST;
3671 ZVAL_LONG(&result->u.constant, Z_STRLEN(arg_node.u.constant));
3672 zval_ptr_dtor_str(&arg_node.u.constant);
3673 } else {
3674 zend_emit_op_tmp(result, ZEND_STRLEN, &arg_node, NULL);
3675 }
3676 return SUCCESS;
3677 }
3678 /* }}} */
3679
zend_compile_func_typecheck(znode * result,zend_ast_list * args,uint32_t type)3680 zend_result zend_compile_func_typecheck(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
3681 {
3682 znode arg_node;
3683 zend_op *opline;
3684
3685 if (args->children != 1) {
3686 return FAILURE;
3687 }
3688
3689 zend_compile_expr(&arg_node, args->child[0]);
3690 opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
3691 if (type != _IS_BOOL) {
3692 opline->extended_value = (1 << type);
3693 } else {
3694 opline->extended_value = (1 << IS_FALSE) | (1 << IS_TRUE);
3695 }
3696 return SUCCESS;
3697 }
3698 /* }}} */
3699
zend_compile_func_is_scalar(znode * result,zend_ast_list * args)3700 static zend_result zend_compile_func_is_scalar(znode *result, zend_ast_list *args) /* {{{ */
3701 {
3702 znode arg_node;
3703 zend_op *opline;
3704
3705 if (args->children != 1) {
3706 return FAILURE;
3707 }
3708
3709 zend_compile_expr(&arg_node, args->child[0]);
3710 opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
3711 opline->extended_value = (1 << IS_FALSE | 1 << IS_TRUE | 1 << IS_DOUBLE | 1 << IS_LONG | 1 << IS_STRING);
3712 return SUCCESS;
3713 }
3714
zend_compile_func_cast(znode * result,zend_ast_list * args,uint32_t type)3715 zend_result zend_compile_func_cast(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
3716 {
3717 znode arg_node;
3718 zend_op *opline;
3719
3720 if (args->children != 1) {
3721 return FAILURE;
3722 }
3723
3724 zend_compile_expr(&arg_node, args->child[0]);
3725 if (type == _IS_BOOL) {
3726 opline = zend_emit_op_tmp(result, ZEND_BOOL, &arg_node, NULL);
3727 } else {
3728 opline = zend_emit_op_tmp(result, ZEND_CAST, &arg_node, NULL);
3729 opline->extended_value = type;
3730 }
3731 return SUCCESS;
3732 }
3733 /* }}} */
3734
zend_compile_func_defined(znode * result,zend_ast_list * args)3735 zend_result zend_compile_func_defined(znode *result, zend_ast_list *args) /* {{{ */
3736 {
3737 zend_string *name;
3738 zend_op *opline;
3739
3740 if (args->children != 1 || args->child[0]->kind != ZEND_AST_ZVAL) {
3741 return FAILURE;
3742 }
3743
3744 name = zval_get_string(zend_ast_get_zval(args->child[0]));
3745 if (zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name)) || zend_memrchr(ZSTR_VAL(name), ':', ZSTR_LEN(name))) {
3746 zend_string_release_ex(name, 0);
3747 return FAILURE;
3748 }
3749
3750 if (zend_try_ct_eval_const(&result->u.constant, name, 0)) {
3751 zend_string_release_ex(name, 0);
3752 zval_ptr_dtor(&result->u.constant);
3753 ZVAL_TRUE(&result->u.constant);
3754 result->op_type = IS_CONST;
3755 return SUCCESS;
3756 }
3757
3758 opline = zend_emit_op_tmp(result, ZEND_DEFINED, NULL, NULL);
3759 opline->op1_type = IS_CONST;
3760 LITERAL_STR(opline->op1, name);
3761 opline->extended_value = zend_alloc_cache_slot();
3762
3763 return SUCCESS;
3764 }
3765 /* }}} */
3766
zend_compile_func_chr(znode * result,zend_ast_list * args)3767 zend_result zend_compile_func_chr(znode *result, zend_ast_list *args) /* {{{ */
3768 {
3769
3770 if (args->children == 1 &&
3771 args->child[0]->kind == ZEND_AST_ZVAL &&
3772 Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_LONG) {
3773
3774 zend_long c = Z_LVAL_P(zend_ast_get_zval(args->child[0])) & 0xff;
3775
3776 result->op_type = IS_CONST;
3777 ZVAL_CHAR(&result->u.constant, c);
3778 return SUCCESS;
3779 } else {
3780 return FAILURE;
3781 }
3782 }
3783 /* }}} */
3784
zend_compile_func_ord(znode * result,zend_ast_list * args)3785 zend_result zend_compile_func_ord(znode *result, zend_ast_list *args) /* {{{ */
3786 {
3787 if (args->children == 1 &&
3788 args->child[0]->kind == ZEND_AST_ZVAL &&
3789 Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_STRING) {
3790
3791 result->op_type = IS_CONST;
3792 ZVAL_LONG(&result->u.constant, (unsigned char)Z_STRVAL_P(zend_ast_get_zval(args->child[0]))[0]);
3793 return SUCCESS;
3794 } else {
3795 return FAILURE;
3796 }
3797 }
3798 /* }}} */
3799
3800 /* We can only calculate the stack size for functions that have been fully compiled, otherwise
3801 * additional CV or TMP slots may still be added. This prevents the use of INIT_FCALL for
3802 * directly or indirectly recursive function calls. */
fbc_is_finalized(zend_function * fbc)3803 static zend_bool fbc_is_finalized(zend_function *fbc) {
3804 return !ZEND_USER_CODE(fbc->type) || (fbc->common.fn_flags & ZEND_ACC_DONE_PASS_TWO);
3805 }
3806
zend_try_compile_ct_bound_init_user_func(zend_ast * name_ast,uint32_t num_args)3807 static zend_result zend_try_compile_ct_bound_init_user_func(zend_ast *name_ast, uint32_t num_args) /* {{{ */
3808 {
3809 zend_string *name, *lcname;
3810 zend_function *fbc;
3811 zend_op *opline;
3812
3813 if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
3814 return FAILURE;
3815 }
3816
3817 name = zend_ast_get_str(name_ast);
3818 lcname = zend_string_tolower(name);
3819
3820 fbc = zend_hash_find_ptr(CG(function_table), lcname);
3821 if (!fbc || !fbc_is_finalized(fbc)
3822 || (fbc->type == ZEND_INTERNAL_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS))
3823 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS))
3824 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES) && fbc->op_array.filename != CG(active_op_array)->filename)
3825 ) {
3826 zend_string_release_ex(lcname, 0);
3827 return FAILURE;
3828 }
3829
3830 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, NULL);
3831 opline->extended_value = num_args;
3832 opline->op1.num = zend_vm_calc_used_stack(num_args, fbc);
3833 opline->op2_type = IS_CONST;
3834 LITERAL_STR(opline->op2, lcname);
3835 opline->result.num = zend_alloc_cache_slot();
3836
3837 return SUCCESS;
3838 }
3839 /* }}} */
3840
zend_compile_init_user_func(zend_ast * name_ast,uint32_t num_args,zend_string * orig_func_name)3841 static void zend_compile_init_user_func(zend_ast *name_ast, uint32_t num_args, zend_string *orig_func_name) /* {{{ */
3842 {
3843 zend_op *opline;
3844 znode name_node;
3845
3846 if (zend_try_compile_ct_bound_init_user_func(name_ast, num_args) == SUCCESS) {
3847 return;
3848 }
3849
3850 zend_compile_expr(&name_node, name_ast);
3851
3852 opline = zend_emit_op(NULL, ZEND_INIT_USER_CALL, NULL, &name_node);
3853 opline->op1_type = IS_CONST;
3854 LITERAL_STR(opline->op1, zend_string_copy(orig_func_name));
3855 opline->extended_value = num_args;
3856 }
3857 /* }}} */
3858
3859 /* cufa = call_user_func_array */
zend_compile_func_cufa(znode * result,zend_ast_list * args,zend_string * lcname)3860 zend_result zend_compile_func_cufa(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
3861 {
3862 znode arg_node;
3863
3864 if (args->children != 2) {
3865 return FAILURE;
3866 }
3867
3868 zend_compile_init_user_func(args->child[0], 0, lcname);
3869 if (args->child[1]->kind == ZEND_AST_CALL
3870 && args->child[1]->child[0]->kind == ZEND_AST_ZVAL
3871 && Z_TYPE_P(zend_ast_get_zval(args->child[1]->child[0])) == IS_STRING
3872 && args->child[1]->child[1]->kind == ZEND_AST_ARG_LIST) {
3873 zend_string *orig_name = zend_ast_get_str(args->child[1]->child[0]);
3874 zend_ast_list *list = zend_ast_get_list(args->child[1]->child[1]);
3875 zend_bool is_fully_qualified;
3876 zend_string *name = zend_resolve_function_name(orig_name, args->child[1]->child[0]->attr, &is_fully_qualified);
3877
3878 if (zend_string_equals_literal_ci(name, "array_slice")
3879 && !zend_args_contain_unpack_or_named(list)
3880 && list->children == 3
3881 && list->child[1]->kind == ZEND_AST_ZVAL) {
3882 zval *zv = zend_ast_get_zval(list->child[1]);
3883
3884 if (Z_TYPE_P(zv) == IS_LONG
3885 && Z_LVAL_P(zv) >= 0
3886 && Z_LVAL_P(zv) <= 0x7fffffff) {
3887 zend_op *opline;
3888 znode len_node;
3889
3890 zend_compile_expr(&arg_node, list->child[0]);
3891 zend_compile_expr(&len_node, list->child[2]);
3892 opline = zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, &len_node);
3893 opline->extended_value = Z_LVAL_P(zv);
3894 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
3895 zend_string_release_ex(name, 0);
3896 return SUCCESS;
3897 }
3898 }
3899 zend_string_release_ex(name, 0);
3900 }
3901 zend_compile_expr(&arg_node, args->child[1]);
3902 zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, NULL);
3903 zend_emit_op(NULL, ZEND_CHECK_UNDEF_ARGS, NULL, NULL);
3904 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
3905
3906 return SUCCESS;
3907 }
3908 /* }}} */
3909
3910 /* cuf = call_user_func */
zend_compile_func_cuf(znode * result,zend_ast_list * args,zend_string * lcname)3911 zend_result zend_compile_func_cuf(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
3912 {
3913 uint32_t i;
3914
3915 if (args->children < 1) {
3916 return FAILURE;
3917 }
3918
3919 zend_compile_init_user_func(args->child[0], args->children - 1, lcname);
3920 for (i = 1; i < args->children; ++i) {
3921 zend_ast *arg_ast = args->child[i];
3922 znode arg_node;
3923 zend_op *opline;
3924
3925 zend_compile_expr(&arg_node, arg_ast);
3926
3927 opline = zend_emit_op(NULL, ZEND_SEND_USER, &arg_node, NULL);
3928 opline->op2.num = i;
3929 opline->result.var = EX_NUM_TO_VAR(i - 1);
3930 }
3931 zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
3932
3933 return SUCCESS;
3934 }
3935 /* }}} */
3936
zend_compile_assert(znode * result,zend_ast_list * args,zend_string * name,zend_function * fbc)3937 static void zend_compile_assert(znode *result, zend_ast_list *args, zend_string *name, zend_function *fbc) /* {{{ */
3938 {
3939 if (EG(assertions) >= 0) {
3940 znode name_node;
3941 zend_op *opline;
3942 uint32_t check_op_number = get_next_op_number();
3943
3944 zend_emit_op(NULL, ZEND_ASSERT_CHECK, NULL, NULL);
3945
3946 if (fbc && fbc_is_finalized(fbc)) {
3947 name_node.op_type = IS_CONST;
3948 ZVAL_STR_COPY(&name_node.u.constant, name);
3949
3950 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
3951 } else {
3952 opline = zend_emit_op(NULL, ZEND_INIT_NS_FCALL_BY_NAME, NULL, NULL);
3953 opline->op2_type = IS_CONST;
3954 opline->op2.constant = zend_add_ns_func_name_literal(name);
3955 }
3956 opline->result.num = zend_alloc_cache_slot();
3957
3958 if (args->children == 1) {
3959 /* add "assert(condition) as assertion message */
3960 zend_ast *arg = zend_ast_create_zval_from_str(
3961 zend_ast_export("assert(", args->child[0], ")"));
3962 if (args->child[0]->kind == ZEND_AST_NAMED_ARG) {
3963 /* If the original argument was named, add the new argument as named as well,
3964 * as mixing named and positional is not allowed. */
3965 zend_ast *name = zend_ast_create_zval_from_str(
3966 zend_string_init("description", sizeof("description") - 1, 0));
3967 arg = zend_ast_create(ZEND_AST_NAMED_ARG, name, arg);
3968 }
3969 zend_ast_list_add((zend_ast *) args, arg);
3970 }
3971
3972 zend_compile_call_common(result, (zend_ast*)args, fbc);
3973
3974 opline = &CG(active_op_array)->opcodes[check_op_number];
3975 opline->op2.opline_num = get_next_op_number();
3976 SET_NODE(opline->result, result);
3977 } else {
3978 if (!fbc) {
3979 zend_string_release_ex(name, 0);
3980 }
3981 result->op_type = IS_CONST;
3982 ZVAL_TRUE(&result->u.constant);
3983 }
3984 }
3985 /* }}} */
3986
zend_compile_func_in_array(znode * result,zend_ast_list * args)3987 static zend_result zend_compile_func_in_array(znode *result, zend_ast_list *args) /* {{{ */
3988 {
3989 zend_bool strict = 0;
3990 znode array, needly;
3991 zend_op *opline;
3992
3993 if (args->children == 3) {
3994 if (args->child[2]->kind == ZEND_AST_ZVAL) {
3995 strict = zend_is_true(zend_ast_get_zval(args->child[2]));
3996 } else if (args->child[2]->kind == ZEND_AST_CONST) {
3997 zval value;
3998 zend_ast *name_ast = args->child[2]->child[0];
3999 zend_bool is_fully_qualified;
4000 zend_string *resolved_name = zend_resolve_const_name(
4001 zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
4002
4003 if (!zend_try_ct_eval_const(&value, resolved_name, is_fully_qualified)) {
4004 zend_string_release_ex(resolved_name, 0);
4005 return FAILURE;
4006 }
4007
4008 zend_string_release_ex(resolved_name, 0);
4009 strict = zend_is_true(&value);
4010 zval_ptr_dtor(&value);
4011 } else {
4012 return FAILURE;
4013 }
4014 } else if (args->children != 2) {
4015 return FAILURE;
4016 }
4017
4018 if (args->child[1]->kind != ZEND_AST_ARRAY
4019 || !zend_try_ct_eval_array(&array.u.constant, args->child[1])) {
4020 return FAILURE;
4021 }
4022
4023 if (zend_hash_num_elements(Z_ARRVAL(array.u.constant)) > 0) {
4024 zend_bool ok = 1;
4025 zval *val, tmp;
4026 HashTable *src = Z_ARRVAL(array.u.constant);
4027 HashTable *dst = zend_new_array(zend_hash_num_elements(src));
4028
4029 ZVAL_TRUE(&tmp);
4030
4031 if (strict) {
4032 ZEND_HASH_FOREACH_VAL(src, val) {
4033 if (Z_TYPE_P(val) == IS_STRING) {
4034 zend_hash_add(dst, Z_STR_P(val), &tmp);
4035 } else if (Z_TYPE_P(val) == IS_LONG) {
4036 zend_hash_index_add(dst, Z_LVAL_P(val), &tmp);
4037 } else {
4038 zend_array_destroy(dst);
4039 ok = 0;
4040 break;
4041 }
4042 } ZEND_HASH_FOREACH_END();
4043 } else {
4044 ZEND_HASH_FOREACH_VAL(src, val) {
4045 if (Z_TYPE_P(val) != IS_STRING
4046 || is_numeric_string(Z_STRVAL_P(val), Z_STRLEN_P(val), NULL, NULL, 0)) {
4047 zend_array_destroy(dst);
4048 ok = 0;
4049 break;
4050 }
4051 zend_hash_add(dst, Z_STR_P(val), &tmp);
4052 } ZEND_HASH_FOREACH_END();
4053 }
4054
4055 zend_array_destroy(src);
4056 if (!ok) {
4057 return FAILURE;
4058 }
4059 Z_ARRVAL(array.u.constant) = dst;
4060 }
4061 array.op_type = IS_CONST;
4062
4063 zend_compile_expr(&needly, args->child[0]);
4064
4065 opline = zend_emit_op_tmp(result, ZEND_IN_ARRAY, &needly, &array);
4066 opline->extended_value = strict;
4067
4068 return SUCCESS;
4069 }
4070 /* }}} */
4071
zend_compile_func_count(znode * result,zend_ast_list * args,zend_string * lcname)4072 zend_result zend_compile_func_count(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
4073 {
4074 znode arg_node;
4075 zend_op *opline;
4076
4077 if (args->children != 1) {
4078 return FAILURE;
4079 }
4080
4081 zend_compile_expr(&arg_node, args->child[0]);
4082 opline = zend_emit_op_tmp(result, ZEND_COUNT, &arg_node, NULL);
4083 opline->extended_value = zend_string_equals_literal(lcname, "sizeof");
4084
4085 return SUCCESS;
4086 }
4087 /* }}} */
4088
zend_compile_func_get_class(znode * result,zend_ast_list * args)4089 zend_result zend_compile_func_get_class(znode *result, zend_ast_list *args) /* {{{ */
4090 {
4091 if (args->children == 0) {
4092 zend_emit_op_tmp(result, ZEND_GET_CLASS, NULL, NULL);
4093 } else {
4094 znode arg_node;
4095
4096 if (args->children != 1) {
4097 return FAILURE;
4098 }
4099
4100 zend_compile_expr(&arg_node, args->child[0]);
4101 zend_emit_op_tmp(result, ZEND_GET_CLASS, &arg_node, NULL);
4102 }
4103 return SUCCESS;
4104 }
4105 /* }}} */
4106
zend_compile_func_get_called_class(znode * result,zend_ast_list * args)4107 zend_result zend_compile_func_get_called_class(znode *result, zend_ast_list *args) /* {{{ */
4108 {
4109 if (args->children != 0) {
4110 return FAILURE;
4111 }
4112
4113 zend_emit_op_tmp(result, ZEND_GET_CALLED_CLASS, NULL, NULL);
4114 return SUCCESS;
4115 }
4116 /* }}} */
4117
zend_compile_func_gettype(znode * result,zend_ast_list * args)4118 zend_result zend_compile_func_gettype(znode *result, zend_ast_list *args) /* {{{ */
4119 {
4120 znode arg_node;
4121
4122 if (args->children != 1) {
4123 return FAILURE;
4124 }
4125
4126 zend_compile_expr(&arg_node, args->child[0]);
4127 zend_emit_op_tmp(result, ZEND_GET_TYPE, &arg_node, NULL);
4128 return SUCCESS;
4129 }
4130 /* }}} */
4131
zend_compile_func_num_args(znode * result,zend_ast_list * args)4132 zend_result zend_compile_func_num_args(znode *result, zend_ast_list *args) /* {{{ */
4133 {
4134 if (CG(active_op_array)->function_name && args->children == 0) {
4135 zend_emit_op_tmp(result, ZEND_FUNC_NUM_ARGS, NULL, NULL);
4136 return SUCCESS;
4137 } else {
4138 return FAILURE;
4139 }
4140 }
4141 /* }}} */
4142
zend_compile_func_get_args(znode * result,zend_ast_list * args)4143 zend_result zend_compile_func_get_args(znode *result, zend_ast_list *args) /* {{{ */
4144 {
4145 if (CG(active_op_array)->function_name && args->children == 0) {
4146 zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, NULL, NULL);
4147 return SUCCESS;
4148 } else {
4149 return FAILURE;
4150 }
4151 }
4152 /* }}} */
4153
zend_compile_func_array_key_exists(znode * result,zend_ast_list * args)4154 zend_result zend_compile_func_array_key_exists(znode *result, zend_ast_list *args) /* {{{ */
4155 {
4156 znode subject, needle;
4157
4158 if (args->children != 2) {
4159 return FAILURE;
4160 }
4161
4162 zend_compile_expr(&needle, args->child[0]);
4163 zend_compile_expr(&subject, args->child[1]);
4164
4165 zend_emit_op_tmp(result, ZEND_ARRAY_KEY_EXISTS, &needle, &subject);
4166 return SUCCESS;
4167 }
4168 /* }}} */
4169
zend_compile_func_array_slice(znode * result,zend_ast_list * args)4170 zend_result zend_compile_func_array_slice(znode *result, zend_ast_list *args) /* {{{ */
4171 {
4172 if (CG(active_op_array)->function_name
4173 && args->children == 2
4174 && args->child[0]->kind == ZEND_AST_CALL
4175 && args->child[0]->child[0]->kind == ZEND_AST_ZVAL
4176 && Z_TYPE_P(zend_ast_get_zval(args->child[0]->child[0])) == IS_STRING
4177 && args->child[0]->child[1]->kind == ZEND_AST_ARG_LIST
4178 && args->child[1]->kind == ZEND_AST_ZVAL) {
4179
4180 zend_string *orig_name = zend_ast_get_str(args->child[0]->child[0]);
4181 zend_bool is_fully_qualified;
4182 zend_string *name = zend_resolve_function_name(orig_name, args->child[0]->child[0]->attr, &is_fully_qualified);
4183 zend_ast_list *list = zend_ast_get_list(args->child[0]->child[1]);
4184 zval *zv = zend_ast_get_zval(args->child[1]);
4185 znode first;
4186
4187 if (zend_string_equals_literal_ci(name, "func_get_args")
4188 && list->children == 0
4189 && Z_TYPE_P(zv) == IS_LONG
4190 && Z_LVAL_P(zv) >= 0) {
4191 first.op_type = IS_CONST;
4192 ZVAL_LONG(&first.u.constant, Z_LVAL_P(zv));
4193 zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, &first, NULL);
4194 zend_string_release_ex(name, 0);
4195 return SUCCESS;
4196 }
4197 zend_string_release_ex(name, 0);
4198 }
4199 return FAILURE;
4200 }
4201 /* }}} */
4202
zend_try_compile_special_func(znode * result,zend_string * lcname,zend_ast_list * args,zend_function * fbc,uint32_t type)4203 zend_result zend_try_compile_special_func(znode *result, zend_string *lcname, zend_ast_list *args, zend_function *fbc, uint32_t type) /* {{{ */
4204 {
4205 if (CG(compiler_options) & ZEND_COMPILE_NO_BUILTINS) {
4206 return FAILURE;
4207 }
4208
4209 if (fbc->type != ZEND_INTERNAL_FUNCTION) {
4210 /* If the function is part of disabled_functions, it may be redeclared as a userland
4211 * function with a different implementation. Don't use the VM builtin in that case. */
4212 return FAILURE;
4213 }
4214
4215 if (zend_args_contain_unpack_or_named(args)) {
4216 return FAILURE;
4217 }
4218
4219 if (zend_string_equals_literal(lcname, "strlen")) {
4220 return zend_compile_func_strlen(result, args);
4221 } else if (zend_string_equals_literal(lcname, "is_null")) {
4222 return zend_compile_func_typecheck(result, args, IS_NULL);
4223 } else if (zend_string_equals_literal(lcname, "is_bool")) {
4224 return zend_compile_func_typecheck(result, args, _IS_BOOL);
4225 } else if (zend_string_equals_literal(lcname, "is_long")
4226 || zend_string_equals_literal(lcname, "is_int")
4227 || zend_string_equals_literal(lcname, "is_integer")
4228 ) {
4229 return zend_compile_func_typecheck(result, args, IS_LONG);
4230 } else if (zend_string_equals_literal(lcname, "is_float")
4231 || zend_string_equals_literal(lcname, "is_double")
4232 ) {
4233 return zend_compile_func_typecheck(result, args, IS_DOUBLE);
4234 } else if (zend_string_equals_literal(lcname, "is_string")) {
4235 return zend_compile_func_typecheck(result, args, IS_STRING);
4236 } else if (zend_string_equals_literal(lcname, "is_array")) {
4237 return zend_compile_func_typecheck(result, args, IS_ARRAY);
4238 } else if (zend_string_equals_literal(lcname, "is_object")) {
4239 return zend_compile_func_typecheck(result, args, IS_OBJECT);
4240 } else if (zend_string_equals_literal(lcname, "is_resource")) {
4241 return zend_compile_func_typecheck(result, args, IS_RESOURCE);
4242 } else if (zend_string_equals_literal(lcname, "is_scalar")) {
4243 return zend_compile_func_is_scalar(result, args);
4244 } else if (zend_string_equals_literal(lcname, "boolval")) {
4245 return zend_compile_func_cast(result, args, _IS_BOOL);
4246 } else if (zend_string_equals_literal(lcname, "intval")) {
4247 return zend_compile_func_cast(result, args, IS_LONG);
4248 } else if (zend_string_equals_literal(lcname, "floatval")
4249 || zend_string_equals_literal(lcname, "doubleval")
4250 ) {
4251 return zend_compile_func_cast(result, args, IS_DOUBLE);
4252 } else if (zend_string_equals_literal(lcname, "strval")) {
4253 return zend_compile_func_cast(result, args, IS_STRING);
4254 } else if (zend_string_equals_literal(lcname, "defined")) {
4255 return zend_compile_func_defined(result, args);
4256 } else if (zend_string_equals_literal(lcname, "chr") && type == BP_VAR_R) {
4257 return zend_compile_func_chr(result, args);
4258 } else if (zend_string_equals_literal(lcname, "ord") && type == BP_VAR_R) {
4259 return zend_compile_func_ord(result, args);
4260 } else if (zend_string_equals_literal(lcname, "call_user_func_array")) {
4261 return zend_compile_func_cufa(result, args, lcname);
4262 } else if (zend_string_equals_literal(lcname, "call_user_func")) {
4263 return zend_compile_func_cuf(result, args, lcname);
4264 } else if (zend_string_equals_literal(lcname, "in_array")) {
4265 return zend_compile_func_in_array(result, args);
4266 } else if (zend_string_equals_literal(lcname, "count")
4267 || zend_string_equals_literal(lcname, "sizeof")) {
4268 return zend_compile_func_count(result, args, lcname);
4269 } else if (zend_string_equals_literal(lcname, "get_class")) {
4270 return zend_compile_func_get_class(result, args);
4271 } else if (zend_string_equals_literal(lcname, "get_called_class")) {
4272 return zend_compile_func_get_called_class(result, args);
4273 } else if (zend_string_equals_literal(lcname, "gettype")) {
4274 return zend_compile_func_gettype(result, args);
4275 } else if (zend_string_equals_literal(lcname, "func_num_args")) {
4276 return zend_compile_func_num_args(result, args);
4277 } else if (zend_string_equals_literal(lcname, "func_get_args")) {
4278 return zend_compile_func_get_args(result, args);
4279 } else if (zend_string_equals_literal(lcname, "array_slice")) {
4280 return zend_compile_func_array_slice(result, args);
4281 } else if (zend_string_equals_literal(lcname, "array_key_exists")) {
4282 return zend_compile_func_array_key_exists(result, args);
4283 } else {
4284 return FAILURE;
4285 }
4286 }
4287 /* }}} */
4288
zend_compile_call(znode * result,zend_ast * ast,uint32_t type)4289 void zend_compile_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4290 {
4291 zend_ast *name_ast = ast->child[0];
4292 zend_ast *args_ast = ast->child[1];
4293
4294 znode name_node;
4295
4296 if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
4297 zend_compile_expr(&name_node, name_ast);
4298 zend_compile_dynamic_call(result, &name_node, args_ast);
4299 return;
4300 }
4301
4302 {
4303 zend_bool runtime_resolution = zend_compile_function_name(&name_node, name_ast);
4304 if (runtime_resolution) {
4305 if (zend_string_equals_literal_ci(zend_ast_get_str(name_ast), "assert")) {
4306 zend_compile_assert(result, zend_ast_get_list(args_ast), Z_STR(name_node.u.constant), NULL);
4307 } else {
4308 zend_compile_ns_call(result, &name_node, args_ast);
4309 }
4310 return;
4311 }
4312 }
4313
4314 {
4315 zval *name = &name_node.u.constant;
4316 zend_string *lcname;
4317 zend_function *fbc;
4318 zend_op *opline;
4319
4320 lcname = zend_string_tolower(Z_STR_P(name));
4321 fbc = zend_hash_find_ptr(CG(function_table), lcname);
4322
4323 /* Special assert() handling should apply independently of compiler flags. */
4324 if (fbc && zend_string_equals_literal(lcname, "assert")) {
4325 zend_compile_assert(result, zend_ast_get_list(args_ast), lcname, fbc);
4326 zend_string_release(lcname);
4327 zval_ptr_dtor(&name_node.u.constant);
4328 return;
4329 }
4330
4331 if (!fbc || !fbc_is_finalized(fbc)
4332 || (fbc->type == ZEND_INTERNAL_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS))
4333 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS))
4334 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES) && fbc->op_array.filename != CG(active_op_array)->filename)
4335 ) {
4336 zend_string_release_ex(lcname, 0);
4337 zend_compile_dynamic_call(result, &name_node, args_ast);
4338 return;
4339 }
4340
4341 if (zend_try_compile_special_func(result, lcname,
4342 zend_ast_get_list(args_ast), fbc, type) == SUCCESS
4343 ) {
4344 zend_string_release_ex(lcname, 0);
4345 zval_ptr_dtor(&name_node.u.constant);
4346 return;
4347 }
4348
4349 zval_ptr_dtor(&name_node.u.constant);
4350 ZVAL_NEW_STR(&name_node.u.constant, lcname);
4351
4352 opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
4353 opline->result.num = zend_alloc_cache_slot();
4354
4355 zend_compile_call_common(result, args_ast, fbc);
4356 }
4357 }
4358 /* }}} */
4359
zend_compile_method_call(znode * result,zend_ast * ast,uint32_t type)4360 void zend_compile_method_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4361 {
4362 zend_ast *obj_ast = ast->child[0];
4363 zend_ast *method_ast = ast->child[1];
4364 zend_ast *args_ast = ast->child[2];
4365
4366 znode obj_node, method_node;
4367 zend_op *opline;
4368 zend_function *fbc = NULL;
4369 zend_bool nullsafe = ast->kind == ZEND_AST_NULLSAFE_METHOD_CALL;
4370
4371 if (is_this_fetch(obj_ast)) {
4372 if (this_guaranteed_exists()) {
4373 obj_node.op_type = IS_UNUSED;
4374 } else {
4375 zend_emit_op(&obj_node, ZEND_FETCH_THIS, NULL, NULL);
4376 }
4377 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
4378
4379 /* We will throw if $this doesn't exist, so there's no need to emit a JMP_NULL
4380 * check for a nullsafe access. */
4381 } else {
4382 zend_short_circuiting_mark_inner(obj_ast);
4383 zend_compile_expr(&obj_node, obj_ast);
4384 if (nullsafe) {
4385 zend_emit_jmp_null(&obj_node);
4386 }
4387 }
4388
4389 zend_compile_expr(&method_node, method_ast);
4390 opline = zend_emit_op(NULL, ZEND_INIT_METHOD_CALL, &obj_node, NULL);
4391
4392 if (method_node.op_type == IS_CONST) {
4393 if (Z_TYPE(method_node.u.constant) != IS_STRING) {
4394 zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4395 }
4396
4397 opline->op2_type = IS_CONST;
4398 opline->op2.constant = zend_add_func_name_literal(
4399 Z_STR(method_node.u.constant));
4400 opline->result.num = zend_alloc_cache_slots(2);
4401 } else {
4402 SET_NODE(opline->op2, &method_node);
4403 }
4404
4405 /* Check if this calls a known method on $this */
4406 if (opline->op1_type == IS_UNUSED && opline->op2_type == IS_CONST &&
4407 CG(active_class_entry) && zend_is_scope_known()) {
4408 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4409 fbc = zend_hash_find_ptr(&CG(active_class_entry)->function_table, lcname);
4410
4411 /* We only know the exact method that is being called if it is either private or final.
4412 * Otherwise an overriding method in a child class may be called. */
4413 if (fbc && !(fbc->common.fn_flags & (ZEND_ACC_PRIVATE|ZEND_ACC_FINAL))) {
4414 fbc = NULL;
4415 }
4416 }
4417
4418 zend_compile_call_common(result, args_ast, fbc);
4419 }
4420 /* }}} */
4421
zend_is_constructor(zend_string * name)4422 static zend_bool zend_is_constructor(zend_string *name) /* {{{ */
4423 {
4424 return zend_string_equals_literal_ci(name, ZEND_CONSTRUCTOR_FUNC_NAME);
4425 }
4426 /* }}} */
4427
zend_get_compatible_func_or_null(zend_class_entry * ce,zend_string * lcname)4428 static zend_function *zend_get_compatible_func_or_null(zend_class_entry *ce, zend_string *lcname) /* {{{ */
4429 {
4430 zend_function *fbc = zend_hash_find_ptr(&ce->function_table, lcname);
4431 if (!fbc || (fbc->common.fn_flags & ZEND_ACC_PUBLIC) || ce == CG(active_class_entry)) {
4432 return fbc;
4433 }
4434
4435 if (!(fbc->common.fn_flags & ZEND_ACC_PRIVATE)
4436 && (fbc->common.scope->ce_flags & ZEND_ACC_LINKED)
4437 && (!CG(active_class_entry) || (CG(active_class_entry)->ce_flags & ZEND_ACC_LINKED))
4438 && zend_check_protected(zend_get_function_root_class(fbc), CG(active_class_entry))) {
4439 return fbc;
4440 }
4441
4442 return NULL;
4443 }
4444 /* }}} */
4445
zend_compile_static_call(znode * result,zend_ast * ast,uint32_t type)4446 void zend_compile_static_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4447 {
4448 zend_ast *class_ast = ast->child[0];
4449 zend_ast *method_ast = ast->child[1];
4450 zend_ast *args_ast = ast->child[2];
4451
4452 znode class_node, method_node;
4453 zend_op *opline;
4454 zend_function *fbc = NULL;
4455
4456 zend_short_circuiting_mark_inner(class_ast);
4457 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4458
4459 zend_compile_expr(&method_node, method_ast);
4460
4461 if (method_node.op_type == IS_CONST) {
4462 zval *name = &method_node.u.constant;
4463 if (Z_TYPE_P(name) != IS_STRING) {
4464 zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4465 }
4466 if (zend_is_constructor(Z_STR_P(name))) {
4467 zval_ptr_dtor(name);
4468 method_node.op_type = IS_UNUSED;
4469 }
4470 }
4471
4472 opline = get_next_op();
4473 opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
4474
4475 zend_set_class_name_op1(opline, &class_node);
4476
4477 if (method_node.op_type == IS_CONST) {
4478 opline->op2_type = IS_CONST;
4479 opline->op2.constant = zend_add_func_name_literal(
4480 Z_STR(method_node.u.constant));
4481 opline->result.num = zend_alloc_cache_slots(2);
4482 } else {
4483 if (opline->op1_type == IS_CONST) {
4484 opline->result.num = zend_alloc_cache_slot();
4485 }
4486 SET_NODE(opline->op2, &method_node);
4487 }
4488
4489 /* Check if we already know which method we're calling */
4490 if (opline->op2_type == IS_CONST) {
4491 zend_class_entry *ce = NULL;
4492 if (opline->op1_type == IS_CONST) {
4493 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op1) + 1);
4494 ce = zend_hash_find_ptr(CG(class_table), lcname);
4495 if (!ce && CG(active_class_entry)
4496 && zend_string_equals_ci(CG(active_class_entry)->name, lcname)) {
4497 ce = CG(active_class_entry);
4498 }
4499 } else if (opline->op1_type == IS_UNUSED
4500 && (opline->op1.num & ZEND_FETCH_CLASS_MASK) == ZEND_FETCH_CLASS_SELF
4501 && zend_is_scope_known()) {
4502 ce = CG(active_class_entry);
4503 }
4504 if (ce) {
4505 zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4506 fbc = zend_get_compatible_func_or_null(ce, lcname);
4507 }
4508 }
4509
4510 zend_compile_call_common(result, args_ast, fbc);
4511 }
4512 /* }}} */
4513
4514 void zend_compile_class_decl(znode *result, zend_ast *ast, zend_bool toplevel);
4515
zend_compile_new(znode * result,zend_ast * ast)4516 void zend_compile_new(znode *result, zend_ast *ast) /* {{{ */
4517 {
4518 zend_ast *class_ast = ast->child[0];
4519 zend_ast *args_ast = ast->child[1];
4520
4521 znode class_node, ctor_result;
4522 zend_op *opline;
4523
4524 if (class_ast->kind == ZEND_AST_CLASS) {
4525 /* anon class declaration */
4526 zend_compile_class_decl(&class_node, class_ast, 0);
4527 } else {
4528 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4529 }
4530
4531 opline = zend_emit_op(result, ZEND_NEW, NULL, NULL);
4532
4533 if (class_node.op_type == IS_CONST) {
4534 opline->op1_type = IS_CONST;
4535 opline->op1.constant = zend_add_class_name_literal(
4536 Z_STR(class_node.u.constant));
4537 opline->op2.num = zend_alloc_cache_slot();
4538 } else {
4539 SET_NODE(opline->op1, &class_node);
4540 }
4541
4542 zend_compile_call_common(&ctor_result, args_ast, NULL);
4543 zend_do_free(&ctor_result);
4544 }
4545 /* }}} */
4546
zend_compile_clone(znode * result,zend_ast * ast)4547 void zend_compile_clone(znode *result, zend_ast *ast) /* {{{ */
4548 {
4549 zend_ast *obj_ast = ast->child[0];
4550
4551 znode obj_node;
4552 zend_compile_expr(&obj_node, obj_ast);
4553
4554 zend_emit_op_tmp(result, ZEND_CLONE, &obj_node, NULL);
4555 }
4556 /* }}} */
4557
zend_compile_global_var(zend_ast * ast)4558 void zend_compile_global_var(zend_ast *ast) /* {{{ */
4559 {
4560 zend_ast *var_ast = ast->child[0];
4561 zend_ast *name_ast = var_ast->child[0];
4562
4563 znode name_node, result;
4564
4565 zend_compile_expr(&name_node, name_ast);
4566 if (name_node.op_type == IS_CONST) {
4567 convert_to_string(&name_node.u.constant);
4568 }
4569
4570 if (is_this_fetch(var_ast)) {
4571 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as global variable");
4572 } else if (zend_try_compile_cv(&result, var_ast) == SUCCESS) {
4573 zend_op *opline = zend_emit_op(NULL, ZEND_BIND_GLOBAL, &result, &name_node);
4574 opline->extended_value = zend_alloc_cache_slot();
4575 } else {
4576 /* name_ast should be evaluated only. FETCH_GLOBAL_LOCK instructs FETCH_W
4577 * to not free the name_node operand, so it can be reused in the following
4578 * ASSIGN_REF, which then frees it. */
4579 zend_op *opline = zend_emit_op(&result, ZEND_FETCH_W, &name_node, NULL);
4580 opline->extended_value = ZEND_FETCH_GLOBAL_LOCK;
4581
4582 if (name_node.op_type == IS_CONST) {
4583 zend_string_addref(Z_STR(name_node.u.constant));
4584 }
4585
4586 zend_emit_assign_ref_znode(
4587 zend_ast_create(ZEND_AST_VAR, zend_ast_create_znode(&name_node)),
4588 &result
4589 );
4590 }
4591 }
4592 /* }}} */
4593
zend_compile_static_var_common(zend_string * var_name,zval * value,uint32_t mode)4594 static void zend_compile_static_var_common(zend_string *var_name, zval *value, uint32_t mode) /* {{{ */
4595 {
4596 zend_op *opline;
4597 if (!CG(active_op_array)->static_variables) {
4598 if (CG(active_op_array)->scope) {
4599 CG(active_op_array)->scope->ce_flags |= ZEND_HAS_STATIC_IN_METHODS;
4600 }
4601 CG(active_op_array)->static_variables = zend_new_array(8);
4602 }
4603
4604 value = zend_hash_update(CG(active_op_array)->static_variables, var_name, value);
4605
4606 if (zend_string_equals_literal(var_name, "this")) {
4607 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as static variable");
4608 }
4609
4610 opline = zend_emit_op(NULL, ZEND_BIND_STATIC, NULL, NULL);
4611 opline->op1_type = IS_CV;
4612 opline->op1.var = lookup_cv(var_name);
4613 opline->extended_value = (uint32_t)((char*)value - (char*)CG(active_op_array)->static_variables->arData) | mode;
4614 }
4615 /* }}} */
4616
zend_compile_static_var(zend_ast * ast)4617 void zend_compile_static_var(zend_ast *ast) /* {{{ */
4618 {
4619 zend_ast *var_ast = ast->child[0];
4620 zend_ast **value_ast_ptr = &ast->child[1];
4621 zval value_zv;
4622
4623 if (*value_ast_ptr) {
4624 zend_const_expr_to_zval(&value_zv, value_ast_ptr);
4625 } else {
4626 ZVAL_NULL(&value_zv);
4627 }
4628
4629 zend_compile_static_var_common(zend_ast_get_str(var_ast), &value_zv, ZEND_BIND_REF);
4630 }
4631 /* }}} */
4632
zend_compile_unset(zend_ast * ast)4633 void zend_compile_unset(zend_ast *ast) /* {{{ */
4634 {
4635 zend_ast *var_ast = ast->child[0];
4636 znode var_node;
4637 zend_op *opline;
4638
4639 zend_ensure_writable_variable(var_ast);
4640
4641 switch (var_ast->kind) {
4642 case ZEND_AST_VAR:
4643 if (is_this_fetch(var_ast)) {
4644 zend_error_noreturn(E_COMPILE_ERROR, "Cannot unset $this");
4645 } else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
4646 opline = zend_emit_op(NULL, ZEND_UNSET_CV, &var_node, NULL);
4647 } else {
4648 opline = zend_compile_simple_var_no_cv(NULL, var_ast, BP_VAR_UNSET, 0);
4649 opline->opcode = ZEND_UNSET_VAR;
4650 }
4651 return;
4652 case ZEND_AST_DIM:
4653 opline = zend_compile_dim(NULL, var_ast, BP_VAR_UNSET);
4654 opline->opcode = ZEND_UNSET_DIM;
4655 return;
4656 case ZEND_AST_PROP:
4657 case ZEND_AST_NULLSAFE_PROP:
4658 opline = zend_compile_prop(NULL, var_ast, BP_VAR_UNSET, 0);
4659 opline->opcode = ZEND_UNSET_OBJ;
4660 return;
4661 case ZEND_AST_STATIC_PROP:
4662 opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_UNSET, 0, 0);
4663 opline->opcode = ZEND_UNSET_STATIC_PROP;
4664 return;
4665 EMPTY_SWITCH_DEFAULT_CASE()
4666 }
4667 }
4668 /* }}} */
4669
zend_handle_loops_and_finally_ex(zend_long depth,znode * return_value)4670 static bool zend_handle_loops_and_finally_ex(zend_long depth, znode *return_value) /* {{{ */
4671 {
4672 zend_loop_var *base;
4673 zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
4674
4675 if (!loop_var) {
4676 return 1;
4677 }
4678 base = zend_stack_base(&CG(loop_var_stack));
4679 for (; loop_var >= base; loop_var--) {
4680 if (loop_var->opcode == ZEND_FAST_CALL) {
4681 zend_op *opline = get_next_op();
4682
4683 opline->opcode = ZEND_FAST_CALL;
4684 opline->result_type = IS_TMP_VAR;
4685 opline->result.var = loop_var->var_num;
4686 if (return_value) {
4687 SET_NODE(opline->op2, return_value);
4688 }
4689 opline->op1.num = loop_var->try_catch_offset;
4690 } else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
4691 zend_op *opline = get_next_op();
4692 opline->opcode = ZEND_DISCARD_EXCEPTION;
4693 opline->op1_type = IS_TMP_VAR;
4694 opline->op1.var = loop_var->var_num;
4695 } else if (loop_var->opcode == ZEND_RETURN) {
4696 /* Stack separator */
4697 break;
4698 } else if (depth <= 1) {
4699 return 1;
4700 } else if (loop_var->opcode == ZEND_NOP) {
4701 /* Loop doesn't have freeable variable */
4702 depth--;
4703 } else {
4704 zend_op *opline;
4705
4706 ZEND_ASSERT(loop_var->var_type & (IS_VAR|IS_TMP_VAR));
4707 opline = get_next_op();
4708 opline->opcode = loop_var->opcode;
4709 opline->op1_type = loop_var->var_type;
4710 opline->op1.var = loop_var->var_num;
4711 opline->extended_value = ZEND_FREE_ON_RETURN;
4712 depth--;
4713 }
4714 }
4715 return (depth == 0);
4716 }
4717 /* }}} */
4718
zend_handle_loops_and_finally(znode * return_value)4719 static bool zend_handle_loops_and_finally(znode *return_value) /* {{{ */
4720 {
4721 return zend_handle_loops_and_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1, return_value);
4722 }
4723 /* }}} */
4724
zend_has_finally_ex(zend_long depth)4725 static bool zend_has_finally_ex(zend_long depth) /* {{{ */
4726 {
4727 zend_loop_var *base;
4728 zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
4729
4730 if (!loop_var) {
4731 return 0;
4732 }
4733 base = zend_stack_base(&CG(loop_var_stack));
4734 for (; loop_var >= base; loop_var--) {
4735 if (loop_var->opcode == ZEND_FAST_CALL) {
4736 return 1;
4737 } else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
4738 } else if (loop_var->opcode == ZEND_RETURN) {
4739 /* Stack separator */
4740 return 0;
4741 } else if (depth <= 1) {
4742 return 0;
4743 } else {
4744 depth--;
4745 }
4746 }
4747 return 0;
4748 }
4749 /* }}} */
4750
zend_has_finally(void)4751 static bool zend_has_finally(void) /* {{{ */
4752 {
4753 return zend_has_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1);
4754 }
4755 /* }}} */
4756
zend_compile_return(zend_ast * ast)4757 void zend_compile_return(zend_ast *ast) /* {{{ */
4758 {
4759 zend_ast *expr_ast = ast->child[0];
4760 zend_bool is_generator = (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0;
4761 zend_bool by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
4762
4763 znode expr_node;
4764 zend_op *opline;
4765
4766 if (is_generator) {
4767 /* For generators the by-ref flag refers to yields, not returns */
4768 by_ref = 0;
4769 }
4770
4771 if (!expr_ast) {
4772 expr_node.op_type = IS_CONST;
4773 ZVAL_NULL(&expr_node.u.constant);
4774 } else if (by_ref && zend_is_variable(expr_ast)) {
4775 if (zend_ast_is_short_circuited(expr_ast)) {
4776 zend_error_noreturn(E_COMPILE_ERROR, "Cannot take reference of a nullsafe chain");
4777 }
4778
4779 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
4780 } else {
4781 zend_compile_expr(&expr_node, expr_ast);
4782 }
4783
4784 if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)
4785 && (expr_node.op_type == IS_CV || (by_ref && expr_node.op_type == IS_VAR))
4786 && zend_has_finally()) {
4787 /* Copy return value into temporary VAR to avoid modification in finally code */
4788 if (by_ref) {
4789 zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
4790 } else {
4791 zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &expr_node, NULL);
4792 }
4793 }
4794
4795 /* Generator return types are handled separately */
4796 if (!is_generator && (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE)) {
4797 zend_emit_return_type_check(
4798 expr_ast ? &expr_node : NULL, CG(active_op_array)->arg_info - 1, 0);
4799 }
4800
4801 zend_handle_loops_and_finally((expr_node.op_type & (IS_TMP_VAR | IS_VAR)) ? &expr_node : NULL);
4802
4803 opline = zend_emit_op(NULL, by_ref ? ZEND_RETURN_BY_REF : ZEND_RETURN,
4804 &expr_node, NULL);
4805
4806 if (by_ref && expr_ast) {
4807 if (zend_is_call(expr_ast)) {
4808 opline->extended_value = ZEND_RETURNS_FUNCTION;
4809 } else if (!zend_is_variable(expr_ast) || zend_ast_is_short_circuited(expr_ast)) {
4810 opline->extended_value = ZEND_RETURNS_VALUE;
4811 }
4812 }
4813 }
4814 /* }}} */
4815
zend_compile_echo(zend_ast * ast)4816 void zend_compile_echo(zend_ast *ast) /* {{{ */
4817 {
4818 zend_op *opline;
4819 zend_ast *expr_ast = ast->child[0];
4820
4821 znode expr_node;
4822 zend_compile_expr(&expr_node, expr_ast);
4823
4824 opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
4825 opline->extended_value = 0;
4826 }
4827 /* }}} */
4828
zend_compile_throw(znode * result,zend_ast * ast)4829 void zend_compile_throw(znode *result, zend_ast *ast) /* {{{ */
4830 {
4831 zend_ast *expr_ast = ast->child[0];
4832
4833 znode expr_node;
4834 zend_compile_expr(&expr_node, expr_ast);
4835
4836 zend_op *opline = zend_emit_op(NULL, ZEND_THROW, &expr_node, NULL);
4837 if (result) {
4838 /* Mark this as an "expression throw" for opcache. */
4839 opline->extended_value = ZEND_THROW_IS_EXPR;
4840 result->op_type = IS_CONST;
4841 ZVAL_BOOL(&result->u.constant, 1);
4842 }
4843 }
4844 /* }}} */
4845
zend_compile_break_continue(zend_ast * ast)4846 void zend_compile_break_continue(zend_ast *ast) /* {{{ */
4847 {
4848 zend_ast *depth_ast = ast->child[0];
4849
4850 zend_op *opline;
4851 zend_long depth;
4852
4853 ZEND_ASSERT(ast->kind == ZEND_AST_BREAK || ast->kind == ZEND_AST_CONTINUE);
4854
4855 if (depth_ast) {
4856 zval *depth_zv;
4857 if (depth_ast->kind != ZEND_AST_ZVAL) {
4858 zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator with non-integer operand "
4859 "is no longer supported", ast->kind == ZEND_AST_BREAK ? "break" : "continue");
4860 }
4861
4862 depth_zv = zend_ast_get_zval(depth_ast);
4863 if (Z_TYPE_P(depth_zv) != IS_LONG || Z_LVAL_P(depth_zv) < 1) {
4864 zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator accepts only positive integers",
4865 ast->kind == ZEND_AST_BREAK ? "break" : "continue");
4866 }
4867
4868 depth = Z_LVAL_P(depth_zv);
4869 } else {
4870 depth = 1;
4871 }
4872
4873 if (CG(context).current_brk_cont == -1) {
4874 zend_error_noreturn(E_COMPILE_ERROR, "'%s' not in the 'loop' or 'switch' context",
4875 ast->kind == ZEND_AST_BREAK ? "break" : "continue");
4876 } else {
4877 if (!zend_handle_loops_and_finally_ex(depth, NULL)) {
4878 zend_error_noreturn(E_COMPILE_ERROR, "Cannot '%s' " ZEND_LONG_FMT " level%s",
4879 ast->kind == ZEND_AST_BREAK ? "break" : "continue",
4880 depth, depth == 1 ? "" : "s");
4881 }
4882 }
4883
4884 if (ast->kind == ZEND_AST_CONTINUE) {
4885 int d, cur = CG(context).current_brk_cont;
4886 for (d = depth - 1; d > 0; d--) {
4887 cur = CG(context).brk_cont_array[cur].parent;
4888 ZEND_ASSERT(cur != -1);
4889 }
4890
4891 if (CG(context).brk_cont_array[cur].is_switch) {
4892 if (depth == 1) {
4893 if (CG(context).brk_cont_array[cur].parent == -1) {
4894 zend_error(E_WARNING,
4895 "\"continue\" targeting switch is equivalent to \"break\"");
4896 } else {
4897 zend_error(E_WARNING,
4898 "\"continue\" targeting switch is equivalent to \"break\". " \
4899 "Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
4900 depth + 1);
4901 }
4902 } else {
4903 if (CG(context).brk_cont_array[cur].parent == -1) {
4904 zend_error(E_WARNING,
4905 "\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\"",
4906 depth, depth);
4907 } else {
4908 zend_error(E_WARNING,
4909 "\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\". " \
4910 "Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
4911 depth, depth, depth + 1);
4912 }
4913 }
4914 }
4915 }
4916
4917 opline = zend_emit_op(NULL, ast->kind == ZEND_AST_BREAK ? ZEND_BRK : ZEND_CONT, NULL, NULL);
4918 opline->op1.num = CG(context).current_brk_cont;
4919 opline->op2.num = depth;
4920 }
4921 /* }}} */
4922
zend_resolve_goto_label(zend_op_array * op_array,zend_op * opline)4923 void zend_resolve_goto_label(zend_op_array *op_array, zend_op *opline) /* {{{ */
4924 {
4925 zend_label *dest;
4926 int current, remove_oplines = opline->op1.num;
4927 zval *label;
4928 uint32_t opnum = opline - op_array->opcodes;
4929
4930 label = CT_CONSTANT_EX(op_array, opline->op2.constant);
4931 if (CG(context).labels == NULL ||
4932 (dest = zend_hash_find_ptr(CG(context).labels, Z_STR_P(label))) == NULL
4933 ) {
4934 CG(in_compilation) = 1;
4935 CG(active_op_array) = op_array;
4936 CG(zend_lineno) = opline->lineno;
4937 zend_error_noreturn(E_COMPILE_ERROR, "'goto' to undefined label '%s'", Z_STRVAL_P(label));
4938 }
4939
4940 zval_ptr_dtor_str(label);
4941 ZVAL_NULL(label);
4942
4943 current = opline->extended_value;
4944 for (; current != dest->brk_cont; current = CG(context).brk_cont_array[current].parent) {
4945 if (current == -1) {
4946 CG(in_compilation) = 1;
4947 CG(active_op_array) = op_array;
4948 CG(zend_lineno) = opline->lineno;
4949 zend_error_noreturn(E_COMPILE_ERROR, "'goto' into loop or switch statement is disallowed");
4950 }
4951 if (CG(context).brk_cont_array[current].start >= 0) {
4952 remove_oplines--;
4953 }
4954 }
4955
4956 for (current = 0; current < op_array->last_try_catch; ++current) {
4957 zend_try_catch_element *elem = &op_array->try_catch_array[current];
4958 if (elem->try_op > opnum) {
4959 break;
4960 }
4961 if (elem->finally_op && opnum < elem->finally_op - 1
4962 && (dest->opline_num > elem->finally_end || dest->opline_num < elem->try_op)
4963 ) {
4964 remove_oplines--;
4965 }
4966 }
4967
4968 opline->opcode = ZEND_JMP;
4969 opline->op1.opline_num = dest->opline_num;
4970 opline->extended_value = 0;
4971 SET_UNUSED(opline->op1);
4972 SET_UNUSED(opline->op2);
4973 SET_UNUSED(opline->result);
4974
4975 ZEND_ASSERT(remove_oplines >= 0);
4976 while (remove_oplines--) {
4977 opline--;
4978 MAKE_NOP(opline);
4979 ZEND_VM_SET_OPCODE_HANDLER(opline);
4980 }
4981 }
4982 /* }}} */
4983
zend_compile_goto(zend_ast * ast)4984 void zend_compile_goto(zend_ast *ast) /* {{{ */
4985 {
4986 zend_ast *label_ast = ast->child[0];
4987 znode label_node;
4988 zend_op *opline;
4989 uint32_t opnum_start = get_next_op_number();
4990
4991 zend_compile_expr(&label_node, label_ast);
4992
4993 /* Label resolution and unwinding adjustments happen in pass two. */
4994 zend_handle_loops_and_finally(NULL);
4995 opline = zend_emit_op(NULL, ZEND_GOTO, NULL, &label_node);
4996 opline->op1.num = get_next_op_number() - opnum_start - 1;
4997 opline->extended_value = CG(context).current_brk_cont;
4998 }
4999 /* }}} */
5000
zend_compile_label(zend_ast * ast)5001 void zend_compile_label(zend_ast *ast) /* {{{ */
5002 {
5003 zend_string *label = zend_ast_get_str(ast->child[0]);
5004 zend_label dest;
5005
5006 if (!CG(context).labels) {
5007 ALLOC_HASHTABLE(CG(context).labels);
5008 zend_hash_init(CG(context).labels, 8, NULL, label_ptr_dtor, 0);
5009 }
5010
5011 dest.brk_cont = CG(context).current_brk_cont;
5012 dest.opline_num = get_next_op_number();
5013
5014 if (!zend_hash_add_mem(CG(context).labels, label, &dest, sizeof(zend_label))) {
5015 zend_error_noreturn(E_COMPILE_ERROR, "Label '%s' already defined", ZSTR_VAL(label));
5016 }
5017 }
5018 /* }}} */
5019
zend_compile_while(zend_ast * ast)5020 void zend_compile_while(zend_ast *ast) /* {{{ */
5021 {
5022 zend_ast *cond_ast = ast->child[0];
5023 zend_ast *stmt_ast = ast->child[1];
5024 znode cond_node;
5025 uint32_t opnum_start, opnum_jmp, opnum_cond;
5026
5027 opnum_jmp = zend_emit_jump(0);
5028
5029 zend_begin_loop(ZEND_NOP, NULL, 0);
5030
5031 opnum_start = get_next_op_number();
5032 zend_compile_stmt(stmt_ast);
5033
5034 opnum_cond = get_next_op_number();
5035 zend_update_jump_target(opnum_jmp, opnum_cond);
5036 zend_compile_expr(&cond_node, cond_ast);
5037
5038 zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
5039
5040 zend_end_loop(opnum_cond, NULL);
5041 }
5042 /* }}} */
5043
zend_compile_do_while(zend_ast * ast)5044 void zend_compile_do_while(zend_ast *ast) /* {{{ */
5045 {
5046 zend_ast *stmt_ast = ast->child[0];
5047 zend_ast *cond_ast = ast->child[1];
5048
5049 znode cond_node;
5050 uint32_t opnum_start, opnum_cond;
5051
5052 zend_begin_loop(ZEND_NOP, NULL, 0);
5053
5054 opnum_start = get_next_op_number();
5055 zend_compile_stmt(stmt_ast);
5056
5057 opnum_cond = get_next_op_number();
5058 zend_compile_expr(&cond_node, cond_ast);
5059
5060 zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
5061
5062 zend_end_loop(opnum_cond, NULL);
5063 }
5064 /* }}} */
5065
zend_compile_expr_list(znode * result,zend_ast * ast)5066 void zend_compile_expr_list(znode *result, zend_ast *ast) /* {{{ */
5067 {
5068 zend_ast_list *list;
5069 uint32_t i;
5070
5071 result->op_type = IS_CONST;
5072 ZVAL_TRUE(&result->u.constant);
5073
5074 if (!ast) {
5075 return;
5076 }
5077
5078 list = zend_ast_get_list(ast);
5079 for (i = 0; i < list->children; ++i) {
5080 zend_ast *expr_ast = list->child[i];
5081
5082 zend_do_free(result);
5083 zend_compile_expr(result, expr_ast);
5084 }
5085 }
5086 /* }}} */
5087
zend_compile_for(zend_ast * ast)5088 void zend_compile_for(zend_ast *ast) /* {{{ */
5089 {
5090 zend_ast *init_ast = ast->child[0];
5091 zend_ast *cond_ast = ast->child[1];
5092 zend_ast *loop_ast = ast->child[2];
5093 zend_ast *stmt_ast = ast->child[3];
5094
5095 znode result;
5096 uint32_t opnum_start, opnum_jmp, opnum_loop;
5097
5098 zend_compile_expr_list(&result, init_ast);
5099 zend_do_free(&result);
5100
5101 opnum_jmp = zend_emit_jump(0);
5102
5103 zend_begin_loop(ZEND_NOP, NULL, 0);
5104
5105 opnum_start = get_next_op_number();
5106 zend_compile_stmt(stmt_ast);
5107
5108 opnum_loop = get_next_op_number();
5109 zend_compile_expr_list(&result, loop_ast);
5110 zend_do_free(&result);
5111
5112 zend_update_jump_target_to_next(opnum_jmp);
5113 zend_compile_expr_list(&result, cond_ast);
5114 zend_do_extended_stmt();
5115
5116 zend_emit_cond_jump(ZEND_JMPNZ, &result, opnum_start);
5117
5118 zend_end_loop(opnum_loop, NULL);
5119 }
5120 /* }}} */
5121
zend_compile_foreach(zend_ast * ast)5122 void zend_compile_foreach(zend_ast *ast) /* {{{ */
5123 {
5124 zend_ast *expr_ast = ast->child[0];
5125 zend_ast *value_ast = ast->child[1];
5126 zend_ast *key_ast = ast->child[2];
5127 zend_ast *stmt_ast = ast->child[3];
5128 zend_bool by_ref = value_ast->kind == ZEND_AST_REF;
5129 zend_bool is_variable = zend_is_variable(expr_ast) && zend_can_write_to_variable(expr_ast);
5130
5131 znode expr_node, reset_node, value_node, key_node;
5132 zend_op *opline;
5133 uint32_t opnum_reset, opnum_fetch;
5134
5135 if (key_ast) {
5136 if (key_ast->kind == ZEND_AST_REF) {
5137 zend_error_noreturn(E_COMPILE_ERROR, "Key element cannot be a reference");
5138 }
5139 if (key_ast->kind == ZEND_AST_ARRAY) {
5140 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use list as key element");
5141 }
5142 }
5143
5144 if (by_ref) {
5145 value_ast = value_ast->child[0];
5146 }
5147
5148 if (value_ast->kind == ZEND_AST_ARRAY && zend_propagate_list_refs(value_ast)) {
5149 by_ref = 1;
5150 }
5151
5152 if (by_ref && is_variable) {
5153 zend_compile_var(&expr_node, expr_ast, BP_VAR_W, 1);
5154 } else {
5155 zend_compile_expr(&expr_node, expr_ast);
5156 }
5157
5158 if (by_ref) {
5159 zend_separate_if_call_and_write(&expr_node, expr_ast, BP_VAR_W);
5160 }
5161
5162 opnum_reset = get_next_op_number();
5163 opline = zend_emit_op(&reset_node, by_ref ? ZEND_FE_RESET_RW : ZEND_FE_RESET_R, &expr_node, NULL);
5164
5165 zend_begin_loop(ZEND_FE_FREE, &reset_node, 0);
5166
5167 opnum_fetch = get_next_op_number();
5168 opline = zend_emit_op(NULL, by_ref ? ZEND_FE_FETCH_RW : ZEND_FE_FETCH_R, &reset_node, NULL);
5169
5170 if (is_this_fetch(value_ast)) {
5171 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
5172 } else if (value_ast->kind == ZEND_AST_VAR &&
5173 zend_try_compile_cv(&value_node, value_ast) == SUCCESS) {
5174 SET_NODE(opline->op2, &value_node);
5175 } else {
5176 opline->op2_type = IS_VAR;
5177 opline->op2.var = get_temporary_variable();
5178 GET_NODE(&value_node, opline->op2);
5179 if (value_ast->kind == ZEND_AST_ARRAY) {
5180 zend_compile_list_assign(NULL, value_ast, &value_node, value_ast->attr);
5181 } else if (by_ref) {
5182 zend_emit_assign_ref_znode(value_ast, &value_node);
5183 } else {
5184 zend_emit_assign_znode(value_ast, &value_node);
5185 }
5186 }
5187
5188 if (key_ast) {
5189 opline = &CG(active_op_array)->opcodes[opnum_fetch];
5190 zend_make_tmp_result(&key_node, opline);
5191 zend_emit_assign_znode(key_ast, &key_node);
5192 }
5193
5194 zend_compile_stmt(stmt_ast);
5195
5196 /* Place JMP and FE_FREE on the line where foreach starts. It would be
5197 * better to use the end line, but this information is not available
5198 * currently. */
5199 CG(zend_lineno) = ast->lineno;
5200 zend_emit_jump(opnum_fetch);
5201
5202 opline = &CG(active_op_array)->opcodes[opnum_reset];
5203 opline->op2.opline_num = get_next_op_number();
5204
5205 opline = &CG(active_op_array)->opcodes[opnum_fetch];
5206 opline->extended_value = get_next_op_number();
5207
5208 zend_end_loop(opnum_fetch, &reset_node);
5209
5210 opline = zend_emit_op(NULL, ZEND_FE_FREE, &reset_node, NULL);
5211 }
5212 /* }}} */
5213
zend_compile_if(zend_ast * ast)5214 void zend_compile_if(zend_ast *ast) /* {{{ */
5215 {
5216 zend_ast_list *list = zend_ast_get_list(ast);
5217 uint32_t i;
5218 uint32_t *jmp_opnums = NULL;
5219
5220 if (list->children > 1) {
5221 jmp_opnums = safe_emalloc(sizeof(uint32_t), list->children - 1, 0);
5222 }
5223
5224 for (i = 0; i < list->children; ++i) {
5225 zend_ast *elem_ast = list->child[i];
5226 zend_ast *cond_ast = elem_ast->child[0];
5227 zend_ast *stmt_ast = elem_ast->child[1];
5228
5229 if (cond_ast) {
5230 znode cond_node;
5231 uint32_t opnum_jmpz;
5232 zend_compile_expr(&cond_node, cond_ast);
5233 opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5234
5235 zend_compile_stmt(stmt_ast);
5236
5237 if (i != list->children - 1) {
5238 jmp_opnums[i] = zend_emit_jump(0);
5239 }
5240 zend_update_jump_target_to_next(opnum_jmpz);
5241 } else {
5242 /* "else" can only occur as last element. */
5243 ZEND_ASSERT(i == list->children - 1);
5244 zend_compile_stmt(stmt_ast);
5245 }
5246 }
5247
5248 if (list->children > 1) {
5249 for (i = 0; i < list->children - 1; ++i) {
5250 zend_update_jump_target_to_next(jmp_opnums[i]);
5251 }
5252 efree(jmp_opnums);
5253 }
5254 }
5255 /* }}} */
5256
determine_switch_jumptable_type(zend_ast_list * cases)5257 static zend_uchar determine_switch_jumptable_type(zend_ast_list *cases) {
5258 uint32_t i;
5259 zend_uchar common_type = IS_UNDEF;
5260 for (i = 0; i < cases->children; i++) {
5261 zend_ast *case_ast = cases->child[i];
5262 zend_ast **cond_ast = &case_ast->child[0];
5263 zval *cond_zv;
5264 if (!case_ast->child[0]) {
5265 /* Skip default clause */
5266 continue;
5267 }
5268
5269 zend_eval_const_expr(cond_ast);
5270 if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
5271 /* Non-constant case */
5272 return IS_UNDEF;
5273 }
5274
5275 cond_zv = zend_ast_get_zval(case_ast->child[0]);
5276 if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
5277 /* We only optimize switched on integers and strings */
5278 return IS_UNDEF;
5279 }
5280
5281 if (common_type == IS_UNDEF) {
5282 common_type = Z_TYPE_P(cond_zv);
5283 } else if (common_type != Z_TYPE_P(cond_zv)) {
5284 /* Non-uniform case types */
5285 return IS_UNDEF;
5286 }
5287
5288 if (Z_TYPE_P(cond_zv) == IS_STRING
5289 && is_numeric_string(Z_STRVAL_P(cond_zv), Z_STRLEN_P(cond_zv), NULL, NULL, 0)) {
5290 /* Numeric strings cannot be compared with a simple hash lookup */
5291 return IS_UNDEF;
5292 }
5293 }
5294
5295 return common_type;
5296 }
5297
should_use_jumptable(zend_ast_list * cases,zend_uchar jumptable_type)5298 static zend_bool should_use_jumptable(zend_ast_list *cases, zend_uchar jumptable_type) {
5299 if (CG(compiler_options) & ZEND_COMPILE_NO_JUMPTABLES) {
5300 return 0;
5301 }
5302
5303 /* Thresholds are chosen based on when the average switch time for equidistributed
5304 * input becomes smaller when using the jumptable optimization. */
5305 if (jumptable_type == IS_LONG) {
5306 return cases->children >= 5;
5307 } else {
5308 ZEND_ASSERT(jumptable_type == IS_STRING);
5309 return cases->children >= 2;
5310 }
5311 }
5312
zend_compile_switch(zend_ast * ast)5313 void zend_compile_switch(zend_ast *ast) /* {{{ */
5314 {
5315 zend_ast *expr_ast = ast->child[0];
5316 zend_ast_list *cases = zend_ast_get_list(ast->child[1]);
5317
5318 uint32_t i;
5319 zend_bool has_default_case = 0;
5320
5321 znode expr_node, case_node;
5322 zend_op *opline;
5323 uint32_t *jmpnz_opnums, opnum_default_jmp, opnum_switch = (uint32_t)-1;
5324 zend_uchar jumptable_type;
5325 HashTable *jumptable = NULL;
5326
5327 zend_compile_expr(&expr_node, expr_ast);
5328
5329 zend_begin_loop(ZEND_FREE, &expr_node, 1);
5330
5331 case_node.op_type = IS_TMP_VAR;
5332 case_node.u.op.var = get_temporary_variable();
5333
5334 jumptable_type = determine_switch_jumptable_type(cases);
5335 if (jumptable_type != IS_UNDEF && should_use_jumptable(cases, jumptable_type)) {
5336 znode jumptable_op;
5337
5338 ALLOC_HASHTABLE(jumptable);
5339 zend_hash_init(jumptable, cases->children, NULL, NULL, 0);
5340 jumptable_op.op_type = IS_CONST;
5341 ZVAL_ARR(&jumptable_op.u.constant, jumptable);
5342
5343 opline = zend_emit_op(NULL,
5344 jumptable_type == IS_LONG ? ZEND_SWITCH_LONG : ZEND_SWITCH_STRING,
5345 &expr_node, &jumptable_op);
5346 if (opline->op1_type == IS_CONST) {
5347 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5348 }
5349 opnum_switch = opline - CG(active_op_array)->opcodes;
5350 }
5351
5352 jmpnz_opnums = safe_emalloc(sizeof(uint32_t), cases->children, 0);
5353 for (i = 0; i < cases->children; ++i) {
5354 zend_ast *case_ast = cases->child[i];
5355 zend_ast *cond_ast = case_ast->child[0];
5356 znode cond_node;
5357
5358 if (!cond_ast) {
5359 if (has_default_case) {
5360 CG(zend_lineno) = case_ast->lineno;
5361 zend_error_noreturn(E_COMPILE_ERROR,
5362 "Switch statements may only contain one default clause");
5363 }
5364 has_default_case = 1;
5365 continue;
5366 }
5367
5368 zend_compile_expr(&cond_node, cond_ast);
5369
5370 if (expr_node.op_type == IS_CONST
5371 && Z_TYPE(expr_node.u.constant) == IS_FALSE) {
5372 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5373 } else if (expr_node.op_type == IS_CONST
5374 && Z_TYPE(expr_node.u.constant) == IS_TRUE) {
5375 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, 0);
5376 } else {
5377 opline = zend_emit_op(NULL,
5378 (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE : ZEND_IS_EQUAL,
5379 &expr_node, &cond_node);
5380 SET_NODE(opline->result, &case_node);
5381 if (opline->op1_type == IS_CONST) {
5382 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5383 }
5384
5385 jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
5386 }
5387 }
5388
5389 opnum_default_jmp = zend_emit_jump(0);
5390
5391 for (i = 0; i < cases->children; ++i) {
5392 zend_ast *case_ast = cases->child[i];
5393 zend_ast *cond_ast = case_ast->child[0];
5394 zend_ast *stmt_ast = case_ast->child[1];
5395
5396 if (cond_ast) {
5397 zend_update_jump_target_to_next(jmpnz_opnums[i]);
5398
5399 if (jumptable) {
5400 zval *cond_zv = zend_ast_get_zval(cond_ast);
5401 zval jmp_target;
5402 ZVAL_LONG(&jmp_target, get_next_op_number());
5403
5404 ZEND_ASSERT(Z_TYPE_P(cond_zv) == jumptable_type);
5405 if (Z_TYPE_P(cond_zv) == IS_LONG) {
5406 zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
5407 } else {
5408 ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
5409 zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
5410 }
5411 }
5412 } else {
5413 zend_update_jump_target_to_next(opnum_default_jmp);
5414
5415 if (jumptable) {
5416 ZEND_ASSERT(opnum_switch != (uint32_t)-1);
5417 opline = &CG(active_op_array)->opcodes[opnum_switch];
5418 opline->extended_value = get_next_op_number();
5419 }
5420 }
5421
5422 zend_compile_stmt(stmt_ast);
5423 }
5424
5425 if (!has_default_case) {
5426 zend_update_jump_target_to_next(opnum_default_jmp);
5427
5428 if (jumptable) {
5429 opline = &CG(active_op_array)->opcodes[opnum_switch];
5430 opline->extended_value = get_next_op_number();
5431 }
5432 }
5433
5434 zend_end_loop(get_next_op_number(), &expr_node);
5435
5436 if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
5437 opline = zend_emit_op(NULL, ZEND_FREE, &expr_node, NULL);
5438 opline->extended_value = ZEND_FREE_SWITCH;
5439 } else if (expr_node.op_type == IS_CONST) {
5440 zval_ptr_dtor_nogc(&expr_node.u.constant);
5441 }
5442
5443 efree(jmpnz_opnums);
5444 }
5445 /* }}} */
5446
count_match_conds(zend_ast_list * arms)5447 static uint32_t count_match_conds(zend_ast_list *arms)
5448 {
5449 uint32_t num_conds = 0;
5450
5451 for (uint32_t i = 0; i < arms->children; i++) {
5452 zend_ast *arm_ast = arms->child[i];
5453 if (arm_ast->child[0] == NULL) {
5454 continue;
5455 }
5456
5457 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5458 num_conds += conds->children;
5459 }
5460
5461 return num_conds;
5462 }
5463
can_match_use_jumptable(zend_ast_list * arms)5464 static zend_bool can_match_use_jumptable(zend_ast_list *arms) {
5465 for (uint32_t i = 0; i < arms->children; i++) {
5466 zend_ast *arm_ast = arms->child[i];
5467 if (!arm_ast->child[0]) {
5468 /* Skip default arm */
5469 continue;
5470 }
5471
5472 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5473 for (uint32_t j = 0; j < conds->children; j++) {
5474 zend_ast **cond_ast = &conds->child[j];
5475
5476 zend_eval_const_expr(cond_ast);
5477 if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
5478 return 0;
5479 }
5480
5481 zval *cond_zv = zend_ast_get_zval(*cond_ast);
5482 if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
5483 return 0;
5484 }
5485 }
5486 }
5487
5488 return 1;
5489 }
5490
zend_compile_match(znode * result,zend_ast * ast)5491 void zend_compile_match(znode *result, zend_ast *ast)
5492 {
5493 zend_ast *expr_ast = ast->child[0];
5494 zend_ast_list *arms = zend_ast_get_list(ast->child[1]);
5495 zend_bool has_default_arm = 0;
5496 uint32_t opnum_match = (uint32_t)-1;
5497
5498 znode expr_node;
5499 zend_compile_expr(&expr_node, expr_ast);
5500
5501 znode case_node;
5502 case_node.op_type = IS_TMP_VAR;
5503 case_node.u.op.var = get_temporary_variable();
5504
5505 uint32_t num_conds = count_match_conds(arms);
5506 zend_uchar can_use_jumptable = can_match_use_jumptable(arms);
5507 zend_bool uses_jumptable = can_use_jumptable && num_conds >= 2;
5508 HashTable *jumptable = NULL;
5509 uint32_t *jmpnz_opnums = NULL;
5510
5511 for (uint32_t i = 0; i < arms->children; ++i) {
5512 zend_ast *arm_ast = arms->child[i];
5513
5514 if (!arm_ast->child[0]) {
5515 if (has_default_arm) {
5516 CG(zend_lineno) = arm_ast->lineno;
5517 zend_error_noreturn(E_COMPILE_ERROR,
5518 "Match expressions may only contain one default arm");
5519 }
5520 has_default_arm = 1;
5521 }
5522 }
5523
5524 if (uses_jumptable) {
5525 znode jumptable_op;
5526
5527 ALLOC_HASHTABLE(jumptable);
5528 zend_hash_init(jumptable, num_conds, NULL, NULL, 0);
5529 jumptable_op.op_type = IS_CONST;
5530 ZVAL_ARR(&jumptable_op.u.constant, jumptable);
5531
5532 zend_op *opline = zend_emit_op(NULL, ZEND_MATCH, &expr_node, &jumptable_op);
5533 if (opline->op1_type == IS_CONST) {
5534 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5535 }
5536 opnum_match = opline - CG(active_op_array)->opcodes;
5537 } else {
5538 jmpnz_opnums = safe_emalloc(sizeof(uint32_t), num_conds, 0);
5539 uint32_t cond_count = 0;
5540 for (uint32_t i = 0; i < arms->children; ++i) {
5541 zend_ast *arm_ast = arms->child[i];
5542
5543 if (!arm_ast->child[0]) {
5544 continue;
5545 }
5546
5547 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5548 for (uint32_t j = 0; j < conds->children; j++) {
5549 zend_ast *cond_ast = conds->child[j];
5550
5551 znode cond_node;
5552 zend_compile_expr(&cond_node, cond_ast);
5553
5554 uint32_t opcode = (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE_STRICT : ZEND_IS_IDENTICAL;
5555 zend_op *opline = zend_emit_op(NULL, opcode, &expr_node, &cond_node);
5556 SET_NODE(opline->result, &case_node);
5557 if (opline->op1_type == IS_CONST) {
5558 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5559 }
5560
5561 jmpnz_opnums[cond_count] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
5562
5563 cond_count++;
5564 }
5565 }
5566 }
5567
5568 uint32_t opnum_default_jmp = 0;
5569 if (!uses_jumptable) {
5570 opnum_default_jmp = zend_emit_jump(0);
5571 }
5572
5573 zend_bool is_first_case = 1;
5574 uint32_t cond_count = 0;
5575 uint32_t *jmp_end_opnums = safe_emalloc(sizeof(uint32_t), arms->children, 0);
5576
5577 // The generated default arm is emitted first to avoid live range issues where the tmpvar
5578 // for the arm result is freed even though it has not been initialized yet.
5579 if (!has_default_arm) {
5580 if (!uses_jumptable) {
5581 zend_update_jump_target_to_next(opnum_default_jmp);
5582 }
5583
5584 if (jumptable) {
5585 zend_op *opline = &CG(active_op_array)->opcodes[opnum_match];
5586 opline->extended_value = get_next_op_number();
5587 }
5588
5589 zend_op *opline = zend_emit_op(NULL, ZEND_MATCH_ERROR, &expr_node, NULL);
5590 if (opline->op1_type == IS_CONST) {
5591 Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5592 }
5593 }
5594
5595 for (uint32_t i = 0; i < arms->children; ++i) {
5596 zend_ast *arm_ast = arms->child[i];
5597 zend_ast *body_ast = arm_ast->child[1];
5598
5599 if (arm_ast->child[0] != NULL) {
5600 zend_ast_list *conds = zend_ast_get_list(arm_ast->child[0]);
5601
5602 for (uint32_t j = 0; j < conds->children; j++) {
5603 zend_ast *cond_ast = conds->child[j];
5604
5605 if (jmpnz_opnums != NULL) {
5606 zend_update_jump_target_to_next(jmpnz_opnums[cond_count]);
5607 }
5608
5609 if (jumptable) {
5610 zval *cond_zv = zend_ast_get_zval(cond_ast);
5611 zval jmp_target;
5612 ZVAL_LONG(&jmp_target, get_next_op_number());
5613
5614 if (Z_TYPE_P(cond_zv) == IS_LONG) {
5615 zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
5616 } else {
5617 ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
5618 zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
5619 }
5620 }
5621
5622 cond_count++;
5623 }
5624 } else {
5625 if (!uses_jumptable) {
5626 zend_update_jump_target_to_next(opnum_default_jmp);
5627 }
5628
5629 if (jumptable) {
5630 ZEND_ASSERT(opnum_match != (uint32_t)-1);
5631 zend_op *opline = &CG(active_op_array)->opcodes[opnum_match];
5632 opline->extended_value = get_next_op_number();
5633 }
5634 }
5635
5636 znode body_node;
5637 zend_compile_expr(&body_node, body_ast);
5638
5639 if (is_first_case) {
5640 zend_emit_op_tmp(result, ZEND_QM_ASSIGN, &body_node, NULL);
5641 is_first_case = 0;
5642 } else {
5643 zend_op *opline_qm_assign = zend_emit_op(NULL, ZEND_QM_ASSIGN, &body_node, NULL);
5644 SET_NODE(opline_qm_assign->result, result);
5645 }
5646
5647 jmp_end_opnums[i] = zend_emit_jump(0);
5648 }
5649
5650 // Initialize result in case there is no arm
5651 if (arms->children == 0) {
5652 result->op_type = IS_CONST;
5653 ZVAL_NULL(&result->u.constant);
5654 }
5655
5656 for (uint32_t i = 0; i < arms->children; ++i) {
5657 zend_update_jump_target_to_next(jmp_end_opnums[i]);
5658 }
5659
5660 if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
5661 zend_op *opline = zend_emit_op(NULL, ZEND_FREE, &expr_node, NULL);
5662 opline->extended_value = ZEND_FREE_SWITCH;
5663 } else if (expr_node.op_type == IS_CONST) {
5664 zval_ptr_dtor_nogc(&expr_node.u.constant);
5665 }
5666
5667 if (jmpnz_opnums != NULL) {
5668 efree(jmpnz_opnums);
5669 }
5670 efree(jmp_end_opnums);
5671 }
5672
zend_compile_try(zend_ast * ast)5673 void zend_compile_try(zend_ast *ast) /* {{{ */
5674 {
5675 zend_ast *try_ast = ast->child[0];
5676 zend_ast_list *catches = zend_ast_get_list(ast->child[1]);
5677 zend_ast *finally_ast = ast->child[2];
5678
5679 uint32_t i, j;
5680 zend_op *opline;
5681 uint32_t try_catch_offset;
5682 uint32_t *jmp_opnums = safe_emalloc(sizeof(uint32_t), catches->children, 0);
5683 uint32_t orig_fast_call_var = CG(context).fast_call_var;
5684 uint32_t orig_try_catch_offset = CG(context).try_catch_offset;
5685
5686 if (catches->children == 0 && !finally_ast) {
5687 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use try without catch or finally");
5688 }
5689
5690 /* label: try { } must not be equal to try { label: } */
5691 if (CG(context).labels) {
5692 zend_label *label;
5693 ZEND_HASH_REVERSE_FOREACH_PTR(CG(context).labels, label) {
5694 if (label->opline_num == get_next_op_number()) {
5695 zend_emit_op(NULL, ZEND_NOP, NULL, NULL);
5696 }
5697 break;
5698 } ZEND_HASH_FOREACH_END();
5699 }
5700
5701 try_catch_offset = zend_add_try_element(get_next_op_number());
5702
5703 if (finally_ast) {
5704 zend_loop_var fast_call;
5705 if (!(CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)) {
5706 CG(active_op_array)->fn_flags |= ZEND_ACC_HAS_FINALLY_BLOCK;
5707 }
5708 CG(context).fast_call_var = get_temporary_variable();
5709
5710 /* Push FAST_CALL on unwind stack */
5711 fast_call.opcode = ZEND_FAST_CALL;
5712 fast_call.var_type = IS_TMP_VAR;
5713 fast_call.var_num = CG(context).fast_call_var;
5714 fast_call.try_catch_offset = try_catch_offset;
5715 zend_stack_push(&CG(loop_var_stack), &fast_call);
5716 }
5717
5718 CG(context).try_catch_offset = try_catch_offset;
5719
5720 zend_compile_stmt(try_ast);
5721
5722 if (catches->children != 0) {
5723 jmp_opnums[0] = zend_emit_jump(0);
5724 }
5725
5726 for (i = 0; i < catches->children; ++i) {
5727 zend_ast *catch_ast = catches->child[i];
5728 zend_ast_list *classes = zend_ast_get_list(catch_ast->child[0]);
5729 zend_ast *var_ast = catch_ast->child[1];
5730 zend_ast *stmt_ast = catch_ast->child[2];
5731 zend_string *var_name = var_ast ? zval_make_interned_string(zend_ast_get_zval(var_ast)) : NULL;
5732 zend_bool is_last_catch = (i + 1 == catches->children);
5733
5734 uint32_t *jmp_multicatch = safe_emalloc(sizeof(uint32_t), classes->children - 1, 0);
5735 uint32_t opnum_catch = (uint32_t)-1;
5736
5737 CG(zend_lineno) = catch_ast->lineno;
5738
5739 for (j = 0; j < classes->children; j++) {
5740 zend_ast *class_ast = classes->child[j];
5741 zend_bool is_last_class = (j + 1 == classes->children);
5742
5743 if (!zend_is_const_default_class_ref(class_ast)) {
5744 zend_error_noreturn(E_COMPILE_ERROR, "Bad class name in the catch statement");
5745 }
5746
5747 opnum_catch = get_next_op_number();
5748 if (i == 0 && j == 0) {
5749 CG(active_op_array)->try_catch_array[try_catch_offset].catch_op = opnum_catch;
5750 }
5751
5752 opline = get_next_op();
5753 opline->opcode = ZEND_CATCH;
5754 opline->op1_type = IS_CONST;
5755 opline->op1.constant = zend_add_class_name_literal(
5756 zend_resolve_class_name_ast(class_ast));
5757 opline->extended_value = zend_alloc_cache_slot();
5758
5759 if (var_name && zend_string_equals_literal(var_name, "this")) {
5760 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
5761 }
5762
5763 opline->result_type = var_name ? IS_CV : IS_UNUSED;
5764 opline->result.var = var_name ? lookup_cv(var_name) : -1;
5765
5766 if (is_last_catch && is_last_class) {
5767 opline->extended_value |= ZEND_LAST_CATCH;
5768 }
5769
5770 if (!is_last_class) {
5771 jmp_multicatch[j] = zend_emit_jump(0);
5772 opline = &CG(active_op_array)->opcodes[opnum_catch];
5773 opline->op2.opline_num = get_next_op_number();
5774 }
5775 }
5776
5777 for (j = 0; j < classes->children - 1; j++) {
5778 zend_update_jump_target_to_next(jmp_multicatch[j]);
5779 }
5780
5781 efree(jmp_multicatch);
5782
5783 zend_compile_stmt(stmt_ast);
5784
5785 if (!is_last_catch) {
5786 jmp_opnums[i + 1] = zend_emit_jump(0);
5787 }
5788
5789 ZEND_ASSERT(opnum_catch != (uint32_t)-1 && "Should have at least one class");
5790 opline = &CG(active_op_array)->opcodes[opnum_catch];
5791 if (!is_last_catch) {
5792 opline->op2.opline_num = get_next_op_number();
5793 }
5794 }
5795
5796 for (i = 0; i < catches->children; ++i) {
5797 zend_update_jump_target_to_next(jmp_opnums[i]);
5798 }
5799
5800 if (finally_ast) {
5801 zend_loop_var discard_exception;
5802 uint32_t opnum_jmp = get_next_op_number() + 1;
5803
5804 /* Pop FAST_CALL from unwind stack */
5805 zend_stack_del_top(&CG(loop_var_stack));
5806
5807 /* Push DISCARD_EXCEPTION on unwind stack */
5808 discard_exception.opcode = ZEND_DISCARD_EXCEPTION;
5809 discard_exception.var_type = IS_TMP_VAR;
5810 discard_exception.var_num = CG(context).fast_call_var;
5811 zend_stack_push(&CG(loop_var_stack), &discard_exception);
5812
5813 CG(zend_lineno) = finally_ast->lineno;
5814
5815 opline = zend_emit_op(NULL, ZEND_FAST_CALL, NULL, NULL);
5816 opline->op1.num = try_catch_offset;
5817 opline->result_type = IS_TMP_VAR;
5818 opline->result.var = CG(context).fast_call_var;
5819
5820 zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
5821
5822 zend_compile_stmt(finally_ast);
5823
5824 CG(active_op_array)->try_catch_array[try_catch_offset].finally_op = opnum_jmp + 1;
5825 CG(active_op_array)->try_catch_array[try_catch_offset].finally_end
5826 = get_next_op_number();
5827
5828 opline = zend_emit_op(NULL, ZEND_FAST_RET, NULL, NULL);
5829 opline->op1_type = IS_TMP_VAR;
5830 opline->op1.var = CG(context).fast_call_var;
5831 opline->op2.num = orig_try_catch_offset;
5832
5833 zend_update_jump_target_to_next(opnum_jmp);
5834
5835 CG(context).fast_call_var = orig_fast_call_var;
5836
5837 /* Pop DISCARD_EXCEPTION from unwind stack */
5838 zend_stack_del_top(&CG(loop_var_stack));
5839 }
5840
5841 CG(context).try_catch_offset = orig_try_catch_offset;
5842
5843 efree(jmp_opnums);
5844 }
5845 /* }}} */
5846
5847 /* Encoding declarations must already be handled during parsing */
zend_handle_encoding_declaration(zend_ast * ast)5848 zend_bool zend_handle_encoding_declaration(zend_ast *ast) /* {{{ */
5849 {
5850 zend_ast_list *declares = zend_ast_get_list(ast);
5851 uint32_t i;
5852 for (i = 0; i < declares->children; ++i) {
5853 zend_ast *declare_ast = declares->child[i];
5854 zend_ast *name_ast = declare_ast->child[0];
5855 zend_ast *value_ast = declare_ast->child[1];
5856 zend_string *name = zend_ast_get_str(name_ast);
5857
5858 if (zend_string_equals_literal_ci(name, "encoding")) {
5859 if (value_ast->kind != ZEND_AST_ZVAL) {
5860 zend_throw_exception(zend_ce_compile_error, "Encoding must be a literal", 0);
5861 return 0;
5862 }
5863
5864 if (CG(multibyte)) {
5865 zend_string *encoding_name = zval_get_string(zend_ast_get_zval(value_ast));
5866
5867 const zend_encoding *new_encoding, *old_encoding;
5868 zend_encoding_filter old_input_filter;
5869
5870 CG(encoding_declared) = 1;
5871
5872 new_encoding = zend_multibyte_fetch_encoding(ZSTR_VAL(encoding_name));
5873 if (!new_encoding) {
5874 zend_error(E_COMPILE_WARNING, "Unsupported encoding [%s]", ZSTR_VAL(encoding_name));
5875 } else {
5876 old_input_filter = LANG_SCNG(input_filter);
5877 old_encoding = LANG_SCNG(script_encoding);
5878 zend_multibyte_set_filter(new_encoding);
5879
5880 /* need to re-scan if input filter changed */
5881 if (old_input_filter != LANG_SCNG(input_filter) ||
5882 (old_input_filter && new_encoding != old_encoding)) {
5883 zend_multibyte_yyinput_again(old_input_filter, old_encoding);
5884 }
5885 }
5886
5887 zend_string_release_ex(encoding_name, 0);
5888 } else {
5889 zend_error(E_COMPILE_WARNING, "declare(encoding=...) ignored because "
5890 "Zend multibyte feature is turned off by settings");
5891 }
5892 }
5893 }
5894
5895 return 1;
5896 }
5897 /* }}} */
5898
5899 /* Check whether this is the first statement, not counting declares. */
zend_is_first_statement(zend_ast * ast,zend_bool allow_nop)5900 static zend_result zend_is_first_statement(zend_ast *ast, zend_bool allow_nop) /* {{{ */
5901 {
5902 uint32_t i = 0;
5903 zend_ast_list *file_ast = zend_ast_get_list(CG(ast));
5904
5905 while (i < file_ast->children) {
5906 if (file_ast->child[i] == ast) {
5907 return SUCCESS;
5908 } else if (file_ast->child[i] == NULL) {
5909 if (!allow_nop) {
5910 return FAILURE;
5911 }
5912 } else if (file_ast->child[i]->kind != ZEND_AST_DECLARE) {
5913 return FAILURE;
5914 }
5915 i++;
5916 }
5917 return FAILURE;
5918 }
5919 /* }}} */
5920
zend_compile_declare(zend_ast * ast)5921 void zend_compile_declare(zend_ast *ast) /* {{{ */
5922 {
5923 zend_ast_list *declares = zend_ast_get_list(ast->child[0]);
5924 zend_ast *stmt_ast = ast->child[1];
5925 zend_declarables orig_declarables = FC(declarables);
5926 uint32_t i;
5927
5928 for (i = 0; i < declares->children; ++i) {
5929 zend_ast *declare_ast = declares->child[i];
5930 zend_ast *name_ast = declare_ast->child[0];
5931 zend_ast **value_ast_ptr = &declare_ast->child[1];
5932 zend_string *name = zend_ast_get_str(name_ast);
5933
5934 if ((*value_ast_ptr)->kind != ZEND_AST_ZVAL) {
5935 zend_error_noreturn(E_COMPILE_ERROR, "declare(%s) value must be a literal", ZSTR_VAL(name));
5936 }
5937
5938 if (zend_string_equals_literal_ci(name, "ticks")) {
5939 zval value_zv;
5940 zend_const_expr_to_zval(&value_zv, value_ast_ptr);
5941 FC(declarables).ticks = zval_get_long(&value_zv);
5942 zval_ptr_dtor_nogc(&value_zv);
5943 } else if (zend_string_equals_literal_ci(name, "encoding")) {
5944
5945 if (FAILURE == zend_is_first_statement(ast, /* allow_nop */ 0)) {
5946 zend_error_noreturn(E_COMPILE_ERROR, "Encoding declaration pragma must be "
5947 "the very first statement in the script");
5948 }
5949 } else if (zend_string_equals_literal_ci(name, "strict_types")) {
5950 zval value_zv;
5951
5952 if (FAILURE == zend_is_first_statement(ast, /* allow_nop */ 0)) {
5953 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must be "
5954 "the very first statement in the script");
5955 }
5956
5957 if (ast->child[1] != NULL) {
5958 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must not "
5959 "use block mode");
5960 }
5961
5962 zend_const_expr_to_zval(&value_zv, value_ast_ptr);
5963
5964 if (Z_TYPE(value_zv) != IS_LONG || (Z_LVAL(value_zv) != 0 && Z_LVAL(value_zv) != 1)) {
5965 zend_error_noreturn(E_COMPILE_ERROR, "strict_types declaration must have 0 or 1 as its value");
5966 }
5967
5968 if (Z_LVAL(value_zv) == 1) {
5969 CG(active_op_array)->fn_flags |= ZEND_ACC_STRICT_TYPES;
5970 }
5971
5972 } else {
5973 zend_error(E_COMPILE_WARNING, "Unsupported declare '%s'", ZSTR_VAL(name));
5974 }
5975 }
5976
5977 if (stmt_ast) {
5978 zend_compile_stmt(stmt_ast);
5979
5980 FC(declarables) = orig_declarables;
5981 }
5982 }
5983 /* }}} */
5984
zend_compile_stmt_list(zend_ast * ast)5985 void zend_compile_stmt_list(zend_ast *ast) /* {{{ */
5986 {
5987 zend_ast_list *list = zend_ast_get_list(ast);
5988 uint32_t i;
5989 for (i = 0; i < list->children; ++i) {
5990 zend_compile_stmt(list->child[i]);
5991 }
5992 }
5993 /* }}} */
5994
zend_set_function_arg_flags(zend_function * func)5995 ZEND_API void zend_set_function_arg_flags(zend_function *func) /* {{{ */
5996 {
5997 uint32_t i, n;
5998
5999 func->common.arg_flags[0] = 0;
6000 func->common.arg_flags[1] = 0;
6001 func->common.arg_flags[2] = 0;
6002 if (func->common.arg_info) {
6003 n = MIN(func->common.num_args, MAX_ARG_FLAG_NUM);
6004 i = 0;
6005 while (i < n) {
6006 ZEND_SET_ARG_FLAG(func, i + 1, ZEND_ARG_SEND_MODE(&func->common.arg_info[i]));
6007 i++;
6008 }
6009 if (UNEXPECTED((func->common.fn_flags & ZEND_ACC_VARIADIC) && ZEND_ARG_SEND_MODE(&func->common.arg_info[i]))) {
6010 uint32_t pass_by_reference = ZEND_ARG_SEND_MODE(&func->common.arg_info[i]);
6011 while (i < MAX_ARG_FLAG_NUM) {
6012 ZEND_SET_ARG_FLAG(func, i + 1, pass_by_reference);
6013 i++;
6014 }
6015 }
6016 }
6017 }
6018 /* }}} */
6019
zend_compile_single_typename(zend_ast * ast)6020 static zend_type zend_compile_single_typename(zend_ast *ast)
6021 {
6022 ZEND_ASSERT(!(ast->attr & ZEND_TYPE_NULLABLE));
6023 if (ast->kind == ZEND_AST_TYPE) {
6024 if (ast->attr == IS_STATIC && !CG(active_class_entry) && zend_is_scope_known()) {
6025 zend_error_noreturn(E_COMPILE_ERROR,
6026 "Cannot use \"static\" when no class scope is active");
6027 }
6028 return (zend_type) ZEND_TYPE_INIT_CODE(ast->attr, 0, 0);
6029 } else {
6030 zend_string *class_name = zend_ast_get_str(ast);
6031 zend_uchar type_code = zend_lookup_builtin_type_by_name(class_name);
6032
6033 if (type_code != 0) {
6034 if ((ast->attr & ZEND_NAME_NOT_FQ) != ZEND_NAME_NOT_FQ) {
6035 zend_error_noreturn(E_COMPILE_ERROR,
6036 "Type declaration '%s' must be unqualified",
6037 ZSTR_VAL(zend_string_tolower(class_name)));
6038 }
6039 return (zend_type) ZEND_TYPE_INIT_CODE(type_code, 0, 0);
6040 } else {
6041 const char *correct_name;
6042 zend_string *orig_name = zend_ast_get_str(ast);
6043 uint32_t fetch_type = zend_get_class_fetch_type_ast(ast);
6044 if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
6045 class_name = zend_resolve_class_name_ast(ast);
6046 zend_assert_valid_class_name(class_name);
6047 } else {
6048 zend_ensure_valid_class_fetch_type(fetch_type);
6049 zend_string_addref(class_name);
6050 }
6051
6052 if (ast->attr == ZEND_NAME_NOT_FQ
6053 && zend_is_confusable_type(orig_name, &correct_name)
6054 && zend_is_not_imported(orig_name)) {
6055 const char *extra =
6056 FC(current_namespace) ? " or import the class with \"use\"" : "";
6057 if (correct_name) {
6058 zend_error(E_COMPILE_WARNING,
6059 "\"%s\" will be interpreted as a class name. Did you mean \"%s\"? "
6060 "Write \"\\%s\"%s to suppress this warning",
6061 ZSTR_VAL(orig_name), correct_name, ZSTR_VAL(class_name), extra);
6062 } else {
6063 zend_error(E_COMPILE_WARNING,
6064 "\"%s\" is not a supported builtin type "
6065 "and will be interpreted as a class name. "
6066 "Write \"\\%s\"%s to suppress this warning",
6067 ZSTR_VAL(orig_name), ZSTR_VAL(class_name), extra);
6068 }
6069 }
6070
6071 return (zend_type) ZEND_TYPE_INIT_CLASS(class_name, 0, 0);
6072 }
6073 }
6074 }
6075
zend_type_contains_traversable(zend_type type)6076 static zend_bool zend_type_contains_traversable(zend_type type) {
6077 zend_type *single_type;
6078 ZEND_TYPE_FOREACH(type, single_type) {
6079 if (ZEND_TYPE_HAS_NAME(*single_type)
6080 && zend_string_equals_literal_ci(ZEND_TYPE_NAME(*single_type), "Traversable")) {
6081 return 1;
6082 }
6083 } ZEND_TYPE_FOREACH_END();
6084 return 0;
6085 }
6086
6087 // TODO: Ideally we'd canonicalize "iterable" into "array|Traversable" and essentially
6088 // treat it as a built-in type alias.
zend_compile_typename(zend_ast * ast,zend_bool force_allow_null,zend_bool use_arena)6089 static zend_type zend_compile_typename(
6090 zend_ast *ast, zend_bool force_allow_null, zend_bool use_arena) /* {{{ */
6091 {
6092 zend_bool allow_null = force_allow_null;
6093 zend_ast_attr orig_ast_attr = ast->attr;
6094 zend_type type = ZEND_TYPE_INIT_NONE(0);
6095 if (ast->attr & ZEND_TYPE_NULLABLE) {
6096 allow_null = 1;
6097 ast->attr &= ~ZEND_TYPE_NULLABLE;
6098 }
6099
6100 if (ast->kind == ZEND_AST_TYPE_UNION) {
6101 zend_ast_list *list = zend_ast_get_list(ast);
6102 for (uint32_t i = 0; i < list->children; i++) {
6103 zend_ast *type_ast = list->child[i];
6104 zend_type single_type = zend_compile_single_typename(type_ast);
6105 uint32_t single_type_mask = ZEND_TYPE_PURE_MASK(single_type);
6106
6107 if (single_type_mask == MAY_BE_ANY) {
6108 zend_error_noreturn(E_COMPILE_ERROR, "Type mixed can only be used as a standalone type");
6109 }
6110
6111 uint32_t type_mask_overlap = ZEND_TYPE_PURE_MASK(type) & single_type_mask;
6112 if (type_mask_overlap) {
6113 zend_type overlap_type = ZEND_TYPE_INIT_MASK(type_mask_overlap);
6114 zend_string *overlap_type_str = zend_type_to_string(overlap_type);
6115 zend_error_noreturn(E_COMPILE_ERROR,
6116 "Duplicate type %s is redundant", ZSTR_VAL(overlap_type_str));
6117 }
6118 ZEND_TYPE_FULL_MASK(type) |= ZEND_TYPE_PURE_MASK(single_type);
6119 ZEND_TYPE_FULL_MASK(single_type) &= ~_ZEND_TYPE_MAY_BE_MASK;
6120
6121 if (ZEND_TYPE_HAS_CLASS(single_type)) {
6122 if (!ZEND_TYPE_HAS_CLASS(type)) {
6123 /* The first class type can be stored directly as the type ptr payload. */
6124 ZEND_TYPE_SET_PTR(type, ZEND_TYPE_NAME(single_type));
6125 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_NAME_BIT;
6126 } else {
6127 zend_type_list *list;
6128 if (ZEND_TYPE_HAS_LIST(type)) {
6129 /* Add name to existing name list. */
6130 zend_type_list *old_list = ZEND_TYPE_LIST(type);
6131 if (use_arena) {
6132 // TODO: Add a zend_arena_realloc API?
6133 list = zend_arena_alloc(
6134 &CG(arena), ZEND_TYPE_LIST_SIZE(old_list->num_types + 1));
6135 memcpy(list, old_list, ZEND_TYPE_LIST_SIZE(old_list->num_types));
6136 } else {
6137 list = erealloc(old_list, ZEND_TYPE_LIST_SIZE(old_list->num_types + 1));
6138 }
6139 } else {
6140 /* Switch from single name to name list. */
6141 size_t size = ZEND_TYPE_LIST_SIZE(2);
6142 list = use_arena ? zend_arena_alloc(&CG(arena), size) : emalloc(size);
6143 list->num_types = 1;
6144 list->types[0] = type;
6145 ZEND_TYPE_FULL_MASK(list->types[0]) &= ~_ZEND_TYPE_MAY_BE_MASK;
6146 }
6147
6148 list->types[list->num_types++] = single_type;
6149 ZEND_TYPE_SET_LIST(type, list);
6150 if (use_arena) {
6151 ZEND_TYPE_FULL_MASK(type) |= _ZEND_TYPE_ARENA_BIT;
6152 }
6153
6154 /* Check for trivially redundant class types */
6155 for (size_t i = 0; i < list->num_types - 1; i++) {
6156 if (zend_string_equals_ci(
6157 ZEND_TYPE_NAME(list->types[i]), ZEND_TYPE_NAME(single_type))) {
6158 zend_string *single_type_str = zend_type_to_string(single_type);
6159 zend_error_noreturn(E_COMPILE_ERROR,
6160 "Duplicate type %s is redundant", ZSTR_VAL(single_type_str));
6161 }
6162 }
6163 }
6164 }
6165 }
6166 } else {
6167 type = zend_compile_single_typename(ast);
6168 }
6169
6170 if (allow_null) {
6171 ZEND_TYPE_FULL_MASK(type) |= MAY_BE_NULL;
6172 }
6173
6174 uint32_t type_mask = ZEND_TYPE_PURE_MASK(type);
6175 if ((type_mask & (MAY_BE_ARRAY|MAY_BE_ITERABLE)) == (MAY_BE_ARRAY|MAY_BE_ITERABLE)) {
6176 zend_string *type_str = zend_type_to_string(type);
6177 zend_error_noreturn(E_COMPILE_ERROR,
6178 "Type %s contains both iterable and array, which is redundant", ZSTR_VAL(type_str));
6179 }
6180
6181 if ((type_mask & MAY_BE_ITERABLE) && zend_type_contains_traversable(type)) {
6182 zend_string *type_str = zend_type_to_string(type);
6183 zend_error_noreturn(E_COMPILE_ERROR,
6184 "Type %s contains both iterable and Traversable, which is redundant",
6185 ZSTR_VAL(type_str));
6186 }
6187
6188 if (type_mask == MAY_BE_ANY && (orig_ast_attr & ZEND_TYPE_NULLABLE)) {
6189 zend_error_noreturn(E_COMPILE_ERROR, "Type mixed cannot be marked as nullable since mixed already includes null");
6190 }
6191
6192 if ((type_mask & MAY_BE_OBJECT) && (ZEND_TYPE_HAS_CLASS(type) || (type_mask & MAY_BE_STATIC))) {
6193 zend_string *type_str = zend_type_to_string(type);
6194 zend_error_noreturn(E_COMPILE_ERROR,
6195 "Type %s contains both object and a class type, which is redundant",
6196 ZSTR_VAL(type_str));
6197 }
6198
6199 if ((type_mask & MAY_BE_VOID) && (ZEND_TYPE_HAS_CLASS(type) || type_mask != MAY_BE_VOID)) {
6200 zend_error_noreturn(E_COMPILE_ERROR, "Void can only be used as a standalone type");
6201 }
6202
6203 if ((type_mask & (MAY_BE_NULL|MAY_BE_FALSE))
6204 && !ZEND_TYPE_HAS_CLASS(type) && !(type_mask & ~(MAY_BE_NULL|MAY_BE_FALSE))) {
6205 if (type_mask == MAY_BE_NULL) {
6206 zend_error_noreturn(E_COMPILE_ERROR, "Null can not be used as a standalone type");
6207 } else {
6208 zend_error_noreturn(E_COMPILE_ERROR, "False can not be used as a standalone type");
6209 }
6210 }
6211
6212 ast->attr = orig_ast_attr;
6213 return type;
6214 }
6215 /* }}} */
6216
6217 /* May convert value from int to float. */
zend_is_valid_default_value(zend_type type,zval * value)6218 static zend_bool zend_is_valid_default_value(zend_type type, zval *value)
6219 {
6220 ZEND_ASSERT(ZEND_TYPE_IS_SET(type));
6221 if (ZEND_TYPE_CONTAINS_CODE(type, Z_TYPE_P(value))) {
6222 return 1;
6223 }
6224 if ((ZEND_TYPE_FULL_MASK(type) & MAY_BE_DOUBLE) && Z_TYPE_P(value) == IS_LONG) {
6225 /* Integers are allowed as initializers for floating-point values. */
6226 convert_to_double(value);
6227 return 1;
6228 }
6229 if ((ZEND_TYPE_FULL_MASK(type) & MAY_BE_ITERABLE) && Z_TYPE_P(value) == IS_ARRAY) {
6230 return 1;
6231 }
6232 return 0;
6233 }
6234
zend_compile_attributes(HashTable ** attributes,zend_ast * ast,uint32_t offset,uint32_t target)6235 static void zend_compile_attributes(HashTable **attributes, zend_ast *ast, uint32_t offset, uint32_t target) /* {{{ */
6236 {
6237 zend_attribute *attr;
6238 zend_internal_attribute *config;
6239
6240 zend_ast_list *list = zend_ast_get_list(ast);
6241 uint32_t g, i, j;
6242
6243 ZEND_ASSERT(ast->kind == ZEND_AST_ATTRIBUTE_LIST);
6244
6245 for (g = 0; g < list->children; g++) {
6246 zend_ast_list *group = zend_ast_get_list(list->child[g]);
6247
6248 ZEND_ASSERT(group->kind == ZEND_AST_ATTRIBUTE_GROUP);
6249
6250 for (i = 0; i < group->children; i++) {
6251 ZEND_ASSERT(group->child[i]->kind == ZEND_AST_ATTRIBUTE);
6252
6253 zend_ast *el = group->child[i];
6254 zend_string *name = zend_resolve_class_name_ast(el->child[0]);
6255 zend_ast_list *args = el->child[1] ? zend_ast_get_list(el->child[1]) : NULL;
6256
6257 uint32_t flags = (CG(active_op_array)->fn_flags & ZEND_ACC_STRICT_TYPES)
6258 ? ZEND_ATTRIBUTE_STRICT_TYPES : 0;
6259 attr = zend_add_attribute(
6260 attributes, name, args ? args->children : 0, flags, offset, el->lineno);
6261 zend_string_release(name);
6262
6263 /* Populate arguments */
6264 if (args) {
6265 ZEND_ASSERT(args->kind == ZEND_AST_ARG_LIST);
6266
6267 zend_bool uses_named_args = 0;
6268 for (j = 0; j < args->children; j++) {
6269 zend_ast **arg_ast_ptr = &args->child[j];
6270 zend_ast *arg_ast = *arg_ast_ptr;
6271
6272 if (arg_ast->kind == ZEND_AST_UNPACK) {
6273 zend_error_noreturn(E_COMPILE_ERROR,
6274 "Cannot use unpacking in attribute argument list");
6275 }
6276
6277 if (arg_ast->kind == ZEND_AST_NAMED_ARG) {
6278 attr->args[j].name = zend_string_copy(zend_ast_get_str(arg_ast->child[0]));
6279 arg_ast_ptr = &arg_ast->child[1];
6280 uses_named_args = 1;
6281
6282 for (uint32_t k = 0; k < j; k++) {
6283 if (attr->args[k].name &&
6284 zend_string_equals(attr->args[k].name, attr->args[j].name)) {
6285 zend_error_noreturn(E_COMPILE_ERROR, "Duplicate named parameter $%s",
6286 ZSTR_VAL(attr->args[j].name));
6287 }
6288 }
6289 } else if (uses_named_args) {
6290 zend_error_noreturn(E_COMPILE_ERROR,
6291 "Cannot use positional argument after named argument");
6292 }
6293
6294 zend_const_expr_to_zval(&attr->args[j].value, arg_ast_ptr);
6295 }
6296 }
6297 }
6298 }
6299
6300 /* Validate attributes in a secondary loop (needed to detect repeated attributes). */
6301 ZEND_HASH_FOREACH_PTR(*attributes, attr) {
6302 if (attr->offset != offset || NULL == (config = zend_internal_attribute_get(attr->lcname))) {
6303 continue;
6304 }
6305
6306 if (!(target & (config->flags & ZEND_ATTRIBUTE_TARGET_ALL))) {
6307 zend_string *location = zend_get_attribute_target_names(target);
6308 zend_string *allowed = zend_get_attribute_target_names(config->flags);
6309
6310 zend_error_noreturn(E_ERROR, "Attribute \"%s\" cannot target %s (allowed targets: %s)",
6311 ZSTR_VAL(attr->name), ZSTR_VAL(location), ZSTR_VAL(allowed)
6312 );
6313 }
6314
6315 if (!(config->flags & ZEND_ATTRIBUTE_IS_REPEATABLE)) {
6316 if (zend_is_attribute_repeated(*attributes, attr)) {
6317 zend_error_noreturn(E_ERROR, "Attribute \"%s\" must not be repeated", ZSTR_VAL(attr->name));
6318 }
6319 }
6320
6321 if (config->validator != NULL) {
6322 config->validator(attr, target, CG(active_class_entry));
6323 }
6324 } ZEND_HASH_FOREACH_END();
6325 }
6326 /* }}} */
6327
zend_compile_params(zend_ast * ast,zend_ast * return_type_ast,uint32_t fallback_return_type)6328 void zend_compile_params(zend_ast *ast, zend_ast *return_type_ast, uint32_t fallback_return_type) /* {{{ */
6329 {
6330 zend_ast_list *list = zend_ast_get_list(ast);
6331 uint32_t i;
6332 zend_op_array *op_array = CG(active_op_array);
6333 zend_arg_info *arg_infos;
6334 zend_string *optional_param = NULL;
6335
6336 if (return_type_ast || fallback_return_type) {
6337 /* Use op_array->arg_info[-1] for return type */
6338 arg_infos = safe_emalloc(sizeof(zend_arg_info), list->children + 1, 0);
6339 arg_infos->name = NULL;
6340 if (return_type_ast) {
6341 arg_infos->type = zend_compile_typename(
6342 return_type_ast, /* force_allow_null */ 0, /* use_arena */ 0);
6343 ZEND_TYPE_FULL_MASK(arg_infos->type) |= _ZEND_ARG_INFO_FLAGS(
6344 (op_array->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0, /* is_variadic */ 0);
6345 } else {
6346 arg_infos->type = (zend_type) ZEND_TYPE_INIT_CODE(fallback_return_type, 0, 0);
6347 }
6348 arg_infos++;
6349 op_array->fn_flags |= ZEND_ACC_HAS_RETURN_TYPE;
6350 } else {
6351 if (list->children == 0) {
6352 return;
6353 }
6354 arg_infos = safe_emalloc(sizeof(zend_arg_info), list->children, 0);
6355 }
6356
6357 for (i = 0; i < list->children; ++i) {
6358 zend_ast *param_ast = list->child[i];
6359 zend_ast *type_ast = param_ast->child[0];
6360 zend_ast *var_ast = param_ast->child[1];
6361 zend_ast **default_ast_ptr = ¶m_ast->child[2];
6362 zend_ast *attributes_ast = param_ast->child[3];
6363 zend_ast *doc_comment_ast = param_ast->child[4];
6364 zend_string *name = zval_make_interned_string(zend_ast_get_zval(var_ast));
6365 zend_bool is_ref = (param_ast->attr & ZEND_PARAM_REF) != 0;
6366 zend_bool is_variadic = (param_ast->attr & ZEND_PARAM_VARIADIC) != 0;
6367 uint32_t visibility =
6368 param_ast->attr & (ZEND_ACC_PUBLIC|ZEND_ACC_PROTECTED|ZEND_ACC_PRIVATE);
6369
6370 znode var_node, default_node;
6371 zend_uchar opcode;
6372 zend_op *opline;
6373 zend_arg_info *arg_info;
6374
6375 if (zend_is_auto_global(name)) {
6376 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign auto-global variable %s",
6377 ZSTR_VAL(name));
6378 }
6379
6380 var_node.op_type = IS_CV;
6381 var_node.u.op.var = lookup_cv(name);
6382
6383 if (EX_VAR_TO_NUM(var_node.u.op.var) != i) {
6384 zend_error_noreturn(E_COMPILE_ERROR, "Redefinition of parameter $%s",
6385 ZSTR_VAL(name));
6386 } else if (zend_string_equals_literal(name, "this")) {
6387 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as parameter");
6388 }
6389
6390 if (op_array->fn_flags & ZEND_ACC_VARIADIC) {
6391 zend_error_noreturn(E_COMPILE_ERROR, "Only the last parameter can be variadic");
6392 }
6393
6394 if (is_variadic) {
6395 opcode = ZEND_RECV_VARIADIC;
6396 default_node.op_type = IS_UNUSED;
6397 op_array->fn_flags |= ZEND_ACC_VARIADIC;
6398
6399 if (*default_ast_ptr) {
6400 zend_error_noreturn(E_COMPILE_ERROR,
6401 "Variadic parameter cannot have a default value");
6402 }
6403 } else if (*default_ast_ptr) {
6404 /* we cannot substitute constants here or it will break ReflectionParameter::getDefaultValueConstantName() and ReflectionParameter::isDefaultValueConstant() */
6405 uint32_t cops = CG(compiler_options);
6406 CG(compiler_options) |= ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION | ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION;
6407 opcode = ZEND_RECV_INIT;
6408 default_node.op_type = IS_CONST;
6409 zend_const_expr_to_zval(&default_node.u.constant, default_ast_ptr);
6410 CG(compiler_options) = cops;
6411
6412 if (!optional_param) {
6413 /* Ignore parameters of the form "Type $param = null".
6414 * This is the PHP 5 style way of writing "?Type $param", so allow it for now. */
6415 zend_bool is_implicit_nullable =
6416 type_ast && Z_TYPE(default_node.u.constant) == IS_NULL;
6417 if (!is_implicit_nullable) {
6418 optional_param = name;
6419 }
6420 }
6421 } else {
6422 opcode = ZEND_RECV;
6423 default_node.op_type = IS_UNUSED;
6424 op_array->required_num_args = i + 1;
6425 if (optional_param) {
6426 zend_error(E_DEPRECATED, "Required parameter $%s follows optional parameter $%s",
6427 ZSTR_VAL(name), ZSTR_VAL(optional_param));
6428 }
6429 }
6430
6431 arg_info = &arg_infos[i];
6432 arg_info->name = zend_string_copy(name);
6433 arg_info->type = (zend_type) ZEND_TYPE_INIT_NONE(0);
6434
6435 if (attributes_ast) {
6436 zend_compile_attributes(&op_array->attributes, attributes_ast, i + 1, ZEND_ATTRIBUTE_TARGET_PARAMETER);
6437 }
6438
6439 if (type_ast) {
6440 uint32_t default_type = *default_ast_ptr ? Z_TYPE(default_node.u.constant) : IS_UNDEF;
6441 zend_bool force_nullable = default_type == IS_NULL && !visibility;
6442
6443 op_array->fn_flags |= ZEND_ACC_HAS_TYPE_HINTS;
6444 arg_info->type = zend_compile_typename(type_ast, force_nullable, /* use_arena */ 0);
6445
6446 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_VOID) {
6447 zend_error_noreturn(E_COMPILE_ERROR, "void cannot be used as a parameter type");
6448 }
6449
6450 if (default_type != IS_UNDEF && default_type != IS_CONSTANT_AST && !force_nullable
6451 && !zend_is_valid_default_value(arg_info->type, &default_node.u.constant)) {
6452 zend_string *type_str = zend_type_to_string(arg_info->type);
6453 zend_error_noreturn(E_COMPILE_ERROR,
6454 "Cannot use %s as default value for parameter $%s of type %s",
6455 zend_get_type_by_const(default_type),
6456 ZSTR_VAL(name), ZSTR_VAL(type_str));
6457 }
6458 }
6459
6460 opline = zend_emit_op(NULL, opcode, NULL, &default_node);
6461 SET_NODE(opline->result, &var_node);
6462 opline->op1.num = i + 1;
6463
6464 if (type_ast) {
6465 /* Allocate cache slot to speed-up run-time class resolution */
6466 opline->extended_value =
6467 zend_alloc_cache_slots(zend_type_get_num_classes(arg_info->type));
6468 }
6469
6470 uint32_t arg_info_flags = _ZEND_ARG_INFO_FLAGS(is_ref, is_variadic)
6471 | (visibility ? _ZEND_IS_PROMOTED_BIT : 0);
6472 ZEND_TYPE_FULL_MASK(arg_info->type) |= arg_info_flags;
6473 if (opcode == ZEND_RECV) {
6474 opline->op2.num = type_ast ?
6475 ZEND_TYPE_FULL_MASK(arg_info->type) : MAY_BE_ANY;
6476 }
6477
6478 if (visibility) {
6479 zend_op_array *op_array = CG(active_op_array);
6480 zend_class_entry *scope = op_array->scope;
6481 zend_bool is_ctor =
6482 scope && zend_is_constructor(op_array->function_name);
6483 if (!is_ctor) {
6484 zend_error_noreturn(E_COMPILE_ERROR,
6485 "Cannot declare promoted property outside a constructor");
6486 }
6487 if ((op_array->fn_flags & ZEND_ACC_ABSTRACT)
6488 || (scope->ce_flags & ZEND_ACC_INTERFACE)) {
6489 zend_error_noreturn(E_COMPILE_ERROR,
6490 "Cannot declare promoted property in an abstract constructor");
6491 }
6492 if (is_variadic) {
6493 zend_error_noreturn(E_COMPILE_ERROR,
6494 "Cannot declare variadic promoted property");
6495 }
6496 if (zend_hash_exists(&scope->properties_info, name)) {
6497 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::$%s",
6498 ZSTR_VAL(scope->name), ZSTR_VAL(name));
6499 }
6500 if (ZEND_TYPE_FULL_MASK(arg_info->type) & MAY_BE_CALLABLE) {
6501 zend_string *str = zend_type_to_string(arg_info->type);
6502 zend_error_noreturn(E_COMPILE_ERROR,
6503 "Property %s::$%s cannot have type %s",
6504 ZSTR_VAL(scope->name), ZSTR_VAL(name), ZSTR_VAL(str));
6505 }
6506
6507 /* Recompile the type, as it has different memory management requirements. */
6508 zend_type type = ZEND_TYPE_INIT_NONE(0);
6509 if (type_ast) {
6510 type = zend_compile_typename(type_ast, /* force_allow_null */ 0, /* use_arena */ 1);
6511 }
6512
6513 /* Don't give the property an explicit default value. For typed properties this means
6514 * uninitialized, for untyped properties it means an implicit null default value. */
6515 zval default_value;
6516 if (ZEND_TYPE_IS_SET(type)) {
6517 ZVAL_UNDEF(&default_value);
6518 } else {
6519 ZVAL_NULL(&default_value);
6520 }
6521
6522 zend_string *doc_comment =
6523 doc_comment_ast ? zend_string_copy(zend_ast_get_str(doc_comment_ast)) : NULL;
6524 zend_property_info *prop = zend_declare_typed_property(
6525 scope, name, &default_value, visibility | ZEND_ACC_PROMOTED, doc_comment, type);
6526 if (attributes_ast) {
6527 zend_compile_attributes(
6528 &prop->attributes, attributes_ast, 0, ZEND_ATTRIBUTE_TARGET_PROPERTY);
6529 }
6530 }
6531 }
6532
6533 /* These are assigned at the end to avoid uninitialized memory in case of an error */
6534 op_array->num_args = list->children;
6535 op_array->arg_info = arg_infos;
6536
6537 /* Don't count the variadic argument */
6538 if (op_array->fn_flags & ZEND_ACC_VARIADIC) {
6539 op_array->num_args--;
6540 }
6541 zend_set_function_arg_flags((zend_function*)op_array);
6542
6543 for (i = 0; i < list->children; i++) {
6544 zend_ast *param_ast = list->child[i];
6545 zend_bool is_ref = (param_ast->attr & ZEND_PARAM_REF) != 0;
6546 uint32_t visibility =
6547 param_ast->attr & (ZEND_ACC_PUBLIC|ZEND_ACC_PROTECTED|ZEND_ACC_PRIVATE);
6548 if (!visibility) {
6549 continue;
6550 }
6551
6552 /* Emit $this->prop = $prop for promoted properties. */
6553 zend_string *name = zend_ast_get_str(param_ast->child[1]);
6554 znode name_node, value_node;
6555 name_node.op_type = IS_CONST;
6556 ZVAL_STR_COPY(&name_node.u.constant, name);
6557 value_node.op_type = IS_CV;
6558 value_node.u.op.var = lookup_cv(name);
6559
6560 zend_op *opline = zend_emit_op(NULL,
6561 is_ref ? ZEND_ASSIGN_OBJ_REF : ZEND_ASSIGN_OBJ, NULL, &name_node);
6562 opline->extended_value = zend_alloc_cache_slots(3);
6563 zend_emit_op_data(&value_node);
6564 }
6565 }
6566 /* }}} */
6567
zend_compile_closure_binding(znode * closure,zend_op_array * op_array,zend_ast * uses_ast)6568 static void zend_compile_closure_binding(znode *closure, zend_op_array *op_array, zend_ast *uses_ast) /* {{{ */
6569 {
6570 zend_ast_list *list = zend_ast_get_list(uses_ast);
6571 uint32_t i;
6572
6573 if (!list->children) {
6574 return;
6575 }
6576
6577 if (!op_array->static_variables) {
6578 op_array->static_variables = zend_new_array(8);
6579 }
6580
6581 for (i = 0; i < list->children; ++i) {
6582 zend_ast *var_name_ast = list->child[i];
6583 zend_string *var_name = zval_make_interned_string(zend_ast_get_zval(var_name_ast));
6584 uint32_t mode = var_name_ast->attr;
6585 zend_op *opline;
6586 zval *value;
6587
6588 if (zend_string_equals_literal(var_name, "this")) {
6589 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as lexical variable");
6590 }
6591
6592 if (zend_is_auto_global(var_name)) {
6593 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use auto-global as lexical variable");
6594 }
6595
6596 value = zend_hash_add(op_array->static_variables, var_name, &EG(uninitialized_zval));
6597 if (!value) {
6598 zend_error_noreturn(E_COMPILE_ERROR,
6599 "Cannot use variable $%s twice", ZSTR_VAL(var_name));
6600 }
6601
6602 CG(zend_lineno) = zend_ast_get_lineno(var_name_ast);
6603
6604 opline = zend_emit_op(NULL, ZEND_BIND_LEXICAL, closure, NULL);
6605 opline->op2_type = IS_CV;
6606 opline->op2.var = lookup_cv(var_name);
6607 opline->extended_value =
6608 (uint32_t)((char*)value - (char*)op_array->static_variables->arData) | mode;
6609 }
6610 }
6611 /* }}} */
6612
6613 typedef struct {
6614 HashTable uses;
6615 zend_bool varvars_used;
6616 } closure_info;
6617
find_implicit_binds_recursively(closure_info * info,zend_ast * ast)6618 static void find_implicit_binds_recursively(closure_info *info, zend_ast *ast) {
6619 if (!ast) {
6620 return;
6621 }
6622
6623 if (ast->kind == ZEND_AST_VAR) {
6624 zend_ast *name_ast = ast->child[0];
6625 if (name_ast->kind == ZEND_AST_ZVAL && Z_TYPE_P(zend_ast_get_zval(name_ast)) == IS_STRING) {
6626 zend_string *name = zend_ast_get_str(name_ast);
6627 if (zend_is_auto_global(name)) {
6628 /* These is no need to explicitly import auto-globals. */
6629 return;
6630 }
6631
6632 if (zend_string_equals_literal(name, "this")) {
6633 /* $this does not need to be explicitly imported. */
6634 return;
6635 }
6636
6637 zend_hash_add_empty_element(&info->uses, name);
6638 } else {
6639 info->varvars_used = 1;
6640 find_implicit_binds_recursively(info, name_ast);
6641 }
6642 } else if (zend_ast_is_list(ast)) {
6643 zend_ast_list *list = zend_ast_get_list(ast);
6644 uint32_t i;
6645 for (i = 0; i < list->children; i++) {
6646 find_implicit_binds_recursively(info, list->child[i]);
6647 }
6648 } else if (ast->kind == ZEND_AST_CLOSURE) {
6649 /* For normal closures add the use() list. */
6650 zend_ast_decl *closure_ast = (zend_ast_decl *) ast;
6651 zend_ast *uses_ast = closure_ast->child[1];
6652 if (uses_ast) {
6653 zend_ast_list *uses_list = zend_ast_get_list(uses_ast);
6654 uint32_t i;
6655 for (i = 0; i < uses_list->children; i++) {
6656 zend_hash_add_empty_element(&info->uses, zend_ast_get_str(uses_list->child[i]));
6657 }
6658 }
6659 } else if (ast->kind == ZEND_AST_ARROW_FUNC) {
6660 /* For arrow functions recursively check the expression. */
6661 zend_ast_decl *closure_ast = (zend_ast_decl *) ast;
6662 find_implicit_binds_recursively(info, closure_ast->child[2]);
6663 } else if (!zend_ast_is_special(ast)) {
6664 uint32_t i, children = zend_ast_get_num_children(ast);
6665 for (i = 0; i < children; i++) {
6666 find_implicit_binds_recursively(info, ast->child[i]);
6667 }
6668 }
6669 }
6670
find_implicit_binds(closure_info * info,zend_ast * params_ast,zend_ast * stmt_ast)6671 static void find_implicit_binds(closure_info *info, zend_ast *params_ast, zend_ast *stmt_ast)
6672 {
6673 zend_ast_list *param_list = zend_ast_get_list(params_ast);
6674 uint32_t i;
6675
6676 zend_hash_init(&info->uses, param_list->children, NULL, NULL, 0);
6677
6678 find_implicit_binds_recursively(info, stmt_ast);
6679
6680 /* Remove variables that are parameters */
6681 for (i = 0; i < param_list->children; i++) {
6682 zend_ast *param_ast = param_list->child[i];
6683 zend_hash_del(&info->uses, zend_ast_get_str(param_ast->child[1]));
6684 }
6685 }
6686
compile_implicit_lexical_binds(closure_info * info,znode * closure,zend_op_array * op_array)6687 static void compile_implicit_lexical_binds(
6688 closure_info *info, znode *closure, zend_op_array *op_array)
6689 {
6690 zend_string *var_name;
6691 zend_op *opline;
6692
6693 /* TODO We might want to use a special binding mode if varvars_used is set. */
6694 if (zend_hash_num_elements(&info->uses) == 0) {
6695 return;
6696 }
6697
6698 if (!op_array->static_variables) {
6699 op_array->static_variables = zend_new_array(8);
6700 }
6701
6702 ZEND_HASH_FOREACH_STR_KEY(&info->uses, var_name)
6703 zval *value = zend_hash_add(
6704 op_array->static_variables, var_name, &EG(uninitialized_zval));
6705 uint32_t offset = (uint32_t)((char*)value - (char*)op_array->static_variables->arData);
6706
6707 opline = zend_emit_op(NULL, ZEND_BIND_LEXICAL, closure, NULL);
6708 opline->op2_type = IS_CV;
6709 opline->op2.var = lookup_cv(var_name);
6710 opline->extended_value = offset | ZEND_BIND_IMPLICIT;
6711 ZEND_HASH_FOREACH_END();
6712 }
6713
zend_compile_closure_uses(zend_ast * ast)6714 static void zend_compile_closure_uses(zend_ast *ast) /* {{{ */
6715 {
6716 zend_op_array *op_array = CG(active_op_array);
6717 zend_ast_list *list = zend_ast_get_list(ast);
6718 uint32_t i;
6719
6720 for (i = 0; i < list->children; ++i) {
6721 zend_ast *var_ast = list->child[i];
6722 zend_string *var_name = zend_ast_get_str(var_ast);
6723 zval zv;
6724 ZVAL_NULL(&zv);
6725
6726 {
6727 int i;
6728 for (i = 0; i < op_array->last_var; i++) {
6729 if (zend_string_equals(op_array->vars[i], var_name)) {
6730 zend_error_noreturn(E_COMPILE_ERROR,
6731 "Cannot use lexical variable $%s as a parameter name", ZSTR_VAL(var_name));
6732 }
6733 }
6734 }
6735
6736 CG(zend_lineno) = zend_ast_get_lineno(var_ast);
6737
6738 zend_compile_static_var_common(var_name, &zv, var_ast->attr ? ZEND_BIND_REF : 0);
6739 }
6740 }
6741 /* }}} */
6742
zend_compile_implicit_closure_uses(closure_info * info)6743 static void zend_compile_implicit_closure_uses(closure_info *info)
6744 {
6745 zend_string *var_name;
6746 ZEND_HASH_FOREACH_STR_KEY(&info->uses, var_name)
6747 zval zv;
6748 ZVAL_NULL(&zv);
6749 zend_compile_static_var_common(var_name, &zv, ZEND_BIND_IMPLICIT);
6750 ZEND_HASH_FOREACH_END();
6751 }
6752
add_stringable_interface(zend_class_entry * ce)6753 static void add_stringable_interface(zend_class_entry *ce) {
6754 for (uint32_t i = 0; i < ce->num_interfaces; i++) {
6755 if (zend_string_equals_literal(ce->interface_names[i].lc_name, "stringable")) {
6756 /* Interface already explicitly implemented */
6757 return;
6758 }
6759 }
6760
6761 ce->num_interfaces++;
6762 ce->interface_names =
6763 erealloc(ce->interface_names, sizeof(zend_class_name) * ce->num_interfaces);
6764 // TODO: Add known interned strings instead?
6765 ce->interface_names[ce->num_interfaces - 1].name =
6766 zend_string_init("Stringable", sizeof("Stringable") - 1, 0);
6767 ce->interface_names[ce->num_interfaces - 1].lc_name =
6768 zend_string_init("stringable", sizeof("stringable") - 1, 0);
6769 }
6770
zend_begin_method_decl(zend_op_array * op_array,zend_string * name,zend_bool has_body)6771 zend_string *zend_begin_method_decl(zend_op_array *op_array, zend_string *name, zend_bool has_body) /* {{{ */
6772 {
6773 zend_class_entry *ce = CG(active_class_entry);
6774 zend_bool in_interface = (ce->ce_flags & ZEND_ACC_INTERFACE) != 0;
6775 uint32_t fn_flags = op_array->fn_flags;
6776
6777 zend_string *lcname;
6778
6779 if ((fn_flags & ZEND_ACC_PRIVATE) && (fn_flags & ZEND_ACC_FINAL) && !zend_is_constructor(name)) {
6780 zend_error(E_COMPILE_WARNING, "Private methods cannot be final as they are never overridden by other classes");
6781 }
6782
6783 if (in_interface) {
6784 if (!(fn_flags & ZEND_ACC_PUBLIC) || (fn_flags & (ZEND_ACC_FINAL|ZEND_ACC_ABSTRACT))) {
6785 zend_error_noreturn(E_COMPILE_ERROR, "Access type for interface method "
6786 "%s::%s() must be omitted", ZSTR_VAL(ce->name), ZSTR_VAL(name));
6787 }
6788 op_array->fn_flags |= ZEND_ACC_ABSTRACT;
6789 }
6790
6791 if (op_array->fn_flags & ZEND_ACC_ABSTRACT) {
6792 if ((op_array->fn_flags & ZEND_ACC_PRIVATE) && !(ce->ce_flags & ZEND_ACC_TRAIT)) {
6793 zend_error_noreturn(E_COMPILE_ERROR, "%s function %s::%s() cannot be declared private",
6794 in_interface ? "Interface" : "Abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
6795 }
6796
6797 if (has_body) {
6798 zend_error_noreturn(E_COMPILE_ERROR, "%s function %s::%s() cannot contain body",
6799 in_interface ? "Interface" : "Abstract", ZSTR_VAL(ce->name), ZSTR_VAL(name));
6800 }
6801
6802 ce->ce_flags |= ZEND_ACC_IMPLICIT_ABSTRACT_CLASS;
6803 } else if (!has_body) {
6804 zend_error_noreturn(E_COMPILE_ERROR, "Non-abstract method %s::%s() must contain body",
6805 ZSTR_VAL(ce->name), ZSTR_VAL(name));
6806 }
6807
6808 op_array->scope = ce;
6809 op_array->function_name = zend_string_copy(name);
6810
6811 lcname = zend_string_tolower(name);
6812 lcname = zend_new_interned_string(lcname);
6813
6814 if (zend_hash_add_ptr(&ce->function_table, lcname, op_array) == NULL) {
6815 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::%s()",
6816 ZSTR_VAL(ce->name), ZSTR_VAL(name));
6817 }
6818
6819 zend_add_magic_method(ce, (zend_function *) op_array, lcname);
6820 if (zend_string_equals_literal(lcname, ZEND_TOSTRING_FUNC_NAME)
6821 && !(ce->ce_flags & ZEND_ACC_TRAIT)) {
6822 add_stringable_interface(ce);
6823 }
6824
6825 return lcname;
6826 }
6827 /* }}} */
6828
zend_begin_func_decl(znode * result,zend_op_array * op_array,zend_ast_decl * decl,zend_bool toplevel)6829 static void zend_begin_func_decl(znode *result, zend_op_array *op_array, zend_ast_decl *decl, zend_bool toplevel) /* {{{ */
6830 {
6831 zend_string *unqualified_name, *name, *lcname, *key;
6832 zend_op *opline;
6833
6834 unqualified_name = decl->name;
6835 op_array->function_name = name = zend_prefix_with_ns(unqualified_name);
6836 lcname = zend_string_tolower(name);
6837
6838 if (FC(imports_function)) {
6839 zend_string *import_name =
6840 zend_hash_find_ptr_lc(FC(imports_function), unqualified_name);
6841 if (import_name && !zend_string_equals_ci(lcname, import_name)) {
6842 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare function %s "
6843 "because the name is already in use", ZSTR_VAL(name));
6844 }
6845 }
6846
6847 if (zend_string_equals_literal(lcname, "__autoload")) {
6848 zend_error_noreturn(E_COMPILE_ERROR,
6849 "__autoload() is no longer supported, use spl_autoload_register() instead");
6850 }
6851
6852 if (zend_string_equals_literal_ci(unqualified_name, "assert")) {
6853 zend_error(E_COMPILE_ERROR,
6854 "Defining a custom assert() function is not allowed, "
6855 "as the function has special semantics");
6856 }
6857
6858 zend_register_seen_symbol(lcname, ZEND_SYMBOL_FUNCTION);
6859 if (toplevel) {
6860 if (UNEXPECTED(zend_hash_add_ptr(CG(function_table), lcname, op_array) == NULL)) {
6861 do_bind_function_error(lcname, op_array, 1);
6862 }
6863 zend_string_release_ex(lcname, 0);
6864 return;
6865 }
6866
6867 /* Generate RTD keys until we find one that isn't in use yet. */
6868 key = NULL;
6869 do {
6870 zend_tmp_string_release(key);
6871 key = zend_build_runtime_definition_key(lcname, decl->start_lineno);
6872 } while (!zend_hash_add_ptr(CG(function_table), key, op_array));
6873
6874 if (op_array->fn_flags & ZEND_ACC_CLOSURE) {
6875 opline = zend_emit_op_tmp(result, ZEND_DECLARE_LAMBDA_FUNCTION, NULL, NULL);
6876 opline->extended_value = zend_alloc_cache_slot();
6877 opline->op1_type = IS_CONST;
6878 LITERAL_STR(opline->op1, key);
6879 } else {
6880 opline = get_next_op();
6881 opline->opcode = ZEND_DECLARE_FUNCTION;
6882 opline->op1_type = IS_CONST;
6883 LITERAL_STR(opline->op1, zend_string_copy(lcname));
6884 /* RTD key is placed after lcname literal in op1 */
6885 zend_add_literal_string(&key);
6886 }
6887 zend_string_release_ex(lcname, 0);
6888 }
6889 /* }}} */
6890
zend_compile_func_decl(znode * result,zend_ast * ast,zend_bool toplevel)6891 void zend_compile_func_decl(znode *result, zend_ast *ast, zend_bool toplevel) /* {{{ */
6892 {
6893 zend_ast_decl *decl = (zend_ast_decl *) ast;
6894 zend_ast *params_ast = decl->child[0];
6895 zend_ast *uses_ast = decl->child[1];
6896 zend_ast *stmt_ast = decl->child[2];
6897 zend_ast *return_type_ast = decl->child[3];
6898 zend_bool is_method = decl->kind == ZEND_AST_METHOD;
6899 zend_string *method_lcname;
6900
6901 zend_class_entry *orig_class_entry = CG(active_class_entry);
6902 zend_op_array *orig_op_array = CG(active_op_array);
6903 zend_op_array *op_array = zend_arena_alloc(&CG(arena), sizeof(zend_op_array));
6904 zend_oparray_context orig_oparray_context;
6905 closure_info info;
6906 memset(&info, 0, sizeof(closure_info));
6907
6908 init_op_array(op_array, ZEND_USER_FUNCTION, INITIAL_OP_ARRAY_SIZE);
6909
6910 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
6911 op_array->fn_flags |= ZEND_ACC_PRELOADED;
6912 ZEND_MAP_PTR_NEW(op_array->run_time_cache);
6913 ZEND_MAP_PTR_NEW(op_array->static_variables_ptr);
6914 } else {
6915 ZEND_MAP_PTR_INIT(op_array->run_time_cache, zend_arena_alloc(&CG(arena), sizeof(void*)));
6916 ZEND_MAP_PTR_SET(op_array->run_time_cache, NULL);
6917 }
6918
6919 op_array->fn_flags |= (orig_op_array->fn_flags & ZEND_ACC_STRICT_TYPES);
6920 op_array->fn_flags |= decl->flags;
6921 op_array->line_start = decl->start_lineno;
6922 op_array->line_end = decl->end_lineno;
6923 if (decl->doc_comment) {
6924 op_array->doc_comment = zend_string_copy(decl->doc_comment);
6925 }
6926
6927 if (decl->kind == ZEND_AST_CLOSURE || decl->kind == ZEND_AST_ARROW_FUNC) {
6928 op_array->fn_flags |= ZEND_ACC_CLOSURE;
6929 }
6930
6931 if (is_method) {
6932 zend_bool has_body = stmt_ast != NULL;
6933 method_lcname = zend_begin_method_decl(op_array, decl->name, has_body);
6934 } else {
6935 zend_begin_func_decl(result, op_array, decl, toplevel);
6936 if (decl->kind == ZEND_AST_ARROW_FUNC) {
6937 find_implicit_binds(&info, params_ast, stmt_ast);
6938 compile_implicit_lexical_binds(&info, result, op_array);
6939 } else if (uses_ast) {
6940 zend_compile_closure_binding(result, op_array, uses_ast);
6941 }
6942 }
6943
6944 CG(active_op_array) = op_array;
6945
6946 if (decl->child[4]) {
6947 int target = ZEND_ATTRIBUTE_TARGET_FUNCTION;
6948
6949 if (is_method) {
6950 target = ZEND_ATTRIBUTE_TARGET_METHOD;
6951 }
6952
6953 zend_compile_attributes(&op_array->attributes, decl->child[4], 0, target);
6954 }
6955
6956 /* Do not leak the class scope into free standing functions, even if they are dynamically
6957 * defined inside a class method. This is necessary for correct handling of magic constants.
6958 * For example __CLASS__ should always be "" inside a free standing function. */
6959 if (decl->kind == ZEND_AST_FUNC_DECL) {
6960 CG(active_class_entry) = NULL;
6961 }
6962
6963 if (toplevel) {
6964 op_array->fn_flags |= ZEND_ACC_TOP_LEVEL;
6965 }
6966
6967 zend_oparray_context_begin(&orig_oparray_context);
6968
6969 {
6970 /* Push a separator to the loop variable stack */
6971 zend_loop_var dummy_var;
6972 dummy_var.opcode = ZEND_RETURN;
6973
6974 zend_stack_push(&CG(loop_var_stack), (void *) &dummy_var);
6975 }
6976
6977 zend_compile_params(params_ast, return_type_ast,
6978 is_method && zend_string_equals_literal(method_lcname, ZEND_TOSTRING_FUNC_NAME) ? IS_STRING : 0);
6979 if (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) {
6980 zend_mark_function_as_generator();
6981 zend_emit_op(NULL, ZEND_GENERATOR_CREATE, NULL, NULL);
6982 }
6983 if (decl->kind == ZEND_AST_ARROW_FUNC) {
6984 zend_compile_implicit_closure_uses(&info);
6985 zend_hash_destroy(&info.uses);
6986 } else if (uses_ast) {
6987 zend_compile_closure_uses(uses_ast);
6988 }
6989 zend_compile_stmt(stmt_ast);
6990
6991 if (is_method) {
6992 CG(zend_lineno) = decl->start_lineno;
6993 zend_check_magic_method_implementation(
6994 CG(active_class_entry), (zend_function *) op_array, method_lcname, E_COMPILE_ERROR);
6995 zend_string_release_ex(method_lcname, 0);
6996 }
6997
6998 /* put the implicit return on the really last line */
6999 CG(zend_lineno) = decl->end_lineno;
7000
7001 zend_do_extended_stmt();
7002 zend_emit_final_return(0);
7003
7004 pass_two(CG(active_op_array));
7005 zend_oparray_context_end(&orig_oparray_context);
7006
7007 /* Pop the loop variable stack separator */
7008 zend_stack_del_top(&CG(loop_var_stack));
7009
7010 CG(active_op_array) = orig_op_array;
7011 CG(active_class_entry) = orig_class_entry;
7012 }
7013 /* }}} */
7014
zend_compile_prop_decl(zend_ast * ast,zend_ast * type_ast,uint32_t flags,zend_ast * attr_ast)7015 void zend_compile_prop_decl(zend_ast *ast, zend_ast *type_ast, uint32_t flags, zend_ast *attr_ast) /* {{{ */
7016 {
7017 zend_ast_list *list = zend_ast_get_list(ast);
7018 zend_class_entry *ce = CG(active_class_entry);
7019 uint32_t i, children = list->children;
7020
7021 if (ce->ce_flags & ZEND_ACC_INTERFACE) {
7022 zend_error_noreturn(E_COMPILE_ERROR, "Interfaces may not include member variables");
7023 }
7024
7025 if (flags & ZEND_ACC_ABSTRACT) {
7026 zend_error_noreturn(E_COMPILE_ERROR, "Properties cannot be declared abstract");
7027 }
7028
7029 for (i = 0; i < children; ++i) {
7030 zend_property_info *info;
7031 zend_ast *prop_ast = list->child[i];
7032 zend_ast *name_ast = prop_ast->child[0];
7033 zend_ast **value_ast_ptr = &prop_ast->child[1];
7034 zend_ast *doc_comment_ast = prop_ast->child[2];
7035 zend_string *name = zval_make_interned_string(zend_ast_get_zval(name_ast));
7036 zend_string *doc_comment = NULL;
7037 zval value_zv;
7038 zend_type type = ZEND_TYPE_INIT_NONE(0);
7039
7040 if (type_ast) {
7041 type = zend_compile_typename(type_ast, /* force_allow_null */ 0, /* use_arena */ 1);
7042
7043 if (ZEND_TYPE_FULL_MASK(type) & (MAY_BE_VOID|MAY_BE_CALLABLE)) {
7044 zend_string *str = zend_type_to_string(type);
7045 zend_error_noreturn(E_COMPILE_ERROR,
7046 "Property %s::$%s cannot have type %s",
7047 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(str));
7048 }
7049 }
7050
7051 /* Doc comment has been appended as last element in ZEND_AST_PROP_ELEM ast */
7052 if (doc_comment_ast) {
7053 doc_comment = zend_string_copy(zend_ast_get_str(doc_comment_ast));
7054 }
7055
7056 if (flags & ZEND_ACC_FINAL) {
7057 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare property %s::$%s final, "
7058 "the final modifier is allowed only for methods and classes",
7059 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7060 }
7061
7062 if (zend_hash_exists(&ce->properties_info, name)) {
7063 zend_error_noreturn(E_COMPILE_ERROR, "Cannot redeclare %s::$%s",
7064 ZSTR_VAL(ce->name), ZSTR_VAL(name));
7065 }
7066
7067 if (*value_ast_ptr) {
7068 zend_const_expr_to_zval(&value_zv, value_ast_ptr);
7069
7070 if (ZEND_TYPE_IS_SET(type) && !Z_CONSTANT(value_zv)
7071 && !zend_is_valid_default_value(type, &value_zv)) {
7072 zend_string *str = zend_type_to_string(type);
7073 if (Z_TYPE(value_zv) == IS_NULL) {
7074 ZEND_TYPE_FULL_MASK(type) |= MAY_BE_NULL;
7075 zend_string *nullable_str = zend_type_to_string(type);
7076
7077 zend_error_noreturn(E_COMPILE_ERROR,
7078 "Default value for property of type %s may not be null. "
7079 "Use the nullable type %s to allow null default value",
7080 ZSTR_VAL(str), ZSTR_VAL(nullable_str));
7081 } else {
7082 zend_error_noreturn(E_COMPILE_ERROR,
7083 "Cannot use %s as default value for property %s::$%s of type %s",
7084 zend_zval_type_name(&value_zv),
7085 ZSTR_VAL(ce->name), ZSTR_VAL(name), ZSTR_VAL(str));
7086 }
7087 }
7088 } else if (!ZEND_TYPE_IS_SET(type)) {
7089 ZVAL_NULL(&value_zv);
7090 } else {
7091 ZVAL_UNDEF(&value_zv);
7092 }
7093
7094 info = zend_declare_typed_property(ce, name, &value_zv, flags, doc_comment, type);
7095
7096 if (attr_ast) {
7097 zend_compile_attributes(&info->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_PROPERTY);
7098 }
7099 }
7100 }
7101 /* }}} */
7102
zend_compile_prop_group(zend_ast * ast)7103 void zend_compile_prop_group(zend_ast *ast) /* {{{ */
7104 {
7105 zend_ast *type_ast = ast->child[0];
7106 zend_ast *prop_ast = ast->child[1];
7107 zend_ast *attr_ast = ast->child[2];
7108
7109 zend_compile_prop_decl(prop_ast, type_ast, ast->attr, attr_ast);
7110 }
7111 /* }}} */
7112
zend_check_const_and_trait_alias_attr(uint32_t attr,const char * entity)7113 static void zend_check_const_and_trait_alias_attr(uint32_t attr, const char* entity) /* {{{ */
7114 {
7115 if (attr & ZEND_ACC_STATIC) {
7116 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use 'static' as %s modifier", entity);
7117 } else if (attr & ZEND_ACC_ABSTRACT) {
7118 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use 'abstract' as %s modifier", entity);
7119 } else if (attr & ZEND_ACC_FINAL) {
7120 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use 'final' as %s modifier", entity);
7121 }
7122 }
7123 /* }}} */
7124
zend_compile_class_const_decl(zend_ast * ast,uint32_t flags,zend_ast * attr_ast)7125 void zend_compile_class_const_decl(zend_ast *ast, uint32_t flags, zend_ast *attr_ast) /* {{{ */
7126 {
7127 zend_ast_list *list = zend_ast_get_list(ast);
7128 zend_class_entry *ce = CG(active_class_entry);
7129 uint32_t i, children = list->children;
7130
7131 if ((ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
7132 zend_error_noreturn(E_COMPILE_ERROR, "Traits cannot have constants");
7133 return;
7134 }
7135
7136 for (i = 0; i < children; ++i) {
7137 zend_class_constant *c;
7138 zend_ast *const_ast = list->child[i];
7139 zend_ast *name_ast = const_ast->child[0];
7140 zend_ast **value_ast_ptr = &const_ast->child[1];
7141 zend_ast *doc_comment_ast = const_ast->child[2];
7142 zend_string *name = zval_make_interned_string(zend_ast_get_zval(name_ast));
7143 zend_string *doc_comment = doc_comment_ast ? zend_string_copy(zend_ast_get_str(doc_comment_ast)) : NULL;
7144 zval value_zv;
7145
7146 if (UNEXPECTED(flags & (ZEND_ACC_STATIC|ZEND_ACC_ABSTRACT|ZEND_ACC_FINAL))) {
7147 zend_check_const_and_trait_alias_attr(flags, "constant");
7148 }
7149
7150 zend_const_expr_to_zval(&value_zv, value_ast_ptr);
7151 c = zend_declare_class_constant_ex(ce, name, &value_zv, flags, doc_comment);
7152
7153 if (attr_ast) {
7154 zend_compile_attributes(&c->attributes, attr_ast, 0, ZEND_ATTRIBUTE_TARGET_CLASS_CONST);
7155 }
7156 }
7157 }
7158 /* }}} */
7159
zend_compile_class_const_group(zend_ast * ast)7160 void zend_compile_class_const_group(zend_ast *ast) /* {{{ */
7161 {
7162 zend_ast *const_ast = ast->child[0];
7163 zend_ast *attr_ast = ast->child[1];
7164
7165 zend_compile_class_const_decl(const_ast, ast->attr, attr_ast);
7166 }
7167 /* }}} */
7168
zend_compile_method_ref(zend_ast * ast,zend_trait_method_reference * method_ref)7169 static void zend_compile_method_ref(zend_ast *ast, zend_trait_method_reference *method_ref) /* {{{ */
7170 {
7171 zend_ast *class_ast = ast->child[0];
7172 zend_ast *method_ast = ast->child[1];
7173
7174 method_ref->method_name = zend_string_copy(zend_ast_get_str(method_ast));
7175
7176 if (class_ast) {
7177 method_ref->class_name = zend_resolve_const_class_name_reference(class_ast, "trait name");
7178 } else {
7179 method_ref->class_name = NULL;
7180 }
7181 }
7182 /* }}} */
7183
zend_compile_trait_precedence(zend_ast * ast)7184 static void zend_compile_trait_precedence(zend_ast *ast) /* {{{ */
7185 {
7186 zend_ast *method_ref_ast = ast->child[0];
7187 zend_ast *insteadof_ast = ast->child[1];
7188 zend_ast_list *insteadof_list = zend_ast_get_list(insteadof_ast);
7189 uint32_t i;
7190
7191 zend_trait_precedence *precedence = emalloc(sizeof(zend_trait_precedence) + (insteadof_list->children - 1) * sizeof(zend_string*));
7192 zend_compile_method_ref(method_ref_ast, &precedence->trait_method);
7193 precedence->num_excludes = insteadof_list->children;
7194
7195 for (i = 0; i < insteadof_list->children; ++i) {
7196 zend_ast *name_ast = insteadof_list->child[i];
7197 precedence->exclude_class_names[i] =
7198 zend_resolve_const_class_name_reference(name_ast, "trait name");
7199 }
7200
7201 zend_add_to_list(&CG(active_class_entry)->trait_precedences, precedence);
7202 }
7203 /* }}} */
7204
zend_compile_trait_alias(zend_ast * ast)7205 static void zend_compile_trait_alias(zend_ast *ast) /* {{{ */
7206 {
7207 zend_ast *method_ref_ast = ast->child[0];
7208 zend_ast *alias_ast = ast->child[1];
7209 uint32_t modifiers = ast->attr;
7210
7211 zend_trait_alias *alias;
7212
7213 zend_check_const_and_trait_alias_attr(modifiers, "method");
7214
7215 alias = emalloc(sizeof(zend_trait_alias));
7216 zend_compile_method_ref(method_ref_ast, &alias->trait_method);
7217 alias->modifiers = modifiers;
7218
7219 if (alias_ast) {
7220 alias->alias = zend_string_copy(zend_ast_get_str(alias_ast));
7221 } else {
7222 alias->alias = NULL;
7223 }
7224
7225 zend_add_to_list(&CG(active_class_entry)->trait_aliases, alias);
7226 }
7227 /* }}} */
7228
zend_compile_use_trait(zend_ast * ast)7229 void zend_compile_use_trait(zend_ast *ast) /* {{{ */
7230 {
7231 zend_ast_list *traits = zend_ast_get_list(ast->child[0]);
7232 zend_ast_list *adaptations = ast->child[1] ? zend_ast_get_list(ast->child[1]) : NULL;
7233 zend_class_entry *ce = CG(active_class_entry);
7234 uint32_t i;
7235
7236 ce->trait_names = erealloc(ce->trait_names, sizeof(zend_class_name) * (ce->num_traits + traits->children));
7237
7238 for (i = 0; i < traits->children; ++i) {
7239 zend_ast *trait_ast = traits->child[i];
7240
7241 if (ce->ce_flags & ZEND_ACC_INTERFACE) {
7242 zend_string *name = zend_ast_get_str(trait_ast);
7243 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use traits inside of interfaces. "
7244 "%s is used in %s", ZSTR_VAL(name), ZSTR_VAL(ce->name));
7245 }
7246
7247 ce->trait_names[ce->num_traits].name =
7248 zend_resolve_const_class_name_reference(trait_ast, "trait name");
7249 ce->trait_names[ce->num_traits].lc_name = zend_string_tolower(ce->trait_names[ce->num_traits].name);
7250 ce->num_traits++;
7251 }
7252
7253 if (!adaptations) {
7254 return;
7255 }
7256
7257 for (i = 0; i < adaptations->children; ++i) {
7258 zend_ast *adaptation_ast = adaptations->child[i];
7259 switch (adaptation_ast->kind) {
7260 case ZEND_AST_TRAIT_PRECEDENCE:
7261 zend_compile_trait_precedence(adaptation_ast);
7262 break;
7263 case ZEND_AST_TRAIT_ALIAS:
7264 zend_compile_trait_alias(adaptation_ast);
7265 break;
7266 EMPTY_SWITCH_DEFAULT_CASE()
7267 }
7268 }
7269 }
7270 /* }}} */
7271
zend_compile_implements(zend_ast * ast)7272 void zend_compile_implements(zend_ast *ast) /* {{{ */
7273 {
7274 zend_ast_list *list = zend_ast_get_list(ast);
7275 zend_class_entry *ce = CG(active_class_entry);
7276 zend_class_name *interface_names;
7277 uint32_t i;
7278
7279 interface_names = emalloc(sizeof(zend_class_name) * list->children);
7280
7281 for (i = 0; i < list->children; ++i) {
7282 zend_ast *class_ast = list->child[i];
7283 interface_names[i].name =
7284 zend_resolve_const_class_name_reference(class_ast, "interface name");
7285 interface_names[i].lc_name = zend_string_tolower(interface_names[i].name);
7286 }
7287
7288 ce->num_interfaces = list->children;
7289 ce->interface_names = interface_names;
7290 }
7291 /* }}} */
7292
zend_generate_anon_class_name(zend_ast_decl * decl)7293 static zend_string *zend_generate_anon_class_name(zend_ast_decl *decl)
7294 {
7295 zend_string *filename = CG(active_op_array)->filename;
7296 uint32_t start_lineno = decl->start_lineno;
7297
7298 /* Use parent or first interface as prefix. */
7299 zend_string *prefix = ZSTR_KNOWN(ZEND_STR_CLASS);
7300 if (decl->child[0]) {
7301 prefix = zend_resolve_const_class_name_reference(decl->child[0], "class name");
7302 } else if (decl->child[1]) {
7303 zend_ast_list *list = zend_ast_get_list(decl->child[1]);
7304 prefix = zend_resolve_const_class_name_reference(list->child[0], "interface name");
7305 }
7306
7307 zend_string *result = zend_strpprintf(0, "%s@anonymous%c%s:%" PRIu32 "$%" PRIx32,
7308 ZSTR_VAL(prefix), '\0', ZSTR_VAL(filename), start_lineno, CG(rtd_key_counter)++);
7309 zend_string_release(prefix);
7310 return zend_new_interned_string(result);
7311 }
7312
zend_compile_class_decl(znode * result,zend_ast * ast,zend_bool toplevel)7313 void zend_compile_class_decl(znode *result, zend_ast *ast, zend_bool toplevel) /* {{{ */
7314 {
7315 zend_ast_decl *decl = (zend_ast_decl *) ast;
7316 zend_ast *extends_ast = decl->child[0];
7317 zend_ast *implements_ast = decl->child[1];
7318 zend_ast *stmt_ast = decl->child[2];
7319 zend_string *name, *lcname;
7320 zend_class_entry *ce = zend_arena_alloc(&CG(arena), sizeof(zend_class_entry));
7321 zend_op *opline;
7322
7323 zend_class_entry *original_ce = CG(active_class_entry);
7324
7325 if (EXPECTED((decl->flags & ZEND_ACC_ANON_CLASS) == 0)) {
7326 zend_string *unqualified_name = decl->name;
7327
7328 if (CG(active_class_entry)) {
7329 zend_error_noreturn(E_COMPILE_ERROR, "Class declarations may not be nested");
7330 }
7331
7332 zend_assert_valid_class_name(unqualified_name);
7333 name = zend_prefix_with_ns(unqualified_name);
7334 name = zend_new_interned_string(name);
7335 lcname = zend_string_tolower(name);
7336
7337 if (FC(imports)) {
7338 zend_string *import_name =
7339 zend_hash_find_ptr_lc(FC(imports), unqualified_name);
7340 if (import_name && !zend_string_equals_ci(lcname, import_name)) {
7341 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare class %s "
7342 "because the name is already in use", ZSTR_VAL(name));
7343 }
7344 }
7345
7346 zend_register_seen_symbol(lcname, ZEND_SYMBOL_CLASS);
7347 } else {
7348 /* Find an anon class name that is not in use yet. */
7349 name = NULL;
7350 lcname = NULL;
7351 do {
7352 zend_tmp_string_release(name);
7353 zend_tmp_string_release(lcname);
7354 name = zend_generate_anon_class_name(decl);
7355 lcname = zend_string_tolower(name);
7356 } while (zend_hash_exists(CG(class_table), lcname));
7357 }
7358 lcname = zend_new_interned_string(lcname);
7359
7360 ce->type = ZEND_USER_CLASS;
7361 ce->name = name;
7362 zend_initialize_class_data(ce, 1);
7363
7364 if (CG(compiler_options) & ZEND_COMPILE_PRELOAD) {
7365 ce->ce_flags |= ZEND_ACC_PRELOADED;
7366 ZEND_MAP_PTR_NEW(ce->static_members_table);
7367 }
7368
7369 ce->ce_flags |= decl->flags;
7370 ce->info.user.filename = zend_string_copy(zend_get_compiled_filename());
7371 ce->info.user.line_start = decl->start_lineno;
7372 ce->info.user.line_end = decl->end_lineno;
7373
7374 if (decl->doc_comment) {
7375 ce->info.user.doc_comment = zend_string_copy(decl->doc_comment);
7376 }
7377
7378 if (UNEXPECTED((decl->flags & ZEND_ACC_ANON_CLASS))) {
7379 /* Serialization is not supported for anonymous classes */
7380 ce->serialize = zend_class_serialize_deny;
7381 ce->unserialize = zend_class_unserialize_deny;
7382 }
7383
7384 if (extends_ast) {
7385 ce->parent_name =
7386 zend_resolve_const_class_name_reference(extends_ast, "class name");
7387 }
7388
7389 CG(active_class_entry) = ce;
7390
7391 if (decl->child[3]) {
7392 zend_compile_attributes(&ce->attributes, decl->child[3], 0, ZEND_ATTRIBUTE_TARGET_CLASS);
7393 }
7394
7395 if (implements_ast) {
7396 zend_compile_implements(implements_ast);
7397 }
7398
7399 zend_compile_stmt(stmt_ast);
7400
7401 /* Reset lineno for final opcodes and errors */
7402 CG(zend_lineno) = ast->lineno;
7403
7404 if ((ce->ce_flags & (ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_INTERFACE|ZEND_ACC_TRAIT|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) == ZEND_ACC_IMPLICIT_ABSTRACT_CLASS) {
7405 zend_verify_abstract_class(ce);
7406 }
7407
7408 CG(active_class_entry) = original_ce;
7409
7410 if (toplevel) {
7411 ce->ce_flags |= ZEND_ACC_TOP_LEVEL;
7412 }
7413
7414 if (toplevel
7415 /* We currently don't early-bind classes that implement interfaces or use traits */
7416 && !ce->num_interfaces && !ce->num_traits
7417 && !(CG(compiler_options) & ZEND_COMPILE_WITHOUT_EXECUTION)) {
7418 if (extends_ast) {
7419 zend_class_entry *parent_ce = zend_lookup_class_ex(
7420 ce->parent_name, NULL, ZEND_FETCH_CLASS_NO_AUTOLOAD);
7421
7422 if (parent_ce
7423 && ((parent_ce->type != ZEND_INTERNAL_CLASS) || !(CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_CLASSES))
7424 && ((parent_ce->type != ZEND_USER_CLASS) || !(CG(compiler_options) & ZEND_COMPILE_IGNORE_OTHER_FILES) || (parent_ce->info.user.filename == ce->info.user.filename))) {
7425
7426 CG(zend_lineno) = decl->end_lineno;
7427 if (zend_try_early_bind(ce, parent_ce, lcname, NULL)) {
7428 CG(zend_lineno) = ast->lineno;
7429 zend_string_release(lcname);
7430 return;
7431 }
7432 CG(zend_lineno) = ast->lineno;
7433 }
7434 } else if (EXPECTED(zend_hash_add_ptr(CG(class_table), lcname, ce) != NULL)) {
7435 zend_string_release(lcname);
7436 zend_build_properties_info_table(ce);
7437 ce->ce_flags |= ZEND_ACC_LINKED;
7438 return;
7439 }
7440 }
7441
7442 opline = get_next_op();
7443
7444 if (ce->parent_name) {
7445 /* Lowercased parent name */
7446 zend_string *lc_parent_name = zend_string_tolower(ce->parent_name);
7447 opline->op2_type = IS_CONST;
7448 LITERAL_STR(opline->op2, lc_parent_name);
7449 }
7450
7451 opline->op1_type = IS_CONST;
7452 LITERAL_STR(opline->op1, lcname);
7453
7454 if (decl->flags & ZEND_ACC_ANON_CLASS) {
7455 opline->opcode = ZEND_DECLARE_ANON_CLASS;
7456 opline->extended_value = zend_alloc_cache_slot();
7457 zend_make_var_result(result, opline);
7458 if (!zend_hash_add_ptr(CG(class_table), lcname, ce)) {
7459 /* We checked above that the class name is not used. This really shouldn't happen. */
7460 zend_error_noreturn(E_ERROR,
7461 "Runtime definition key collision for %s. This is a bug", ZSTR_VAL(name));
7462 }
7463 } else {
7464 /* Generate RTD keys until we find one that isn't in use yet. */
7465 zend_string *key = NULL;
7466 do {
7467 zend_tmp_string_release(key);
7468 key = zend_build_runtime_definition_key(lcname, decl->start_lineno);
7469 } while (!zend_hash_add_ptr(CG(class_table), key, ce));
7470
7471 /* RTD key is placed after lcname literal in op1 */
7472 zend_add_literal_string(&key);
7473
7474 opline->opcode = ZEND_DECLARE_CLASS;
7475 if (extends_ast && toplevel
7476 && (CG(compiler_options) & ZEND_COMPILE_DELAYED_BINDING)
7477 /* We currently don't early-bind classes that implement interfaces or use traits */
7478 && !ce->num_interfaces && !ce->num_traits
7479 ) {
7480 CG(active_op_array)->fn_flags |= ZEND_ACC_EARLY_BINDING;
7481 opline->opcode = ZEND_DECLARE_CLASS_DELAYED;
7482 opline->extended_value = zend_alloc_cache_slot();
7483 opline->result_type = IS_UNUSED;
7484 opline->result.opline_num = -1;
7485 }
7486 }
7487 }
7488 /* }}} */
7489
zend_get_import_ht(uint32_t type)7490 static HashTable *zend_get_import_ht(uint32_t type) /* {{{ */
7491 {
7492 switch (type) {
7493 case ZEND_SYMBOL_CLASS:
7494 if (!FC(imports)) {
7495 FC(imports) = emalloc(sizeof(HashTable));
7496 zend_hash_init(FC(imports), 8, NULL, str_dtor, 0);
7497 }
7498 return FC(imports);
7499 case ZEND_SYMBOL_FUNCTION:
7500 if (!FC(imports_function)) {
7501 FC(imports_function) = emalloc(sizeof(HashTable));
7502 zend_hash_init(FC(imports_function), 8, NULL, str_dtor, 0);
7503 }
7504 return FC(imports_function);
7505 case ZEND_SYMBOL_CONST:
7506 if (!FC(imports_const)) {
7507 FC(imports_const) = emalloc(sizeof(HashTable));
7508 zend_hash_init(FC(imports_const), 8, NULL, str_dtor, 0);
7509 }
7510 return FC(imports_const);
7511 EMPTY_SWITCH_DEFAULT_CASE()
7512 }
7513
7514 return NULL;
7515 }
7516 /* }}} */
7517
zend_get_use_type_str(uint32_t type)7518 static char *zend_get_use_type_str(uint32_t type) /* {{{ */
7519 {
7520 switch (type) {
7521 case ZEND_SYMBOL_CLASS:
7522 return "";
7523 case ZEND_SYMBOL_FUNCTION:
7524 return " function";
7525 case ZEND_SYMBOL_CONST:
7526 return " const";
7527 EMPTY_SWITCH_DEFAULT_CASE()
7528 }
7529
7530 return " unknown";
7531 }
7532 /* }}} */
7533
zend_check_already_in_use(uint32_t type,zend_string * old_name,zend_string * new_name,zend_string * check_name)7534 static void zend_check_already_in_use(uint32_t type, zend_string *old_name, zend_string *new_name, zend_string *check_name) /* {{{ */
7535 {
7536 if (zend_string_equals_ci(old_name, check_name)) {
7537 return;
7538 }
7539
7540 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use%s %s as %s because the name "
7541 "is already in use", zend_get_use_type_str(type), ZSTR_VAL(old_name), ZSTR_VAL(new_name));
7542 }
7543 /* }}} */
7544
zend_compile_use(zend_ast * ast)7545 void zend_compile_use(zend_ast *ast) /* {{{ */
7546 {
7547 zend_ast_list *list = zend_ast_get_list(ast);
7548 uint32_t i;
7549 zend_string *current_ns = FC(current_namespace);
7550 uint32_t type = ast->attr;
7551 HashTable *current_import = zend_get_import_ht(type);
7552 zend_bool case_sensitive = type == ZEND_SYMBOL_CONST;
7553
7554 for (i = 0; i < list->children; ++i) {
7555 zend_ast *use_ast = list->child[i];
7556 zend_ast *old_name_ast = use_ast->child[0];
7557 zend_ast *new_name_ast = use_ast->child[1];
7558 zend_string *old_name = zend_ast_get_str(old_name_ast);
7559 zend_string *new_name, *lookup_name;
7560
7561 if (new_name_ast) {
7562 new_name = zend_string_copy(zend_ast_get_str(new_name_ast));
7563 } else {
7564 const char *unqualified_name;
7565 size_t unqualified_name_len;
7566 if (zend_get_unqualified_name(old_name, &unqualified_name, &unqualified_name_len)) {
7567 /* The form "use A\B" is equivalent to "use A\B as B" */
7568 new_name = zend_string_init(unqualified_name, unqualified_name_len, 0);
7569 } else {
7570 new_name = zend_string_copy(old_name);
7571
7572 if (!current_ns) {
7573 zend_error(E_WARNING, "The use statement with non-compound name '%s' "
7574 "has no effect", ZSTR_VAL(new_name));
7575 }
7576 }
7577 }
7578
7579 if (case_sensitive) {
7580 lookup_name = zend_string_copy(new_name);
7581 } else {
7582 lookup_name = zend_string_tolower(new_name);
7583 }
7584
7585 if (type == ZEND_SYMBOL_CLASS && zend_is_reserved_class_name(new_name)) {
7586 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use %s as %s because '%s' "
7587 "is a special class name", ZSTR_VAL(old_name), ZSTR_VAL(new_name), ZSTR_VAL(new_name));
7588 }
7589
7590 if (current_ns) {
7591 zend_string *ns_name = zend_string_alloc(ZSTR_LEN(current_ns) + 1 + ZSTR_LEN(new_name), 0);
7592 zend_str_tolower_copy(ZSTR_VAL(ns_name), ZSTR_VAL(current_ns), ZSTR_LEN(current_ns));
7593 ZSTR_VAL(ns_name)[ZSTR_LEN(current_ns)] = '\\';
7594 memcpy(ZSTR_VAL(ns_name) + ZSTR_LEN(current_ns) + 1, ZSTR_VAL(lookup_name), ZSTR_LEN(lookup_name) + 1);
7595
7596 if (zend_have_seen_symbol(ns_name, type)) {
7597 zend_check_already_in_use(type, old_name, new_name, ns_name);
7598 }
7599
7600 zend_string_efree(ns_name);
7601 } else if (zend_have_seen_symbol(lookup_name, type)) {
7602 zend_check_already_in_use(type, old_name, new_name, lookup_name);
7603 }
7604
7605 zend_string_addref(old_name);
7606 old_name = zend_new_interned_string(old_name);
7607 if (!zend_hash_add_ptr(current_import, lookup_name, old_name)) {
7608 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use%s %s as %s because the name "
7609 "is already in use", zend_get_use_type_str(type), ZSTR_VAL(old_name), ZSTR_VAL(new_name));
7610 }
7611
7612 zend_string_release_ex(lookup_name, 0);
7613 zend_string_release_ex(new_name, 0);
7614 }
7615 }
7616 /* }}} */
7617
zend_compile_group_use(zend_ast * ast)7618 void zend_compile_group_use(zend_ast *ast) /* {{{ */
7619 {
7620 uint32_t i;
7621 zend_string *ns = zend_ast_get_str(ast->child[0]);
7622 zend_ast_list *list = zend_ast_get_list(ast->child[1]);
7623
7624 for (i = 0; i < list->children; i++) {
7625 zend_ast *inline_use, *use = list->child[i];
7626 zval *name_zval = zend_ast_get_zval(use->child[0]);
7627 zend_string *name = Z_STR_P(name_zval);
7628 zend_string *compound_ns = zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
7629 zend_string_release_ex(name, 0);
7630 ZVAL_STR(name_zval, compound_ns);
7631 inline_use = zend_ast_create_list(1, ZEND_AST_USE, use);
7632 inline_use->attr = ast->attr ? ast->attr : use->attr;
7633 zend_compile_use(inline_use);
7634 }
7635 }
7636 /* }}} */
7637
zend_compile_const_decl(zend_ast * ast)7638 void zend_compile_const_decl(zend_ast *ast) /* {{{ */
7639 {
7640 zend_ast_list *list = zend_ast_get_list(ast);
7641 uint32_t i;
7642 for (i = 0; i < list->children; ++i) {
7643 zend_ast *const_ast = list->child[i];
7644 zend_ast *name_ast = const_ast->child[0];
7645 zend_ast **value_ast_ptr = &const_ast->child[1];
7646 zend_string *unqualified_name = zend_ast_get_str(name_ast);
7647
7648 zend_string *name;
7649 znode name_node, value_node;
7650 zval *value_zv = &value_node.u.constant;
7651
7652 value_node.op_type = IS_CONST;
7653 zend_const_expr_to_zval(value_zv, value_ast_ptr);
7654
7655 if (zend_get_special_const(ZSTR_VAL(unqualified_name), ZSTR_LEN(unqualified_name))) {
7656 zend_error_noreturn(E_COMPILE_ERROR,
7657 "Cannot redeclare constant '%s'", ZSTR_VAL(unqualified_name));
7658 }
7659
7660 name = zend_prefix_with_ns(unqualified_name);
7661 name = zend_new_interned_string(name);
7662
7663 if (FC(imports_const)) {
7664 zend_string *import_name = zend_hash_find_ptr(FC(imports_const), unqualified_name);
7665 if (import_name && !zend_string_equals(import_name, name)) {
7666 zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare const %s because "
7667 "the name is already in use", ZSTR_VAL(name));
7668 }
7669 }
7670
7671 name_node.op_type = IS_CONST;
7672 ZVAL_STR(&name_node.u.constant, name);
7673
7674 zend_emit_op(NULL, ZEND_DECLARE_CONST, &name_node, &value_node);
7675
7676 zend_register_seen_symbol(name, ZEND_SYMBOL_CONST);
7677 }
7678 }
7679 /* }}}*/
7680
zend_compile_namespace(zend_ast * ast)7681 void zend_compile_namespace(zend_ast *ast) /* {{{ */
7682 {
7683 zend_ast *name_ast = ast->child[0];
7684 zend_ast *stmt_ast = ast->child[1];
7685 zend_string *name;
7686 zend_bool with_bracket = stmt_ast != NULL;
7687
7688 /* handle mixed syntax declaration or nested namespaces */
7689 if (!FC(has_bracketed_namespaces)) {
7690 if (FC(current_namespace)) {
7691 /* previous namespace declarations were unbracketed */
7692 if (with_bracket) {
7693 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix bracketed namespace declarations "
7694 "with unbracketed namespace declarations");
7695 }
7696 }
7697 } else {
7698 /* previous namespace declarations were bracketed */
7699 if (!with_bracket) {
7700 zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix bracketed namespace declarations "
7701 "with unbracketed namespace declarations");
7702 } else if (FC(current_namespace) || FC(in_namespace)) {
7703 zend_error_noreturn(E_COMPILE_ERROR, "Namespace declarations cannot be nested");
7704 }
7705 }
7706
7707 zend_bool is_first_namespace = (!with_bracket && !FC(current_namespace))
7708 || (with_bracket && !FC(has_bracketed_namespaces));
7709 if (is_first_namespace && FAILURE == zend_is_first_statement(ast, /* allow_nop */ 1)) {
7710 zend_error_noreturn(E_COMPILE_ERROR, "Namespace declaration statement has to be "
7711 "the very first statement or after any declare call in the script");
7712 }
7713
7714 if (FC(current_namespace)) {
7715 zend_string_release_ex(FC(current_namespace), 0);
7716 }
7717
7718 if (name_ast) {
7719 name = zend_ast_get_str(name_ast);
7720
7721 if (zend_string_equals_literal_ci(name, "namespace")) {
7722 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use '%s' as namespace name", ZSTR_VAL(name));
7723 }
7724
7725 FC(current_namespace) = zend_string_copy(name);
7726 } else {
7727 FC(current_namespace) = NULL;
7728 }
7729
7730 zend_reset_import_tables();
7731
7732 FC(in_namespace) = 1;
7733 if (with_bracket) {
7734 FC(has_bracketed_namespaces) = 1;
7735 }
7736
7737 if (stmt_ast) {
7738 zend_compile_top_stmt(stmt_ast);
7739 zend_end_namespace();
7740 }
7741 }
7742 /* }}} */
7743
zend_compile_halt_compiler(zend_ast * ast)7744 void zend_compile_halt_compiler(zend_ast *ast) /* {{{ */
7745 {
7746 zend_ast *offset_ast = ast->child[0];
7747 zend_long offset = Z_LVAL_P(zend_ast_get_zval(offset_ast));
7748
7749 zend_string *filename, *name;
7750 const char const_name[] = "__COMPILER_HALT_OFFSET__";
7751
7752 if (FC(has_bracketed_namespaces) && FC(in_namespace)) {
7753 zend_error_noreturn(E_COMPILE_ERROR,
7754 "__HALT_COMPILER() can only be used from the outermost scope");
7755 }
7756
7757 filename = zend_get_compiled_filename();
7758 name = zend_mangle_property_name(const_name, sizeof(const_name) - 1,
7759 ZSTR_VAL(filename), ZSTR_LEN(filename), 0);
7760
7761 zend_register_long_constant(ZSTR_VAL(name), ZSTR_LEN(name), offset, CONST_CS, 0);
7762 zend_string_release_ex(name, 0);
7763 }
7764 /* }}} */
7765
zend_try_ct_eval_magic_const(zval * zv,zend_ast * ast)7766 static zend_bool zend_try_ct_eval_magic_const(zval *zv, zend_ast *ast) /* {{{ */
7767 {
7768 zend_op_array *op_array = CG(active_op_array);
7769 zend_class_entry *ce = CG(active_class_entry);
7770
7771 switch (ast->attr) {
7772 case T_LINE:
7773 ZVAL_LONG(zv, ast->lineno);
7774 break;
7775 case T_FILE:
7776 ZVAL_STR_COPY(zv, CG(compiled_filename));
7777 break;
7778 case T_DIR:
7779 {
7780 zend_string *filename = CG(compiled_filename);
7781 zend_string *dirname = zend_string_init(ZSTR_VAL(filename), ZSTR_LEN(filename), 0);
7782 #ifdef ZEND_WIN32
7783 ZSTR_LEN(dirname) = php_win32_ioutil_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
7784 #else
7785 ZSTR_LEN(dirname) = zend_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
7786 #endif
7787
7788 if (strcmp(ZSTR_VAL(dirname), ".") == 0) {
7789 dirname = zend_string_extend(dirname, MAXPATHLEN, 0);
7790 #if HAVE_GETCWD
7791 ZEND_IGNORE_VALUE(VCWD_GETCWD(ZSTR_VAL(dirname), MAXPATHLEN));
7792 #elif HAVE_GETWD
7793 ZEND_IGNORE_VALUE(VCWD_GETWD(ZSTR_VAL(dirname)));
7794 #endif
7795 ZSTR_LEN(dirname) = strlen(ZSTR_VAL(dirname));
7796 }
7797
7798 ZVAL_STR(zv, dirname);
7799 break;
7800 }
7801 case T_FUNC_C:
7802 if (op_array && op_array->function_name) {
7803 ZVAL_STR_COPY(zv, op_array->function_name);
7804 } else {
7805 ZVAL_EMPTY_STRING(zv);
7806 }
7807 break;
7808 case T_METHOD_C:
7809 /* Detect whether we are directly inside a class (e.g. a class constant) and treat
7810 * this as not being inside a function. */
7811 if (op_array && ce && !op_array->scope && !(op_array->fn_flags & ZEND_ACC_CLOSURE)) {
7812 op_array = NULL;
7813 }
7814 if (op_array && op_array->function_name) {
7815 if (op_array->scope) {
7816 ZVAL_NEW_STR(zv,
7817 zend_create_member_string(op_array->scope->name, op_array->function_name));
7818 } else {
7819 ZVAL_STR_COPY(zv, op_array->function_name);
7820 }
7821 } else {
7822 ZVAL_EMPTY_STRING(zv);
7823 }
7824 break;
7825 case T_CLASS_C:
7826 if (ce) {
7827 if ((ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
7828 return 0;
7829 } else {
7830 ZVAL_STR_COPY(zv, ce->name);
7831 }
7832 } else {
7833 ZVAL_EMPTY_STRING(zv);
7834 }
7835 break;
7836 case T_TRAIT_C:
7837 if (ce && (ce->ce_flags & ZEND_ACC_TRAIT) != 0) {
7838 ZVAL_STR_COPY(zv, ce->name);
7839 } else {
7840 ZVAL_EMPTY_STRING(zv);
7841 }
7842 break;
7843 case T_NS_C:
7844 if (FC(current_namespace)) {
7845 ZVAL_STR_COPY(zv, FC(current_namespace));
7846 } else {
7847 ZVAL_EMPTY_STRING(zv);
7848 }
7849 break;
7850 EMPTY_SWITCH_DEFAULT_CASE()
7851 }
7852
7853 return 1;
7854 }
7855 /* }}} */
7856
zend_binary_op_produces_error(uint32_t opcode,zval * op1,zval * op2)7857 ZEND_API zend_bool zend_binary_op_produces_error(uint32_t opcode, zval *op1, zval *op2) /* {{{ */
7858 {
7859 if ((opcode == ZEND_CONCAT || opcode == ZEND_FAST_CONCAT)) {
7860 /* Array to string warning. */
7861 return Z_TYPE_P(op1) == IS_ARRAY || Z_TYPE_P(op2) == IS_ARRAY;
7862 }
7863
7864 if (!(opcode == ZEND_ADD || opcode == ZEND_SUB || opcode == ZEND_MUL || opcode == ZEND_DIV
7865 || opcode == ZEND_POW || opcode == ZEND_MOD || opcode == ZEND_SL || opcode == ZEND_SR
7866 || opcode == ZEND_BW_OR || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR)) {
7867 /* Only the numeric operations throw errors. */
7868 return 0;
7869 }
7870
7871 if (Z_TYPE_P(op1) == IS_ARRAY || Z_TYPE_P(op2) == IS_ARRAY) {
7872 if (opcode == ZEND_ADD && Z_TYPE_P(op1) == IS_ARRAY && Z_TYPE_P(op2) == IS_ARRAY) {
7873 /* Adding two arrays is allowed. */
7874 return 0;
7875 }
7876
7877 /* Numeric operators throw when one of the operands is an array. */
7878 return 1;
7879 }
7880
7881 /* While basic arithmetic operators always produce numeric string errors,
7882 * bitwise operators don't produce errors if both operands are strings */
7883 if ((opcode == ZEND_BW_OR || opcode == ZEND_BW_AND || opcode == ZEND_BW_XOR)
7884 && Z_TYPE_P(op1) == IS_STRING && Z_TYPE_P(op2) == IS_STRING) {
7885 return 0;
7886 }
7887
7888 if (Z_TYPE_P(op1) == IS_STRING
7889 && !is_numeric_string(Z_STRVAL_P(op1), Z_STRLEN_P(op1), NULL, NULL, 0)) {
7890 return 1;
7891 }
7892
7893 if (Z_TYPE_P(op2) == IS_STRING
7894 && !is_numeric_string(Z_STRVAL_P(op2), Z_STRLEN_P(op2), NULL, NULL, 0)) {
7895 return 1;
7896 }
7897
7898 if ((opcode == ZEND_MOD && zval_get_long(op2) == 0)
7899 || (opcode == ZEND_DIV && zval_get_double(op2) == 0.0)) {
7900 /* Division by zero throws an error. */
7901 return 1;
7902 }
7903 if ((opcode == ZEND_SL || opcode == ZEND_SR) && zval_get_long(op2) < 0) {
7904 /* Shift by negative number throws an error. */
7905 return 1;
7906 }
7907
7908 return 0;
7909 }
7910 /* }}} */
7911
zend_try_ct_eval_binary_op(zval * result,uint32_t opcode,zval * op1,zval * op2)7912 static inline zend_bool zend_try_ct_eval_binary_op(zval *result, uint32_t opcode, zval *op1, zval *op2) /* {{{ */
7913 {
7914 if (zend_binary_op_produces_error(opcode, op1, op2)) {
7915 return 0;
7916 }
7917
7918 binary_op_type fn = get_binary_op(opcode);
7919 fn(result, op1, op2);
7920 return 1;
7921 }
7922 /* }}} */
7923
zend_unary_op_produces_error(uint32_t opcode,zval * op)7924 zend_bool zend_unary_op_produces_error(uint32_t opcode, zval *op)
7925 {
7926 if (opcode == ZEND_BW_NOT) {
7927 return Z_TYPE_P(op) <= IS_TRUE || Z_TYPE_P(op) == IS_ARRAY;
7928 }
7929
7930 return 0;
7931 }
7932
zend_try_ct_eval_unary_op(zval * result,uint32_t opcode,zval * op)7933 static inline zend_bool zend_try_ct_eval_unary_op(zval *result, uint32_t opcode, zval *op) /* {{{ */
7934 {
7935 if (zend_unary_op_produces_error(opcode, op)) {
7936 return 0;
7937 }
7938
7939 unary_op_type fn = get_unary_op(opcode);
7940 fn(result, op);
7941 return 1;
7942 }
7943 /* }}} */
7944
zend_try_ct_eval_unary_pm(zval * result,zend_ast_kind kind,zval * op)7945 static inline zend_bool zend_try_ct_eval_unary_pm(zval *result, zend_ast_kind kind, zval *op) /* {{{ */
7946 {
7947 zval right;
7948 ZVAL_LONG(&right, (kind == ZEND_AST_UNARY_PLUS) ? 1 : -1);
7949 return zend_try_ct_eval_binary_op(result, ZEND_MUL, op, &right);
7950 }
7951 /* }}} */
7952
zend_ct_eval_greater(zval * result,zend_ast_kind kind,zval * op1,zval * op2)7953 static inline void zend_ct_eval_greater(zval *result, zend_ast_kind kind, zval *op1, zval *op2) /* {{{ */
7954 {
7955 binary_op_type fn = kind == ZEND_AST_GREATER
7956 ? is_smaller_function : is_smaller_or_equal_function;
7957 fn(result, op2, op1);
7958 }
7959 /* }}} */
7960
zend_try_ct_eval_array(zval * result,zend_ast * ast)7961 static zend_bool zend_try_ct_eval_array(zval *result, zend_ast *ast) /* {{{ */
7962 {
7963 zend_ast_list *list = zend_ast_get_list(ast);
7964 zend_ast *last_elem_ast = NULL;
7965 uint32_t i;
7966 zend_bool is_constant = 1;
7967
7968 if (ast->attr == ZEND_ARRAY_SYNTAX_LIST) {
7969 zend_error(E_COMPILE_ERROR, "Cannot use list() as standalone expression");
7970 }
7971
7972 /* First ensure that *all* child nodes are constant and by-val */
7973 for (i = 0; i < list->children; ++i) {
7974 zend_ast *elem_ast = list->child[i];
7975
7976 if (elem_ast == NULL) {
7977 /* Report error at line of last non-empty element */
7978 if (last_elem_ast) {
7979 CG(zend_lineno) = zend_ast_get_lineno(last_elem_ast);
7980 }
7981 zend_error(E_COMPILE_ERROR, "Cannot use empty array elements in arrays");
7982 }
7983
7984 if (elem_ast->kind != ZEND_AST_UNPACK) {
7985 zend_eval_const_expr(&elem_ast->child[0]);
7986 zend_eval_const_expr(&elem_ast->child[1]);
7987
7988 if (elem_ast->attr /* by_ref */ || elem_ast->child[0]->kind != ZEND_AST_ZVAL
7989 || (elem_ast->child[1] && elem_ast->child[1]->kind != ZEND_AST_ZVAL)
7990 ) {
7991 is_constant = 0;
7992 }
7993 } else {
7994 zend_eval_const_expr(&elem_ast->child[0]);
7995
7996 if (elem_ast->child[0]->kind != ZEND_AST_ZVAL) {
7997 is_constant = 0;
7998 }
7999 }
8000
8001 last_elem_ast = elem_ast;
8002 }
8003
8004 if (!is_constant) {
8005 return 0;
8006 }
8007
8008 if (!list->children) {
8009 ZVAL_EMPTY_ARRAY(result);
8010 return 1;
8011 }
8012
8013 array_init_size(result, list->children);
8014 for (i = 0; i < list->children; ++i) {
8015 zend_ast *elem_ast = list->child[i];
8016 zend_ast *value_ast = elem_ast->child[0];
8017 zend_ast *key_ast;
8018
8019 zval *value = zend_ast_get_zval(value_ast);
8020 if (elem_ast->kind == ZEND_AST_UNPACK) {
8021 if (Z_TYPE_P(value) == IS_ARRAY) {
8022 HashTable *ht = Z_ARRVAL_P(value);
8023 zval *val;
8024 zend_string *key;
8025
8026 ZEND_HASH_FOREACH_STR_KEY_VAL(ht, key, val) {
8027 if (key) {
8028 zend_error_noreturn(E_COMPILE_ERROR, "Cannot unpack array with string keys");
8029 }
8030 if (!zend_hash_next_index_insert(Z_ARRVAL_P(result), val)) {
8031 zval_ptr_dtor(result);
8032 return 0;
8033 }
8034 Z_TRY_ADDREF_P(val);
8035 } ZEND_HASH_FOREACH_END();
8036
8037 continue;
8038 } else {
8039 zend_error_noreturn(E_COMPILE_ERROR, "Only arrays and Traversables can be unpacked");
8040 }
8041 }
8042
8043 Z_TRY_ADDREF_P(value);
8044
8045 key_ast = elem_ast->child[1];
8046 if (key_ast) {
8047 zval *key = zend_ast_get_zval(key_ast);
8048 switch (Z_TYPE_P(key)) {
8049 case IS_LONG:
8050 zend_hash_index_update(Z_ARRVAL_P(result), Z_LVAL_P(key), value);
8051 break;
8052 case IS_STRING:
8053 zend_symtable_update(Z_ARRVAL_P(result), Z_STR_P(key), value);
8054 break;
8055 case IS_DOUBLE:
8056 zend_hash_index_update(Z_ARRVAL_P(result),
8057 zend_dval_to_lval(Z_DVAL_P(key)), value);
8058 break;
8059 case IS_FALSE:
8060 zend_hash_index_update(Z_ARRVAL_P(result), 0, value);
8061 break;
8062 case IS_TRUE:
8063 zend_hash_index_update(Z_ARRVAL_P(result), 1, value);
8064 break;
8065 case IS_NULL:
8066 zend_hash_update(Z_ARRVAL_P(result), ZSTR_EMPTY_ALLOC(), value);
8067 break;
8068 default:
8069 zend_error_noreturn(E_COMPILE_ERROR, "Illegal offset type");
8070 break;
8071 }
8072 } else if (!zend_hash_next_index_insert(Z_ARRVAL_P(result), value)) {
8073 zval_ptr_dtor_nogc(value);
8074 zval_ptr_dtor(result);
8075 return 0;
8076 }
8077 }
8078
8079 return 1;
8080 }
8081 /* }}} */
8082
zend_compile_binary_op(znode * result,zend_ast * ast)8083 void zend_compile_binary_op(znode *result, zend_ast *ast) /* {{{ */
8084 {
8085 zend_ast *left_ast = ast->child[0];
8086 zend_ast *right_ast = ast->child[1];
8087 uint32_t opcode = ast->attr;
8088
8089 znode left_node, right_node;
8090
8091 zend_compile_expr(&left_node, left_ast);
8092 zend_compile_expr(&right_node, right_ast);
8093
8094 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
8095 if (zend_try_ct_eval_binary_op(&result->u.constant, opcode,
8096 &left_node.u.constant, &right_node.u.constant)
8097 ) {
8098 result->op_type = IS_CONST;
8099 zval_ptr_dtor(&left_node.u.constant);
8100 zval_ptr_dtor(&right_node.u.constant);
8101 return;
8102 }
8103 }
8104
8105 do {
8106 if (opcode == ZEND_IS_EQUAL || opcode == ZEND_IS_NOT_EQUAL) {
8107 if (left_node.op_type == IS_CONST) {
8108 if (Z_TYPE(left_node.u.constant) == IS_FALSE) {
8109 opcode = (opcode == ZEND_IS_NOT_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8110 zend_emit_op_tmp(result, opcode, &right_node, NULL);
8111 break;
8112 } else if (Z_TYPE(left_node.u.constant) == IS_TRUE) {
8113 opcode = (opcode == ZEND_IS_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8114 zend_emit_op_tmp(result, opcode, &right_node, NULL);
8115 break;
8116 }
8117 } else if (right_node.op_type == IS_CONST) {
8118 if (Z_TYPE(right_node.u.constant) == IS_FALSE) {
8119 opcode = (opcode == ZEND_IS_NOT_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8120 zend_emit_op_tmp(result, opcode, &left_node, NULL);
8121 break;
8122 } else if (Z_TYPE(right_node.u.constant) == IS_TRUE) {
8123 opcode = (opcode == ZEND_IS_EQUAL) ? ZEND_BOOL : ZEND_BOOL_NOT;
8124 zend_emit_op_tmp(result, opcode, &left_node, NULL);
8125 break;
8126 }
8127 }
8128 } else if (opcode == ZEND_IS_IDENTICAL || opcode == ZEND_IS_NOT_IDENTICAL) {
8129 /* convert $x === null to is_null($x) (i.e. ZEND_TYPE_CHECK opcode). Do the same thing for false/true. (covers IS_NULL, IS_FALSE, and IS_TRUE) */
8130 if (left_node.op_type == IS_CONST) {
8131 if (Z_TYPE(left_node.u.constant) <= IS_TRUE && Z_TYPE(left_node.u.constant) >= IS_NULL) {
8132 zend_op *opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &right_node, NULL);
8133 opline->extended_value =
8134 (opcode == ZEND_IS_IDENTICAL) ?
8135 (1 << Z_TYPE(left_node.u.constant)) :
8136 (MAY_BE_ANY - (1 << Z_TYPE(left_node.u.constant)));
8137 return;
8138 }
8139 } else if (right_node.op_type == IS_CONST) {
8140 if (Z_TYPE(right_node.u.constant) <= IS_TRUE && Z_TYPE(right_node.u.constant) >= IS_NULL) {
8141 zend_op *opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &left_node, NULL);
8142 opline->extended_value =
8143 (opcode == ZEND_IS_IDENTICAL) ?
8144 (1 << Z_TYPE(right_node.u.constant)) :
8145 (MAY_BE_ANY - (1 << Z_TYPE(right_node.u.constant)));
8146 return;
8147 }
8148 }
8149 } else if (opcode == ZEND_CONCAT) {
8150 /* convert constant operands to strings at compile-time */
8151 if (left_node.op_type == IS_CONST) {
8152 if (Z_TYPE(left_node.u.constant) == IS_ARRAY) {
8153 zend_emit_op_tmp(&left_node, ZEND_CAST, &left_node, NULL)->extended_value = IS_STRING;
8154 } else {
8155 convert_to_string(&left_node.u.constant);
8156 }
8157 }
8158 if (right_node.op_type == IS_CONST) {
8159 if (Z_TYPE(right_node.u.constant) == IS_ARRAY) {
8160 zend_emit_op_tmp(&right_node, ZEND_CAST, &right_node, NULL)->extended_value = IS_STRING;
8161 } else {
8162 convert_to_string(&right_node.u.constant);
8163 }
8164 }
8165 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
8166 opcode = ZEND_FAST_CONCAT;
8167 }
8168 }
8169 zend_emit_op_tmp(result, opcode, &left_node, &right_node);
8170 } while (0);
8171 }
8172 /* }}} */
8173
8174 /* We do not use zend_compile_binary_op for this because we want to retain the left-to-right
8175 * evaluation order. */
zend_compile_greater(znode * result,zend_ast * ast)8176 void zend_compile_greater(znode *result, zend_ast *ast) /* {{{ */
8177 {
8178 zend_ast *left_ast = ast->child[0];
8179 zend_ast *right_ast = ast->child[1];
8180 znode left_node, right_node;
8181
8182 ZEND_ASSERT(ast->kind == ZEND_AST_GREATER || ast->kind == ZEND_AST_GREATER_EQUAL);
8183
8184 zend_compile_expr(&left_node, left_ast);
8185 zend_compile_expr(&right_node, right_ast);
8186
8187 if (left_node.op_type == IS_CONST && right_node.op_type == IS_CONST) {
8188 result->op_type = IS_CONST;
8189 zend_ct_eval_greater(&result->u.constant, ast->kind,
8190 &left_node.u.constant, &right_node.u.constant);
8191 zval_ptr_dtor(&left_node.u.constant);
8192 zval_ptr_dtor(&right_node.u.constant);
8193 return;
8194 }
8195
8196 zend_emit_op_tmp(result,
8197 ast->kind == ZEND_AST_GREATER ? ZEND_IS_SMALLER : ZEND_IS_SMALLER_OR_EQUAL,
8198 &right_node, &left_node);
8199 }
8200 /* }}} */
8201
zend_compile_unary_op(znode * result,zend_ast * ast)8202 void zend_compile_unary_op(znode *result, zend_ast *ast) /* {{{ */
8203 {
8204 zend_ast *expr_ast = ast->child[0];
8205 uint32_t opcode = ast->attr;
8206
8207 znode expr_node;
8208 zend_compile_expr(&expr_node, expr_ast);
8209
8210 if (expr_node.op_type == IS_CONST
8211 && zend_try_ct_eval_unary_op(&result->u.constant, opcode, &expr_node.u.constant)) {
8212 result->op_type = IS_CONST;
8213 zval_ptr_dtor(&expr_node.u.constant);
8214 return;
8215 }
8216
8217 zend_emit_op_tmp(result, opcode, &expr_node, NULL);
8218 }
8219 /* }}} */
8220
zend_compile_unary_pm(znode * result,zend_ast * ast)8221 void zend_compile_unary_pm(znode *result, zend_ast *ast) /* {{{ */
8222 {
8223 zend_ast *expr_ast = ast->child[0];
8224 znode expr_node, right_node;
8225
8226 ZEND_ASSERT(ast->kind == ZEND_AST_UNARY_PLUS || ast->kind == ZEND_AST_UNARY_MINUS);
8227
8228 zend_compile_expr(&expr_node, expr_ast);
8229
8230 if (expr_node.op_type == IS_CONST
8231 && zend_try_ct_eval_unary_pm(&result->u.constant, ast->kind, &expr_node.u.constant)) {
8232 result->op_type = IS_CONST;
8233 zval_ptr_dtor(&expr_node.u.constant);
8234 return;
8235 }
8236
8237 right_node.op_type = IS_CONST;
8238 ZVAL_LONG(&right_node.u.constant, (ast->kind == ZEND_AST_UNARY_PLUS) ? 1 : -1);
8239 zend_emit_op_tmp(result, ZEND_MUL, &expr_node, &right_node);
8240 }
8241 /* }}} */
8242
zend_compile_short_circuiting(znode * result,zend_ast * ast)8243 void zend_compile_short_circuiting(znode *result, zend_ast *ast) /* {{{ */
8244 {
8245 zend_ast *left_ast = ast->child[0];
8246 zend_ast *right_ast = ast->child[1];
8247
8248 znode left_node, right_node;
8249 zend_op *opline_jmpz, *opline_bool;
8250 uint32_t opnum_jmpz;
8251
8252 ZEND_ASSERT(ast->kind == ZEND_AST_AND || ast->kind == ZEND_AST_OR);
8253
8254 zend_compile_expr(&left_node, left_ast);
8255
8256 if (left_node.op_type == IS_CONST) {
8257 if ((ast->kind == ZEND_AST_AND && !zend_is_true(&left_node.u.constant))
8258 || (ast->kind == ZEND_AST_OR && zend_is_true(&left_node.u.constant))) {
8259 result->op_type = IS_CONST;
8260 ZVAL_BOOL(&result->u.constant, zend_is_true(&left_node.u.constant));
8261 } else {
8262 zend_compile_expr(&right_node, right_ast);
8263
8264 if (right_node.op_type == IS_CONST) {
8265 result->op_type = IS_CONST;
8266 ZVAL_BOOL(&result->u.constant, zend_is_true(&right_node.u.constant));
8267
8268 zval_ptr_dtor(&right_node.u.constant);
8269 } else {
8270 zend_emit_op_tmp(result, ZEND_BOOL, &right_node, NULL);
8271 }
8272 }
8273
8274 zval_ptr_dtor(&left_node.u.constant);
8275 return;
8276 }
8277
8278 opnum_jmpz = get_next_op_number();
8279 opline_jmpz = zend_emit_op(NULL, ast->kind == ZEND_AST_AND ? ZEND_JMPZ_EX : ZEND_JMPNZ_EX,
8280 &left_node, NULL);
8281
8282 if (left_node.op_type == IS_TMP_VAR) {
8283 SET_NODE(opline_jmpz->result, &left_node);
8284 GET_NODE(result, opline_jmpz->result);
8285 } else {
8286 zend_make_tmp_result(result, opline_jmpz);
8287 }
8288
8289 zend_compile_expr(&right_node, right_ast);
8290
8291 opline_bool = zend_emit_op(NULL, ZEND_BOOL, &right_node, NULL);
8292 SET_NODE(opline_bool->result, result);
8293
8294 zend_update_jump_target_to_next(opnum_jmpz);
8295 }
8296 /* }}} */
8297
zend_compile_post_incdec(znode * result,zend_ast * ast)8298 void zend_compile_post_incdec(znode *result, zend_ast *ast) /* {{{ */
8299 {
8300 zend_ast *var_ast = ast->child[0];
8301 ZEND_ASSERT(ast->kind == ZEND_AST_POST_INC || ast->kind == ZEND_AST_POST_DEC);
8302
8303 zend_ensure_writable_variable(var_ast);
8304
8305 if (var_ast->kind == ZEND_AST_PROP || var_ast->kind == ZEND_AST_NULLSAFE_PROP) {
8306 zend_op *opline = zend_compile_prop(NULL, var_ast, BP_VAR_RW, 0);
8307 opline->opcode = ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC_OBJ : ZEND_POST_DEC_OBJ;
8308 zend_make_tmp_result(result, opline);
8309 } else if (var_ast->kind == ZEND_AST_STATIC_PROP) {
8310 zend_op *opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_RW, 0, 0);
8311 opline->opcode = ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC_STATIC_PROP : ZEND_POST_DEC_STATIC_PROP;
8312 zend_make_tmp_result(result, opline);
8313 } else {
8314 znode var_node;
8315 zend_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
8316 zend_emit_op_tmp(result, ast->kind == ZEND_AST_POST_INC ? ZEND_POST_INC : ZEND_POST_DEC,
8317 &var_node, NULL);
8318 }
8319 }
8320 /* }}} */
8321
zend_compile_pre_incdec(znode * result,zend_ast * ast)8322 void zend_compile_pre_incdec(znode *result, zend_ast *ast) /* {{{ */
8323 {
8324 zend_ast *var_ast = ast->child[0];
8325 ZEND_ASSERT(ast->kind == ZEND_AST_PRE_INC || ast->kind == ZEND_AST_PRE_DEC);
8326
8327 zend_ensure_writable_variable(var_ast);
8328
8329 if (var_ast->kind == ZEND_AST_PROP || var_ast->kind == ZEND_AST_NULLSAFE_PROP) {
8330 zend_op *opline = zend_compile_prop(result, var_ast, BP_VAR_RW, 0);
8331 opline->opcode = ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC_OBJ : ZEND_PRE_DEC_OBJ;
8332 opline->result_type = IS_TMP_VAR;
8333 result->op_type = IS_TMP_VAR;
8334 } else if (var_ast->kind == ZEND_AST_STATIC_PROP) {
8335 zend_op *opline = zend_compile_static_prop(result, var_ast, BP_VAR_RW, 0, 0);
8336 opline->opcode = ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC_STATIC_PROP : ZEND_PRE_DEC_STATIC_PROP;
8337 opline->result_type = IS_TMP_VAR;
8338 result->op_type = IS_TMP_VAR;
8339 } else {
8340 znode var_node;
8341 zend_compile_var(&var_node, var_ast, BP_VAR_RW, 0);
8342 zend_emit_op_tmp(result, ast->kind == ZEND_AST_PRE_INC ? ZEND_PRE_INC : ZEND_PRE_DEC,
8343 &var_node, NULL);
8344 }
8345 }
8346 /* }}} */
8347
zend_compile_cast(znode * result,zend_ast * ast)8348 void zend_compile_cast(znode *result, zend_ast *ast) /* {{{ */
8349 {
8350 zend_ast *expr_ast = ast->child[0];
8351 znode expr_node;
8352 zend_op *opline;
8353
8354 zend_compile_expr(&expr_node, expr_ast);
8355
8356 if (ast->attr == _IS_BOOL) {
8357 opline = zend_emit_op_tmp(result, ZEND_BOOL, &expr_node, NULL);
8358 } else if (ast->attr == IS_NULL) {
8359 zend_error(E_COMPILE_ERROR, "The (unset) cast is no longer supported");
8360 } else {
8361 opline = zend_emit_op_tmp(result, ZEND_CAST, &expr_node, NULL);
8362 opline->extended_value = ast->attr;
8363 }
8364 }
8365 /* }}} */
8366
zend_compile_shorthand_conditional(znode * result,zend_ast * ast)8367 static void zend_compile_shorthand_conditional(znode *result, zend_ast *ast) /* {{{ */
8368 {
8369 zend_ast *cond_ast = ast->child[0];
8370 zend_ast *false_ast = ast->child[2];
8371
8372 znode cond_node, false_node;
8373 zend_op *opline_qm_assign;
8374 uint32_t opnum_jmp_set;
8375
8376 ZEND_ASSERT(ast->child[1] == NULL);
8377
8378 zend_compile_expr(&cond_node, cond_ast);
8379
8380 opnum_jmp_set = get_next_op_number();
8381 zend_emit_op_tmp(result, ZEND_JMP_SET, &cond_node, NULL);
8382
8383 zend_compile_expr(&false_node, false_ast);
8384
8385 opline_qm_assign = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &false_node, NULL);
8386 SET_NODE(opline_qm_assign->result, result);
8387
8388 zend_update_jump_target_to_next(opnum_jmp_set);
8389 }
8390 /* }}} */
8391
zend_compile_conditional(znode * result,zend_ast * ast)8392 void zend_compile_conditional(znode *result, zend_ast *ast) /* {{{ */
8393 {
8394 zend_ast *cond_ast = ast->child[0];
8395 zend_ast *true_ast = ast->child[1];
8396 zend_ast *false_ast = ast->child[2];
8397
8398 znode cond_node, true_node, false_node;
8399 zend_op *opline_qm_assign2;
8400 uint32_t opnum_jmpz, opnum_jmp;
8401
8402 if (cond_ast->kind == ZEND_AST_CONDITIONAL
8403 && cond_ast->attr != ZEND_PARENTHESIZED_CONDITIONAL) {
8404 if (cond_ast->child[1]) {
8405 if (true_ast) {
8406 zend_error(E_COMPILE_ERROR,
8407 "Unparenthesized `a ? b : c ? d : e` is not supported. "
8408 "Use either `(a ? b : c) ? d : e` or `a ? b : (c ? d : e)`");
8409 } else {
8410 zend_error(E_COMPILE_ERROR,
8411 "Unparenthesized `a ? b : c ?: d` is not supported. "
8412 "Use either `(a ? b : c) ?: d` or `a ? b : (c ?: d)`");
8413 }
8414 } else {
8415 if (true_ast) {
8416 zend_error(E_COMPILE_ERROR,
8417 "Unparenthesized `a ?: b ? c : d` is not supported. "
8418 "Use either `(a ?: b) ? c : d` or `a ?: (b ? c : d)`");
8419 } else {
8420 /* This case is harmless: (a ?: b) ?: c always produces the same result
8421 * as a ?: (b ?: c). */
8422 }
8423 }
8424 }
8425
8426 if (!true_ast) {
8427 zend_compile_shorthand_conditional(result, ast);
8428 return;
8429 }
8430
8431 zend_compile_expr(&cond_node, cond_ast);
8432
8433 opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
8434
8435 zend_compile_expr(&true_node, true_ast);
8436
8437 zend_emit_op_tmp(result, ZEND_QM_ASSIGN, &true_node, NULL);
8438
8439 opnum_jmp = zend_emit_jump(0);
8440
8441 zend_update_jump_target_to_next(opnum_jmpz);
8442
8443 zend_compile_expr(&false_node, false_ast);
8444
8445 opline_qm_assign2 = zend_emit_op(NULL, ZEND_QM_ASSIGN, &false_node, NULL);
8446 SET_NODE(opline_qm_assign2->result, result);
8447
8448 zend_update_jump_target_to_next(opnum_jmp);
8449 }
8450 /* }}} */
8451
zend_compile_coalesce(znode * result,zend_ast * ast)8452 void zend_compile_coalesce(znode *result, zend_ast *ast) /* {{{ */
8453 {
8454 zend_ast *expr_ast = ast->child[0];
8455 zend_ast *default_ast = ast->child[1];
8456
8457 znode expr_node, default_node;
8458 zend_op *opline;
8459 uint32_t opnum;
8460
8461 zend_compile_var(&expr_node, expr_ast, BP_VAR_IS, 0);
8462
8463 opnum = get_next_op_number();
8464 zend_emit_op_tmp(result, ZEND_COALESCE, &expr_node, NULL);
8465
8466 zend_compile_expr(&default_node, default_ast);
8467
8468 opline = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &default_node, NULL);
8469 SET_NODE(opline->result, result);
8470
8471 opline = &CG(active_op_array)->opcodes[opnum];
8472 opline->op2.opline_num = get_next_op_number();
8473 }
8474 /* }}} */
8475
znode_dtor(zval * zv)8476 static void znode_dtor(zval *zv) {
8477 znode *node = Z_PTR_P(zv);
8478 if (node->op_type == IS_CONST) {
8479 zval_ptr_dtor_nogc(&node->u.constant);
8480 }
8481 efree(node);
8482 }
8483
zend_compile_assign_coalesce(znode * result,zend_ast * ast)8484 void zend_compile_assign_coalesce(znode *result, zend_ast *ast) /* {{{ */
8485 {
8486 zend_ast *var_ast = ast->child[0];
8487 zend_ast *default_ast = ast->child[1];
8488
8489 znode var_node_is, var_node_w, default_node, assign_node, *node;
8490 zend_op *opline;
8491 uint32_t coalesce_opnum;
8492 zend_bool need_frees = 0;
8493
8494 /* Remember expressions compiled during the initial BP_VAR_IS lookup,
8495 * to avoid double-evaluation when we compile again with BP_VAR_W. */
8496 HashTable *orig_memoized_exprs = CG(memoized_exprs);
8497 int orig_memoize_mode = CG(memoize_mode);
8498
8499 zend_ensure_writable_variable(var_ast);
8500 if (is_this_fetch(var_ast)) {
8501 zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
8502 }
8503
8504 ALLOC_HASHTABLE(CG(memoized_exprs));
8505 zend_hash_init(CG(memoized_exprs), 0, NULL, znode_dtor, 0);
8506
8507 CG(memoize_mode) = ZEND_MEMOIZE_COMPILE;
8508 zend_compile_var(&var_node_is, var_ast, BP_VAR_IS, 0);
8509
8510 coalesce_opnum = get_next_op_number();
8511 zend_emit_op_tmp(result, ZEND_COALESCE, &var_node_is, NULL);
8512
8513 CG(memoize_mode) = ZEND_MEMOIZE_NONE;
8514 if (var_ast->kind == ZEND_AST_DIM
8515 && zend_is_assign_to_self(var_ast, default_ast)
8516 && !is_this_fetch(default_ast)) {
8517 /* $a[0] = $a should evaluate the right $a first */
8518 znode cv_node;
8519
8520 if (zend_try_compile_cv(&cv_node, default_ast) == FAILURE) {
8521 zend_compile_simple_var_no_cv(&default_node, default_ast, BP_VAR_R, 0);
8522 } else {
8523 zend_emit_op_tmp(&default_node, ZEND_QM_ASSIGN, &cv_node, NULL);
8524 }
8525 } else {
8526 zend_compile_expr(&default_node, default_ast);
8527 }
8528
8529 CG(memoize_mode) = ZEND_MEMOIZE_FETCH;
8530 zend_compile_var(&var_node_w, var_ast, BP_VAR_W, 0);
8531
8532 /* Reproduce some of the zend_compile_assign() opcode fixup logic here. */
8533 opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
8534 switch (var_ast->kind) {
8535 case ZEND_AST_VAR:
8536 zend_emit_op_tmp(&assign_node, ZEND_ASSIGN, &var_node_w, &default_node);
8537 break;
8538 case ZEND_AST_STATIC_PROP:
8539 opline->opcode = ZEND_ASSIGN_STATIC_PROP;
8540 opline->result_type = IS_TMP_VAR;
8541 var_node_w.op_type = IS_TMP_VAR;
8542 zend_emit_op_data(&default_node);
8543 assign_node = var_node_w;
8544 break;
8545 case ZEND_AST_DIM:
8546 opline->opcode = ZEND_ASSIGN_DIM;
8547 opline->result_type = IS_TMP_VAR;
8548 var_node_w.op_type = IS_TMP_VAR;
8549 zend_emit_op_data(&default_node);
8550 assign_node = var_node_w;
8551 break;
8552 case ZEND_AST_PROP:
8553 case ZEND_AST_NULLSAFE_PROP:
8554 opline->opcode = ZEND_ASSIGN_OBJ;
8555 opline->result_type = IS_TMP_VAR;
8556 var_node_w.op_type = IS_TMP_VAR;
8557 zend_emit_op_data(&default_node);
8558 assign_node = var_node_w;
8559 break;
8560 EMPTY_SWITCH_DEFAULT_CASE();
8561 }
8562
8563 opline = zend_emit_op_tmp(NULL, ZEND_QM_ASSIGN, &assign_node, NULL);
8564 SET_NODE(opline->result, result);
8565
8566 ZEND_HASH_FOREACH_PTR(CG(memoized_exprs), node) {
8567 if (node->op_type == IS_TMP_VAR || node->op_type == IS_VAR) {
8568 need_frees = 1;
8569 break;
8570 }
8571 } ZEND_HASH_FOREACH_END();
8572
8573 /* Free DUPed expressions if there are any */
8574 if (need_frees) {
8575 uint32_t jump_opnum = zend_emit_jump(0);
8576 zend_update_jump_target_to_next(coalesce_opnum);
8577 ZEND_HASH_FOREACH_PTR(CG(memoized_exprs), node) {
8578 if (node->op_type == IS_TMP_VAR || node->op_type == IS_VAR) {
8579 zend_emit_op(NULL, ZEND_FREE, node, NULL);
8580 }
8581 } ZEND_HASH_FOREACH_END();
8582 zend_update_jump_target_to_next(jump_opnum);
8583 } else {
8584 zend_update_jump_target_to_next(coalesce_opnum);
8585 }
8586
8587 zend_hash_destroy(CG(memoized_exprs));
8588 FREE_HASHTABLE(CG(memoized_exprs));
8589 CG(memoized_exprs) = orig_memoized_exprs;
8590 CG(memoize_mode) = orig_memoize_mode;
8591 }
8592 /* }}} */
8593
zend_compile_print(znode * result,zend_ast * ast)8594 void zend_compile_print(znode *result, zend_ast *ast) /* {{{ */
8595 {
8596 zend_op *opline;
8597 zend_ast *expr_ast = ast->child[0];
8598
8599 znode expr_node;
8600 zend_compile_expr(&expr_node, expr_ast);
8601
8602 opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
8603 opline->extended_value = 1;
8604
8605 result->op_type = IS_CONST;
8606 ZVAL_LONG(&result->u.constant, 1);
8607 }
8608 /* }}} */
8609
zend_compile_exit(znode * result,zend_ast * ast)8610 void zend_compile_exit(znode *result, zend_ast *ast) /* {{{ */
8611 {
8612 zend_ast *expr_ast = ast->child[0];
8613
8614 if (expr_ast) {
8615 znode expr_node;
8616 zend_compile_expr(&expr_node, expr_ast);
8617 zend_emit_op(NULL, ZEND_EXIT, &expr_node, NULL);
8618 } else {
8619 zend_emit_op(NULL, ZEND_EXIT, NULL, NULL);
8620 }
8621
8622 result->op_type = IS_CONST;
8623 ZVAL_BOOL(&result->u.constant, 1);
8624 }
8625 /* }}} */
8626
zend_compile_yield(znode * result,zend_ast * ast)8627 void zend_compile_yield(znode *result, zend_ast *ast) /* {{{ */
8628 {
8629 zend_ast *value_ast = ast->child[0];
8630 zend_ast *key_ast = ast->child[1];
8631
8632 znode value_node, key_node;
8633 znode *value_node_ptr = NULL, *key_node_ptr = NULL;
8634 zend_op *opline;
8635 zend_bool returns_by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
8636
8637 zend_mark_function_as_generator();
8638
8639 if (key_ast) {
8640 zend_compile_expr(&key_node, key_ast);
8641 key_node_ptr = &key_node;
8642 }
8643
8644 if (value_ast) {
8645 if (returns_by_ref && zend_is_variable(value_ast)) {
8646 zend_compile_var(&value_node, value_ast, BP_VAR_W, 1);
8647 } else {
8648 zend_compile_expr(&value_node, value_ast);
8649 }
8650 value_node_ptr = &value_node;
8651 }
8652
8653 opline = zend_emit_op(result, ZEND_YIELD, value_node_ptr, key_node_ptr);
8654
8655 if (value_ast && returns_by_ref && zend_is_call(value_ast)) {
8656 opline->extended_value = ZEND_RETURNS_FUNCTION;
8657 }
8658 }
8659 /* }}} */
8660
zend_compile_yield_from(znode * result,zend_ast * ast)8661 void zend_compile_yield_from(znode *result, zend_ast *ast) /* {{{ */
8662 {
8663 zend_ast *expr_ast = ast->child[0];
8664 znode expr_node;
8665
8666 zend_mark_function_as_generator();
8667
8668 if (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) {
8669 zend_error_noreturn(E_COMPILE_ERROR,
8670 "Cannot use \"yield from\" inside a by-reference generator");
8671 }
8672
8673 zend_compile_expr(&expr_node, expr_ast);
8674 zend_emit_op_tmp(result, ZEND_YIELD_FROM, &expr_node, NULL);
8675 }
8676 /* }}} */
8677
zend_compile_instanceof(znode * result,zend_ast * ast)8678 void zend_compile_instanceof(znode *result, zend_ast *ast) /* {{{ */
8679 {
8680 zend_ast *obj_ast = ast->child[0];
8681 zend_ast *class_ast = ast->child[1];
8682
8683 znode obj_node, class_node;
8684 zend_op *opline;
8685
8686 zend_compile_expr(&obj_node, obj_ast);
8687 if (obj_node.op_type == IS_CONST) {
8688 zend_do_free(&obj_node);
8689 result->op_type = IS_CONST;
8690 ZVAL_FALSE(&result->u.constant);
8691 return;
8692 }
8693
8694 zend_compile_class_ref(&class_node, class_ast,
8695 ZEND_FETCH_CLASS_NO_AUTOLOAD | ZEND_FETCH_CLASS_EXCEPTION);
8696
8697 opline = zend_emit_op_tmp(result, ZEND_INSTANCEOF, &obj_node, NULL);
8698
8699 if (class_node.op_type == IS_CONST) {
8700 opline->op2_type = IS_CONST;
8701 opline->op2.constant = zend_add_class_name_literal(
8702 Z_STR(class_node.u.constant));
8703 opline->extended_value = zend_alloc_cache_slot();
8704 } else {
8705 SET_NODE(opline->op2, &class_node);
8706 }
8707 }
8708 /* }}} */
8709
zend_compile_include_or_eval(znode * result,zend_ast * ast)8710 void zend_compile_include_or_eval(znode *result, zend_ast *ast) /* {{{ */
8711 {
8712 zend_ast *expr_ast = ast->child[0];
8713 znode expr_node;
8714 zend_op *opline;
8715
8716 zend_do_extended_fcall_begin();
8717 zend_compile_expr(&expr_node, expr_ast);
8718
8719 opline = zend_emit_op(result, ZEND_INCLUDE_OR_EVAL, &expr_node, NULL);
8720 opline->extended_value = ast->attr;
8721
8722 zend_do_extended_fcall_end();
8723 }
8724 /* }}} */
8725
zend_compile_isset_or_empty(znode * result,zend_ast * ast)8726 void zend_compile_isset_or_empty(znode *result, zend_ast *ast) /* {{{ */
8727 {
8728 zend_ast *var_ast = ast->child[0];
8729
8730 znode var_node;
8731 zend_op *opline = NULL;
8732
8733 ZEND_ASSERT(ast->kind == ZEND_AST_ISSET || ast->kind == ZEND_AST_EMPTY);
8734
8735 if (!zend_is_variable(var_ast)) {
8736 if (ast->kind == ZEND_AST_EMPTY) {
8737 /* empty(expr) can be transformed to !expr */
8738 zend_ast *not_ast = zend_ast_create_ex(ZEND_AST_UNARY_OP, ZEND_BOOL_NOT, var_ast);
8739 zend_compile_expr(result, not_ast);
8740 return;
8741 } else {
8742 zend_error_noreturn(E_COMPILE_ERROR,
8743 "Cannot use isset() on the result of an expression "
8744 "(you can use \"null !== expression\" instead)");
8745 }
8746 }
8747
8748 zend_short_circuiting_mark_inner(var_ast);
8749 switch (var_ast->kind) {
8750 case ZEND_AST_VAR:
8751 if (is_this_fetch(var_ast)) {
8752 opline = zend_emit_op(result, ZEND_ISSET_ISEMPTY_THIS, NULL, NULL);
8753 CG(active_op_array)->fn_flags |= ZEND_ACC_USES_THIS;
8754 } else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
8755 opline = zend_emit_op(result, ZEND_ISSET_ISEMPTY_CV, &var_node, NULL);
8756 } else {
8757 opline = zend_compile_simple_var_no_cv(result, var_ast, BP_VAR_IS, 0);
8758 opline->opcode = ZEND_ISSET_ISEMPTY_VAR;
8759 }
8760 break;
8761 case ZEND_AST_DIM:
8762 opline = zend_compile_dim(result, var_ast, BP_VAR_IS);
8763 opline->opcode = ZEND_ISSET_ISEMPTY_DIM_OBJ;
8764 break;
8765 case ZEND_AST_PROP:
8766 case ZEND_AST_NULLSAFE_PROP:
8767 opline = zend_compile_prop(result, var_ast, BP_VAR_IS, 0);
8768 opline->opcode = ZEND_ISSET_ISEMPTY_PROP_OBJ;
8769 break;
8770 case ZEND_AST_STATIC_PROP:
8771 opline = zend_compile_static_prop(result, var_ast, BP_VAR_IS, 0, 0);
8772 opline->opcode = ZEND_ISSET_ISEMPTY_STATIC_PROP;
8773 break;
8774 EMPTY_SWITCH_DEFAULT_CASE()
8775 }
8776
8777 result->op_type = opline->result_type = IS_TMP_VAR;
8778 if (!(ast->kind == ZEND_AST_ISSET)) {
8779 opline->extended_value |= ZEND_ISEMPTY;
8780 }
8781 }
8782 /* }}} */
8783
zend_compile_silence(znode * result,zend_ast * ast)8784 void zend_compile_silence(znode *result, zend_ast *ast) /* {{{ */
8785 {
8786 zend_ast *expr_ast = ast->child[0];
8787 znode silence_node;
8788
8789 zend_emit_op_tmp(&silence_node, ZEND_BEGIN_SILENCE, NULL, NULL);
8790
8791 if (expr_ast->kind == ZEND_AST_VAR) {
8792 /* For @$var we need to force a FETCH instruction, otherwise the CV access will
8793 * happen outside the silenced section. */
8794 zend_compile_simple_var_no_cv(result, expr_ast, BP_VAR_R, 0 );
8795 } else {
8796 zend_compile_expr(result, expr_ast);
8797 }
8798
8799 zend_emit_op(NULL, ZEND_END_SILENCE, &silence_node, NULL);
8800 }
8801 /* }}} */
8802
zend_compile_shell_exec(znode * result,zend_ast * ast)8803 void zend_compile_shell_exec(znode *result, zend_ast *ast) /* {{{ */
8804 {
8805 zend_ast *expr_ast = ast->child[0];
8806
8807 zval fn_name;
8808 zend_ast *name_ast, *args_ast, *call_ast;
8809
8810 ZVAL_STRING(&fn_name, "shell_exec");
8811 name_ast = zend_ast_create_zval(&fn_name);
8812 args_ast = zend_ast_create_list(1, ZEND_AST_ARG_LIST, expr_ast);
8813 call_ast = zend_ast_create(ZEND_AST_CALL, name_ast, args_ast);
8814
8815 zend_compile_expr(result, call_ast);
8816
8817 zval_ptr_dtor(&fn_name);
8818 }
8819 /* }}} */
8820
zend_compile_array(znode * result,zend_ast * ast)8821 void zend_compile_array(znode *result, zend_ast *ast) /* {{{ */
8822 {
8823 zend_ast_list *list = zend_ast_get_list(ast);
8824 zend_op *opline;
8825 uint32_t i, opnum_init = -1;
8826 zend_bool packed = 1;
8827
8828 if (zend_try_ct_eval_array(&result->u.constant, ast)) {
8829 result->op_type = IS_CONST;
8830 return;
8831 }
8832
8833 /* Empty arrays are handled at compile-time */
8834 ZEND_ASSERT(list->children > 0);
8835
8836 for (i = 0; i < list->children; ++i) {
8837 zend_ast *elem_ast = list->child[i];
8838 zend_ast *value_ast, *key_ast;
8839 zend_bool by_ref;
8840 znode value_node, key_node, *key_node_ptr = NULL;
8841
8842 if (elem_ast == NULL) {
8843 zend_error(E_COMPILE_ERROR, "Cannot use empty array elements in arrays");
8844 }
8845
8846 value_ast = elem_ast->child[0];
8847
8848 if (elem_ast->kind == ZEND_AST_UNPACK) {
8849 zend_compile_expr(&value_node, value_ast);
8850 if (i == 0) {
8851 opnum_init = get_next_op_number();
8852 opline = zend_emit_op_tmp(result, ZEND_INIT_ARRAY, NULL, NULL);
8853 }
8854 opline = zend_emit_op(NULL, ZEND_ADD_ARRAY_UNPACK, &value_node, NULL);
8855 SET_NODE(opline->result, result);
8856 continue;
8857 }
8858
8859 key_ast = elem_ast->child[1];
8860 by_ref = elem_ast->attr;
8861
8862 if (key_ast) {
8863 zend_compile_expr(&key_node, key_ast);
8864 zend_handle_numeric_op(&key_node);
8865 key_node_ptr = &key_node;
8866 }
8867
8868 if (by_ref) {
8869 zend_ensure_writable_variable(value_ast);
8870 zend_compile_var(&value_node, value_ast, BP_VAR_W, 1);
8871 } else {
8872 zend_compile_expr(&value_node, value_ast);
8873 }
8874
8875 if (i == 0) {
8876 opnum_init = get_next_op_number();
8877 opline = zend_emit_op_tmp(result, ZEND_INIT_ARRAY, &value_node, key_node_ptr);
8878 opline->extended_value = list->children << ZEND_ARRAY_SIZE_SHIFT;
8879 } else {
8880 opline = zend_emit_op(NULL, ZEND_ADD_ARRAY_ELEMENT,
8881 &value_node, key_node_ptr);
8882 SET_NODE(opline->result, result);
8883 }
8884 opline->extended_value |= by_ref;
8885
8886 if (key_ast && key_node.op_type == IS_CONST && Z_TYPE(key_node.u.constant) == IS_STRING) {
8887 packed = 0;
8888 }
8889 }
8890
8891 /* Add a flag to INIT_ARRAY if we know this array cannot be packed */
8892 if (!packed) {
8893 ZEND_ASSERT(opnum_init != (uint32_t)-1);
8894 opline = &CG(active_op_array)->opcodes[opnum_init];
8895 opline->extended_value |= ZEND_ARRAY_NOT_PACKED;
8896 }
8897 }
8898 /* }}} */
8899
zend_compile_const(znode * result,zend_ast * ast)8900 void zend_compile_const(znode *result, zend_ast *ast) /* {{{ */
8901 {
8902 zend_ast *name_ast = ast->child[0];
8903
8904 zend_op *opline;
8905
8906 zend_bool is_fully_qualified;
8907 zend_string *orig_name = zend_ast_get_str(name_ast);
8908 zend_string *resolved_name = zend_resolve_const_name(orig_name, name_ast->attr, &is_fully_qualified);
8909
8910 if (zend_string_equals_literal(resolved_name, "__COMPILER_HALT_OFFSET__") || (name_ast->attr != ZEND_NAME_RELATIVE && zend_string_equals_literal(orig_name, "__COMPILER_HALT_OFFSET__"))) {
8911 zend_ast *last = CG(ast);
8912
8913 while (last && last->kind == ZEND_AST_STMT_LIST) {
8914 zend_ast_list *list = zend_ast_get_list(last);
8915 if (list->children == 0) {
8916 break;
8917 }
8918 last = list->child[list->children-1];
8919 }
8920 if (last && last->kind == ZEND_AST_HALT_COMPILER) {
8921 result->op_type = IS_CONST;
8922 ZVAL_LONG(&result->u.constant, Z_LVAL_P(zend_ast_get_zval(last->child[0])));
8923 zend_string_release_ex(resolved_name, 0);
8924 return;
8925 }
8926 }
8927
8928 if (zend_try_ct_eval_const(&result->u.constant, resolved_name, is_fully_qualified)) {
8929 result->op_type = IS_CONST;
8930 zend_string_release_ex(resolved_name, 0);
8931 return;
8932 }
8933
8934 opline = zend_emit_op_tmp(result, ZEND_FETCH_CONSTANT, NULL, NULL);
8935 opline->op2_type = IS_CONST;
8936
8937 if (is_fully_qualified || !FC(current_namespace)) {
8938 opline->op2.constant = zend_add_const_name_literal(
8939 resolved_name, 0);
8940 } else {
8941 opline->op1.num = IS_CONSTANT_UNQUALIFIED_IN_NAMESPACE;
8942 opline->op2.constant = zend_add_const_name_literal(
8943 resolved_name, 1);
8944 }
8945 opline->extended_value = zend_alloc_cache_slot();
8946 }
8947 /* }}} */
8948
zend_compile_class_const(znode * result,zend_ast * ast)8949 void zend_compile_class_const(znode *result, zend_ast *ast) /* {{{ */
8950 {
8951 zend_ast *class_ast = ast->child[0];
8952 zend_ast *const_ast = ast->child[1];
8953
8954 znode class_node, const_node;
8955 zend_op *opline;
8956
8957 zend_eval_const_expr(&ast->child[0]);
8958 zend_eval_const_expr(&ast->child[1]);
8959
8960 class_ast = ast->child[0];
8961 const_ast = ast->child[1];
8962
8963 if (class_ast->kind == ZEND_AST_ZVAL) {
8964 zend_string *resolved_name;
8965
8966 resolved_name = zend_resolve_class_name_ast(class_ast);
8967 if (const_ast->kind == ZEND_AST_ZVAL && zend_try_ct_eval_class_const(&result->u.constant, resolved_name, zend_ast_get_str(const_ast))) {
8968 result->op_type = IS_CONST;
8969 zend_string_release_ex(resolved_name, 0);
8970 return;
8971 }
8972 zend_string_release_ex(resolved_name, 0);
8973 }
8974
8975 zend_compile_class_ref(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
8976
8977 zend_compile_expr(&const_node, const_ast);
8978
8979 opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_CONSTANT, NULL, &const_node);
8980
8981 zend_set_class_name_op1(opline, &class_node);
8982
8983 opline->extended_value = zend_alloc_cache_slots(2);
8984 }
8985 /* }}} */
8986
zend_compile_class_name(znode * result,zend_ast * ast)8987 void zend_compile_class_name(znode *result, zend_ast *ast) /* {{{ */
8988 {
8989 zend_ast *class_ast = ast->child[0];
8990
8991 if (zend_try_compile_const_expr_resolve_class_name(&result->u.constant, class_ast)) {
8992 result->op_type = IS_CONST;
8993 return;
8994 }
8995
8996 if (class_ast->kind == ZEND_AST_ZVAL) {
8997 zend_op *opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, NULL, NULL);
8998 opline->op1.num = zend_get_class_fetch_type(zend_ast_get_str(class_ast));
8999 } else {
9000 znode expr_node;
9001 zend_compile_expr(&expr_node, class_ast);
9002 if (expr_node.op_type == IS_CONST) {
9003 /* Unlikely case that happen if class_ast is constant folded.
9004 * Handle it here, to avoid needing a CONST specialization in the VM. */
9005 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"::class\" on value of type %s",
9006 zend_zval_type_name(&expr_node.u.constant));
9007 }
9008
9009 zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, &expr_node, NULL);
9010 }
9011 }
9012 /* }}} */
9013
zend_compile_rope_add_ex(zend_op * opline,znode * result,uint32_t num,znode * elem_node)9014 static zend_op *zend_compile_rope_add_ex(zend_op *opline, znode *result, uint32_t num, znode *elem_node) /* {{{ */
9015 {
9016 if (num == 0) {
9017 result->op_type = IS_TMP_VAR;
9018 result->u.op.var = -1;
9019 opline->opcode = ZEND_ROPE_INIT;
9020 } else {
9021 opline->opcode = ZEND_ROPE_ADD;
9022 SET_NODE(opline->op1, result);
9023 }
9024 SET_NODE(opline->op2, elem_node);
9025 SET_NODE(opline->result, result);
9026 opline->extended_value = num;
9027 return opline;
9028 }
9029 /* }}} */
9030
zend_compile_rope_add(znode * result,uint32_t num,znode * elem_node)9031 static zend_op *zend_compile_rope_add(znode *result, uint32_t num, znode *elem_node) /* {{{ */
9032 {
9033 zend_op *opline = get_next_op();
9034
9035 if (num == 0) {
9036 result->op_type = IS_TMP_VAR;
9037 result->u.op.var = -1;
9038 opline->opcode = ZEND_ROPE_INIT;
9039 } else {
9040 opline->opcode = ZEND_ROPE_ADD;
9041 SET_NODE(opline->op1, result);
9042 }
9043 SET_NODE(opline->op2, elem_node);
9044 SET_NODE(opline->result, result);
9045 opline->extended_value = num;
9046 return opline;
9047 }
9048 /* }}} */
9049
zend_compile_encaps_list(znode * result,zend_ast * ast)9050 static void zend_compile_encaps_list(znode *result, zend_ast *ast) /* {{{ */
9051 {
9052 uint32_t i, j;
9053 uint32_t rope_init_lineno = -1;
9054 zend_op *opline = NULL, *init_opline;
9055 znode elem_node, last_const_node;
9056 zend_ast_list *list = zend_ast_get_list(ast);
9057 uint32_t reserved_op_number = -1;
9058
9059 ZEND_ASSERT(list->children > 0);
9060
9061 j = 0;
9062 last_const_node.op_type = IS_UNUSED;
9063 for (i = 0; i < list->children; i++) {
9064 zend_compile_expr(&elem_node, list->child[i]);
9065
9066 if (elem_node.op_type == IS_CONST) {
9067 convert_to_string(&elem_node.u.constant);
9068
9069 if (Z_STRLEN(elem_node.u.constant) == 0) {
9070 zval_ptr_dtor(&elem_node.u.constant);
9071 } else if (last_const_node.op_type == IS_CONST) {
9072 concat_function(&last_const_node.u.constant, &last_const_node.u.constant, &elem_node.u.constant);
9073 zval_ptr_dtor(&elem_node.u.constant);
9074 } else {
9075 last_const_node.op_type = IS_CONST;
9076 ZVAL_COPY_VALUE(&last_const_node.u.constant, &elem_node.u.constant);
9077 /* Reserve place for ZEND_ROPE_ADD instruction */
9078 reserved_op_number = get_next_op_number();
9079 opline = get_next_op();
9080 opline->opcode = ZEND_NOP;
9081 }
9082 continue;
9083 } else {
9084 if (j == 0) {
9085 if (last_const_node.op_type == IS_CONST) {
9086 rope_init_lineno = reserved_op_number;
9087 } else {
9088 rope_init_lineno = get_next_op_number();
9089 }
9090 }
9091 if (last_const_node.op_type == IS_CONST) {
9092 opline = &CG(active_op_array)->opcodes[reserved_op_number];
9093 zend_compile_rope_add_ex(opline, result, j++, &last_const_node);
9094 last_const_node.op_type = IS_UNUSED;
9095 }
9096 opline = zend_compile_rope_add(result, j++, &elem_node);
9097 }
9098 }
9099
9100 if (j == 0) {
9101 result->op_type = IS_CONST;
9102 if (last_const_node.op_type == IS_CONST) {
9103 ZVAL_COPY_VALUE(&result->u.constant, &last_const_node.u.constant);
9104 } else {
9105 ZVAL_EMPTY_STRING(&result->u.constant);
9106 /* empty string */
9107 }
9108 CG(active_op_array)->last = reserved_op_number - 1;
9109 return;
9110 } else if (last_const_node.op_type == IS_CONST) {
9111 opline = &CG(active_op_array)->opcodes[reserved_op_number];
9112 opline = zend_compile_rope_add_ex(opline, result, j++, &last_const_node);
9113 }
9114 init_opline = CG(active_op_array)->opcodes + rope_init_lineno;
9115 if (j == 1) {
9116 if (opline->op2_type == IS_CONST) {
9117 GET_NODE(result, opline->op2);
9118 MAKE_NOP(opline);
9119 } else {
9120 opline->opcode = ZEND_CAST;
9121 opline->extended_value = IS_STRING;
9122 opline->op1_type = opline->op2_type;
9123 opline->op1 = opline->op2;
9124 SET_UNUSED(opline->op2);
9125 zend_make_tmp_result(result, opline);
9126 }
9127 } else if (j == 2) {
9128 opline->opcode = ZEND_FAST_CONCAT;
9129 opline->extended_value = 0;
9130 opline->op1_type = init_opline->op2_type;
9131 opline->op1 = init_opline->op2;
9132 zend_make_tmp_result(result, opline);
9133 MAKE_NOP(init_opline);
9134 } else {
9135 uint32_t var;
9136
9137 init_opline->extended_value = j;
9138 opline->opcode = ZEND_ROPE_END;
9139 zend_make_tmp_result(result, opline);
9140 var = opline->op1.var = get_temporary_variable();
9141
9142 /* Allocates the necessary number of zval slots to keep the rope */
9143 i = ((j * sizeof(zend_string*)) + (sizeof(zval) - 1)) / sizeof(zval);
9144 while (i > 1) {
9145 get_temporary_variable();
9146 i--;
9147 }
9148
9149 /* Update all the previous opcodes to use the same variable */
9150 while (opline != init_opline) {
9151 opline--;
9152 if (opline->opcode == ZEND_ROPE_ADD &&
9153 opline->result.var == (uint32_t)-1) {
9154 opline->op1.var = var;
9155 opline->result.var = var;
9156 } else if (opline->opcode == ZEND_ROPE_INIT &&
9157 opline->result.var == (uint32_t)-1) {
9158 opline->result.var = var;
9159 }
9160 }
9161 }
9162 }
9163 /* }}} */
9164
zend_compile_magic_const(znode * result,zend_ast * ast)9165 void zend_compile_magic_const(znode *result, zend_ast *ast) /* {{{ */
9166 {
9167 zend_op *opline;
9168
9169 if (zend_try_ct_eval_magic_const(&result->u.constant, ast)) {
9170 result->op_type = IS_CONST;
9171 return;
9172 }
9173
9174 ZEND_ASSERT(ast->attr == T_CLASS_C &&
9175 CG(active_class_entry) &&
9176 (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) != 0);
9177
9178 opline = zend_emit_op_tmp(result, ZEND_FETCH_CLASS_NAME, NULL, NULL);
9179 opline->op1.num = ZEND_FETCH_CLASS_SELF;
9180 }
9181 /* }}} */
9182
zend_is_allowed_in_const_expr(zend_ast_kind kind)9183 zend_bool zend_is_allowed_in_const_expr(zend_ast_kind kind) /* {{{ */
9184 {
9185 return kind == ZEND_AST_ZVAL || kind == ZEND_AST_BINARY_OP
9186 || kind == ZEND_AST_GREATER || kind == ZEND_AST_GREATER_EQUAL
9187 || kind == ZEND_AST_AND || kind == ZEND_AST_OR
9188 || kind == ZEND_AST_UNARY_OP
9189 || kind == ZEND_AST_UNARY_PLUS || kind == ZEND_AST_UNARY_MINUS
9190 || kind == ZEND_AST_CONDITIONAL || kind == ZEND_AST_DIM
9191 || kind == ZEND_AST_ARRAY || kind == ZEND_AST_ARRAY_ELEM
9192 || kind == ZEND_AST_UNPACK
9193 || kind == ZEND_AST_CONST || kind == ZEND_AST_CLASS_CONST
9194 || kind == ZEND_AST_CLASS_NAME
9195 || kind == ZEND_AST_MAGIC_CONST || kind == ZEND_AST_COALESCE;
9196 }
9197 /* }}} */
9198
zend_compile_const_expr_class_const(zend_ast ** ast_ptr)9199 void zend_compile_const_expr_class_const(zend_ast **ast_ptr) /* {{{ */
9200 {
9201 zend_ast *ast = *ast_ptr;
9202 zend_ast *class_ast = ast->child[0];
9203 zend_ast *const_ast = ast->child[1];
9204 zend_string *class_name;
9205 zend_string *const_name = zend_ast_get_str(const_ast);
9206 zend_string *name;
9207 int fetch_type;
9208
9209 if (class_ast->kind != ZEND_AST_ZVAL) {
9210 zend_error_noreturn(E_COMPILE_ERROR,
9211 "Dynamic class names are not allowed in compile-time class constant references");
9212 }
9213
9214 class_name = zend_ast_get_str(class_ast);
9215 fetch_type = zend_get_class_fetch_type(class_name);
9216
9217 if (ZEND_FETCH_CLASS_STATIC == fetch_type) {
9218 zend_error_noreturn(E_COMPILE_ERROR,
9219 "\"static::\" is not allowed in compile-time constants");
9220 }
9221
9222 if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
9223 class_name = zend_resolve_class_name_ast(class_ast);
9224 } else {
9225 zend_string_addref(class_name);
9226 }
9227
9228 name = zend_create_member_string(class_name, const_name);
9229
9230 zend_ast_destroy(ast);
9231 zend_string_release_ex(class_name, 0);
9232
9233 *ast_ptr = zend_ast_create_constant(name, fetch_type | ZEND_FETCH_CLASS_EXCEPTION);
9234 }
9235 /* }}} */
9236
zend_compile_const_expr_class_name(zend_ast ** ast_ptr)9237 void zend_compile_const_expr_class_name(zend_ast **ast_ptr) /* {{{ */
9238 {
9239 zend_ast *ast = *ast_ptr;
9240 zend_ast *class_ast = ast->child[0];
9241 if (class_ast->kind != ZEND_AST_ZVAL) {
9242 zend_error_noreturn(E_COMPILE_ERROR,
9243 "(expression)::class cannot be used in constant expressions");
9244 }
9245
9246 zend_string *class_name = zend_ast_get_str(class_ast);
9247 uint32_t fetch_type = zend_get_class_fetch_type(class_name);
9248
9249 switch (fetch_type) {
9250 case ZEND_FETCH_CLASS_SELF:
9251 case ZEND_FETCH_CLASS_PARENT:
9252 /* For the const-eval representation store the fetch type instead of the name. */
9253 zend_string_release(class_name);
9254 ast->child[0] = NULL;
9255 ast->attr = fetch_type;
9256 return;
9257 case ZEND_FETCH_CLASS_STATIC:
9258 zend_error_noreturn(E_COMPILE_ERROR,
9259 "static::class cannot be used for compile-time class name resolution");
9260 return;
9261 EMPTY_SWITCH_DEFAULT_CASE()
9262 }
9263 }
9264
zend_compile_const_expr_const(zend_ast ** ast_ptr)9265 void zend_compile_const_expr_const(zend_ast **ast_ptr) /* {{{ */
9266 {
9267 zend_ast *ast = *ast_ptr;
9268 zend_ast *name_ast = ast->child[0];
9269 zend_string *orig_name = zend_ast_get_str(name_ast);
9270 zend_bool is_fully_qualified;
9271 zval result;
9272 zend_string *resolved_name;
9273
9274 resolved_name = zend_resolve_const_name(
9275 orig_name, name_ast->attr, &is_fully_qualified);
9276
9277 if (zend_try_ct_eval_const(&result, resolved_name, is_fully_qualified)) {
9278 zend_string_release_ex(resolved_name, 0);
9279 zend_ast_destroy(ast);
9280 *ast_ptr = zend_ast_create_zval(&result);
9281 return;
9282 }
9283
9284 zend_ast_destroy(ast);
9285 *ast_ptr = zend_ast_create_constant(resolved_name,
9286 !is_fully_qualified && FC(current_namespace) ? IS_CONSTANT_UNQUALIFIED_IN_NAMESPACE : 0);
9287 }
9288 /* }}} */
9289
zend_compile_const_expr_magic_const(zend_ast ** ast_ptr)9290 void zend_compile_const_expr_magic_const(zend_ast **ast_ptr) /* {{{ */
9291 {
9292 zend_ast *ast = *ast_ptr;
9293
9294 /* Other cases already resolved by constant folding */
9295 ZEND_ASSERT(ast->attr == T_CLASS_C);
9296
9297 zend_ast_destroy(ast);
9298 *ast_ptr = zend_ast_create(ZEND_AST_CONSTANT_CLASS);
9299 }
9300 /* }}} */
9301
zend_compile_const_expr(zend_ast ** ast_ptr)9302 void zend_compile_const_expr(zend_ast **ast_ptr) /* {{{ */
9303 {
9304 zend_ast *ast = *ast_ptr;
9305 if (ast == NULL || ast->kind == ZEND_AST_ZVAL) {
9306 return;
9307 }
9308
9309 if (!zend_is_allowed_in_const_expr(ast->kind)) {
9310 zend_error_noreturn(E_COMPILE_ERROR, "Constant expression contains invalid operations");
9311 }
9312
9313 switch (ast->kind) {
9314 case ZEND_AST_CLASS_CONST:
9315 zend_compile_const_expr_class_const(ast_ptr);
9316 break;
9317 case ZEND_AST_CLASS_NAME:
9318 zend_compile_const_expr_class_name(ast_ptr);
9319 break;
9320 case ZEND_AST_CONST:
9321 zend_compile_const_expr_const(ast_ptr);
9322 break;
9323 case ZEND_AST_MAGIC_CONST:
9324 zend_compile_const_expr_magic_const(ast_ptr);
9325 break;
9326 default:
9327 zend_ast_apply(ast, zend_compile_const_expr);
9328 break;
9329 }
9330 }
9331 /* }}} */
9332
zend_const_expr_to_zval(zval * result,zend_ast ** ast_ptr)9333 void zend_const_expr_to_zval(zval *result, zend_ast **ast_ptr) /* {{{ */
9334 {
9335 zend_eval_const_expr(ast_ptr);
9336 zend_compile_const_expr(ast_ptr);
9337 if ((*ast_ptr)->kind != ZEND_AST_ZVAL) {
9338 /* Replace with compiled AST zval representation. */
9339 zval ast_zv;
9340 ZVAL_AST(&ast_zv, zend_ast_copy(*ast_ptr));
9341 zend_ast_destroy(*ast_ptr);
9342 *ast_ptr = zend_ast_create_zval(&ast_zv);
9343 }
9344 ZVAL_COPY(result, zend_ast_get_zval(*ast_ptr));
9345 }
9346 /* }}} */
9347
9348 /* Same as compile_stmt, but with early binding */
zend_compile_top_stmt(zend_ast * ast)9349 void zend_compile_top_stmt(zend_ast *ast) /* {{{ */
9350 {
9351 if (!ast) {
9352 return;
9353 }
9354
9355 if (ast->kind == ZEND_AST_STMT_LIST) {
9356 zend_ast_list *list = zend_ast_get_list(ast);
9357 uint32_t i;
9358 for (i = 0; i < list->children; ++i) {
9359 zend_compile_top_stmt(list->child[i]);
9360 }
9361 return;
9362 }
9363
9364 if (ast->kind == ZEND_AST_FUNC_DECL) {
9365 CG(zend_lineno) = ast->lineno;
9366 zend_compile_func_decl(NULL, ast, 1);
9367 CG(zend_lineno) = ((zend_ast_decl *) ast)->end_lineno;
9368 } else if (ast->kind == ZEND_AST_CLASS) {
9369 CG(zend_lineno) = ast->lineno;
9370 zend_compile_class_decl(NULL, ast, 1);
9371 CG(zend_lineno) = ((zend_ast_decl *) ast)->end_lineno;
9372 } else {
9373 zend_compile_stmt(ast);
9374 }
9375 if (ast->kind != ZEND_AST_NAMESPACE && ast->kind != ZEND_AST_HALT_COMPILER) {
9376 zend_verify_namespace();
9377 }
9378 }
9379 /* }}} */
9380
zend_compile_stmt(zend_ast * ast)9381 void zend_compile_stmt(zend_ast *ast) /* {{{ */
9382 {
9383 if (!ast) {
9384 return;
9385 }
9386
9387 CG(zend_lineno) = ast->lineno;
9388
9389 if ((CG(compiler_options) & ZEND_COMPILE_EXTENDED_STMT) && !zend_is_unticked_stmt(ast)) {
9390 zend_do_extended_stmt();
9391 }
9392
9393 switch (ast->kind) {
9394 case ZEND_AST_STMT_LIST:
9395 zend_compile_stmt_list(ast);
9396 break;
9397 case ZEND_AST_GLOBAL:
9398 zend_compile_global_var(ast);
9399 break;
9400 case ZEND_AST_STATIC:
9401 zend_compile_static_var(ast);
9402 break;
9403 case ZEND_AST_UNSET:
9404 zend_compile_unset(ast);
9405 break;
9406 case ZEND_AST_RETURN:
9407 zend_compile_return(ast);
9408 break;
9409 case ZEND_AST_ECHO:
9410 zend_compile_echo(ast);
9411 break;
9412 case ZEND_AST_BREAK:
9413 case ZEND_AST_CONTINUE:
9414 zend_compile_break_continue(ast);
9415 break;
9416 case ZEND_AST_GOTO:
9417 zend_compile_goto(ast);
9418 break;
9419 case ZEND_AST_LABEL:
9420 zend_compile_label(ast);
9421 break;
9422 case ZEND_AST_WHILE:
9423 zend_compile_while(ast);
9424 break;
9425 case ZEND_AST_DO_WHILE:
9426 zend_compile_do_while(ast);
9427 break;
9428 case ZEND_AST_FOR:
9429 zend_compile_for(ast);
9430 break;
9431 case ZEND_AST_FOREACH:
9432 zend_compile_foreach(ast);
9433 break;
9434 case ZEND_AST_IF:
9435 zend_compile_if(ast);
9436 break;
9437 case ZEND_AST_SWITCH:
9438 zend_compile_switch(ast);
9439 break;
9440 case ZEND_AST_TRY:
9441 zend_compile_try(ast);
9442 break;
9443 case ZEND_AST_DECLARE:
9444 zend_compile_declare(ast);
9445 break;
9446 case ZEND_AST_FUNC_DECL:
9447 case ZEND_AST_METHOD:
9448 zend_compile_func_decl(NULL, ast, 0);
9449 break;
9450 case ZEND_AST_PROP_GROUP:
9451 zend_compile_prop_group(ast);
9452 break;
9453 case ZEND_AST_CLASS_CONST_GROUP:
9454 zend_compile_class_const_group(ast);
9455 break;
9456 case ZEND_AST_USE_TRAIT:
9457 zend_compile_use_trait(ast);
9458 break;
9459 case ZEND_AST_CLASS:
9460 zend_compile_class_decl(NULL, ast, 0);
9461 break;
9462 case ZEND_AST_GROUP_USE:
9463 zend_compile_group_use(ast);
9464 break;
9465 case ZEND_AST_USE:
9466 zend_compile_use(ast);
9467 break;
9468 case ZEND_AST_CONST_DECL:
9469 zend_compile_const_decl(ast);
9470 break;
9471 case ZEND_AST_NAMESPACE:
9472 zend_compile_namespace(ast);
9473 break;
9474 case ZEND_AST_HALT_COMPILER:
9475 zend_compile_halt_compiler(ast);
9476 break;
9477 case ZEND_AST_THROW:
9478 zend_compile_expr(NULL, ast);
9479 break;
9480 default:
9481 {
9482 znode result;
9483 zend_compile_expr(&result, ast);
9484 zend_do_free(&result);
9485 }
9486 }
9487
9488 if (FC(declarables).ticks && !zend_is_unticked_stmt(ast)) {
9489 zend_emit_tick();
9490 }
9491 }
9492 /* }}} */
9493
zend_compile_expr_inner(znode * result,zend_ast * ast)9494 static void zend_compile_expr_inner(znode *result, zend_ast *ast) /* {{{ */
9495 {
9496 /* CG(zend_lineno) = ast->lineno; */
9497 CG(zend_lineno) = zend_ast_get_lineno(ast);
9498
9499 if (CG(memoize_mode) != ZEND_MEMOIZE_NONE) {
9500 zend_compile_memoized_expr(result, ast);
9501 return;
9502 }
9503
9504 switch (ast->kind) {
9505 case ZEND_AST_ZVAL:
9506 ZVAL_COPY(&result->u.constant, zend_ast_get_zval(ast));
9507 result->op_type = IS_CONST;
9508 return;
9509 case ZEND_AST_ZNODE:
9510 *result = *zend_ast_get_znode(ast);
9511 return;
9512 case ZEND_AST_VAR:
9513 case ZEND_AST_DIM:
9514 case ZEND_AST_PROP:
9515 case ZEND_AST_NULLSAFE_PROP:
9516 case ZEND_AST_STATIC_PROP:
9517 case ZEND_AST_CALL:
9518 case ZEND_AST_METHOD_CALL:
9519 case ZEND_AST_NULLSAFE_METHOD_CALL:
9520 case ZEND_AST_STATIC_CALL:
9521 zend_compile_var(result, ast, BP_VAR_R, 0);
9522 return;
9523 case ZEND_AST_ASSIGN:
9524 zend_compile_assign(result, ast);
9525 return;
9526 case ZEND_AST_ASSIGN_REF:
9527 zend_compile_assign_ref(result, ast);
9528 return;
9529 case ZEND_AST_NEW:
9530 zend_compile_new(result, ast);
9531 return;
9532 case ZEND_AST_CLONE:
9533 zend_compile_clone(result, ast);
9534 return;
9535 case ZEND_AST_ASSIGN_OP:
9536 zend_compile_compound_assign(result, ast);
9537 return;
9538 case ZEND_AST_BINARY_OP:
9539 zend_compile_binary_op(result, ast);
9540 return;
9541 case ZEND_AST_GREATER:
9542 case ZEND_AST_GREATER_EQUAL:
9543 zend_compile_greater(result, ast);
9544 return;
9545 case ZEND_AST_UNARY_OP:
9546 zend_compile_unary_op(result, ast);
9547 return;
9548 case ZEND_AST_UNARY_PLUS:
9549 case ZEND_AST_UNARY_MINUS:
9550 zend_compile_unary_pm(result, ast);
9551 return;
9552 case ZEND_AST_AND:
9553 case ZEND_AST_OR:
9554 zend_compile_short_circuiting(result, ast);
9555 return;
9556 case ZEND_AST_POST_INC:
9557 case ZEND_AST_POST_DEC:
9558 zend_compile_post_incdec(result, ast);
9559 return;
9560 case ZEND_AST_PRE_INC:
9561 case ZEND_AST_PRE_DEC:
9562 zend_compile_pre_incdec(result, ast);
9563 return;
9564 case ZEND_AST_CAST:
9565 zend_compile_cast(result, ast);
9566 return;
9567 case ZEND_AST_CONDITIONAL:
9568 zend_compile_conditional(result, ast);
9569 return;
9570 case ZEND_AST_COALESCE:
9571 zend_compile_coalesce(result, ast);
9572 return;
9573 case ZEND_AST_ASSIGN_COALESCE:
9574 zend_compile_assign_coalesce(result, ast);
9575 return;
9576 case ZEND_AST_PRINT:
9577 zend_compile_print(result, ast);
9578 return;
9579 case ZEND_AST_EXIT:
9580 zend_compile_exit(result, ast);
9581 return;
9582 case ZEND_AST_YIELD:
9583 zend_compile_yield(result, ast);
9584 return;
9585 case ZEND_AST_YIELD_FROM:
9586 zend_compile_yield_from(result, ast);
9587 return;
9588 case ZEND_AST_INSTANCEOF:
9589 zend_compile_instanceof(result, ast);
9590 return;
9591 case ZEND_AST_INCLUDE_OR_EVAL:
9592 zend_compile_include_or_eval(result, ast);
9593 return;
9594 case ZEND_AST_ISSET:
9595 case ZEND_AST_EMPTY:
9596 zend_compile_isset_or_empty(result, ast);
9597 return;
9598 case ZEND_AST_SILENCE:
9599 zend_compile_silence(result, ast);
9600 return;
9601 case ZEND_AST_SHELL_EXEC:
9602 zend_compile_shell_exec(result, ast);
9603 return;
9604 case ZEND_AST_ARRAY:
9605 zend_compile_array(result, ast);
9606 return;
9607 case ZEND_AST_CONST:
9608 zend_compile_const(result, ast);
9609 return;
9610 case ZEND_AST_CLASS_CONST:
9611 zend_compile_class_const(result, ast);
9612 return;
9613 case ZEND_AST_CLASS_NAME:
9614 zend_compile_class_name(result, ast);
9615 return;
9616 case ZEND_AST_ENCAPS_LIST:
9617 zend_compile_encaps_list(result, ast);
9618 return;
9619 case ZEND_AST_MAGIC_CONST:
9620 zend_compile_magic_const(result, ast);
9621 return;
9622 case ZEND_AST_CLOSURE:
9623 case ZEND_AST_ARROW_FUNC:
9624 zend_compile_func_decl(result, ast, 0);
9625 return;
9626 case ZEND_AST_THROW:
9627 zend_compile_throw(result, ast);
9628 return;
9629 case ZEND_AST_MATCH:
9630 zend_compile_match(result, ast);
9631 return;
9632 default:
9633 ZEND_ASSERT(0 /* not supported */);
9634 }
9635 }
9636 /* }}} */
9637
zend_compile_expr(znode * result,zend_ast * ast)9638 void zend_compile_expr(znode *result, zend_ast *ast)
9639 {
9640 uint32_t checkpoint = zend_short_circuiting_checkpoint();
9641 zend_compile_expr_inner(result, ast);
9642 zend_short_circuiting_commit(checkpoint, result, ast);
9643 }
9644
zend_compile_var_inner(znode * result,zend_ast * ast,uint32_t type,bool by_ref)9645 static zend_op *zend_compile_var_inner(znode *result, zend_ast *ast, uint32_t type, bool by_ref)
9646 {
9647 CG(zend_lineno) = zend_ast_get_lineno(ast);
9648
9649 switch (ast->kind) {
9650 case ZEND_AST_VAR:
9651 return zend_compile_simple_var(result, ast, type, 0);
9652 case ZEND_AST_DIM:
9653 return zend_compile_dim(result, ast, type);
9654 case ZEND_AST_PROP:
9655 case ZEND_AST_NULLSAFE_PROP:
9656 return zend_compile_prop(result, ast, type, by_ref);
9657 case ZEND_AST_STATIC_PROP:
9658 return zend_compile_static_prop(result, ast, type, by_ref, 0);
9659 case ZEND_AST_CALL:
9660 zend_compile_call(result, ast, type);
9661 return NULL;
9662 case ZEND_AST_METHOD_CALL:
9663 case ZEND_AST_NULLSAFE_METHOD_CALL:
9664 zend_compile_method_call(result, ast, type);
9665 return NULL;
9666 case ZEND_AST_STATIC_CALL:
9667 zend_compile_static_call(result, ast, type);
9668 return NULL;
9669 case ZEND_AST_ZNODE:
9670 *result = *zend_ast_get_znode(ast);
9671 return NULL;
9672 default:
9673 if (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET) {
9674 zend_error_noreturn(E_COMPILE_ERROR,
9675 "Cannot use temporary expression in write context");
9676 }
9677
9678 zend_compile_expr(result, ast);
9679 return NULL;
9680 }
9681 }
9682
zend_compile_var(znode * result,zend_ast * ast,uint32_t type,bool by_ref)9683 zend_op *zend_compile_var(znode *result, zend_ast *ast, uint32_t type, bool by_ref) /* {{{ */
9684 {
9685 uint32_t checkpoint = zend_short_circuiting_checkpoint();
9686 zend_op *opcode = zend_compile_var_inner(result, ast, type, by_ref);
9687 zend_short_circuiting_commit(checkpoint, result, ast);
9688 return opcode;
9689 }
9690
zend_delayed_compile_var(znode * result,zend_ast * ast,uint32_t type,zend_bool by_ref)9691 zend_op *zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type, zend_bool by_ref) /* {{{ */
9692 {
9693 switch (ast->kind) {
9694 case ZEND_AST_VAR:
9695 return zend_compile_simple_var(result, ast, type, 1);
9696 case ZEND_AST_DIM:
9697 return zend_delayed_compile_dim(result, ast, type);
9698 case ZEND_AST_PROP:
9699 case ZEND_AST_NULLSAFE_PROP:
9700 {
9701 zend_op *opline = zend_delayed_compile_prop(result, ast, type);
9702 if (by_ref) {
9703 opline->extended_value |= ZEND_FETCH_REF;
9704 }
9705 return opline;
9706 }
9707 case ZEND_AST_STATIC_PROP:
9708 return zend_compile_static_prop(result, ast, type, by_ref, 1);
9709 default:
9710 return zend_compile_var(result, ast, type, 0);
9711 }
9712 }
9713 /* }}} */
9714
zend_eval_const_expr(zend_ast ** ast_ptr)9715 void zend_eval_const_expr(zend_ast **ast_ptr) /* {{{ */
9716 {
9717 zend_ast *ast = *ast_ptr;
9718 zval result;
9719
9720 if (!ast) {
9721 return;
9722 }
9723
9724 switch (ast->kind) {
9725 case ZEND_AST_BINARY_OP:
9726 zend_eval_const_expr(&ast->child[0]);
9727 zend_eval_const_expr(&ast->child[1]);
9728 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
9729 return;
9730 }
9731
9732 if (!zend_try_ct_eval_binary_op(&result, ast->attr,
9733 zend_ast_get_zval(ast->child[0]), zend_ast_get_zval(ast->child[1]))
9734 ) {
9735 return;
9736 }
9737 break;
9738 case ZEND_AST_GREATER:
9739 case ZEND_AST_GREATER_EQUAL:
9740 zend_eval_const_expr(&ast->child[0]);
9741 zend_eval_const_expr(&ast->child[1]);
9742 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
9743 return;
9744 }
9745
9746 zend_ct_eval_greater(&result, ast->kind,
9747 zend_ast_get_zval(ast->child[0]), zend_ast_get_zval(ast->child[1]));
9748 break;
9749 case ZEND_AST_AND:
9750 case ZEND_AST_OR:
9751 {
9752 zend_bool child0_is_true, child1_is_true;
9753 zend_eval_const_expr(&ast->child[0]);
9754 zend_eval_const_expr(&ast->child[1]);
9755 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
9756 return;
9757 }
9758
9759 child0_is_true = zend_is_true(zend_ast_get_zval(ast->child[0]));
9760 if (child0_is_true == (ast->kind == ZEND_AST_OR)) {
9761 ZVAL_BOOL(&result, ast->kind == ZEND_AST_OR);
9762 break;
9763 }
9764
9765 if (ast->child[1]->kind != ZEND_AST_ZVAL) {
9766 return;
9767 }
9768
9769 child1_is_true = zend_is_true(zend_ast_get_zval(ast->child[1]));
9770 if (ast->kind == ZEND_AST_OR) {
9771 ZVAL_BOOL(&result, child0_is_true || child1_is_true);
9772 } else {
9773 ZVAL_BOOL(&result, child0_is_true && child1_is_true);
9774 }
9775 break;
9776 }
9777 case ZEND_AST_UNARY_OP:
9778 zend_eval_const_expr(&ast->child[0]);
9779 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
9780 return;
9781 }
9782
9783 if (!zend_try_ct_eval_unary_op(&result, ast->attr, zend_ast_get_zval(ast->child[0]))) {
9784 return;
9785 }
9786 break;
9787 case ZEND_AST_UNARY_PLUS:
9788 case ZEND_AST_UNARY_MINUS:
9789 zend_eval_const_expr(&ast->child[0]);
9790 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
9791 return;
9792 }
9793
9794 if (!zend_try_ct_eval_unary_pm(&result, ast->kind, zend_ast_get_zval(ast->child[0]))) {
9795 return;
9796 }
9797 break;
9798 case ZEND_AST_COALESCE:
9799 /* Set isset fetch indicator here, opcache disallows runtime altering of the AST */
9800 if (ast->child[0]->kind == ZEND_AST_DIM) {
9801 ast->child[0]->attr |= ZEND_DIM_IS;
9802 }
9803 zend_eval_const_expr(&ast->child[0]);
9804
9805 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
9806 /* ensure everything was compile-time evaluated at least once */
9807 zend_eval_const_expr(&ast->child[1]);
9808 return;
9809 }
9810
9811 if (Z_TYPE_P(zend_ast_get_zval(ast->child[0])) == IS_NULL) {
9812 zend_eval_const_expr(&ast->child[1]);
9813 *ast_ptr = ast->child[1];
9814 ast->child[1] = NULL;
9815 zend_ast_destroy(ast);
9816 } else {
9817 *ast_ptr = ast->child[0];
9818 ast->child[0] = NULL;
9819 zend_ast_destroy(ast);
9820 }
9821 return;
9822 case ZEND_AST_CONDITIONAL:
9823 {
9824 zend_ast **child, *child_ast;
9825 zend_eval_const_expr(&ast->child[0]);
9826 if (ast->child[0]->kind != ZEND_AST_ZVAL) {
9827 /* ensure everything was compile-time evaluated at least once */
9828 if (ast->child[1]) {
9829 zend_eval_const_expr(&ast->child[1]);
9830 }
9831 zend_eval_const_expr(&ast->child[2]);
9832 return;
9833 }
9834
9835 child = &ast->child[2 - zend_is_true(zend_ast_get_zval(ast->child[0]))];
9836 if (*child == NULL) {
9837 child--;
9838 }
9839 child_ast = *child;
9840 *child = NULL;
9841 zend_ast_destroy(ast);
9842 *ast_ptr = child_ast;
9843 zend_eval_const_expr(ast_ptr);
9844 return;
9845 }
9846 case ZEND_AST_DIM:
9847 {
9848 /* constant expression should be always read context ... */
9849 zval *container, *dim;
9850
9851 if (ast->child[1] == NULL) {
9852 zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
9853 }
9854
9855 if (ast->attr & ZEND_DIM_ALTERNATIVE_SYNTAX) {
9856 ast->attr &= ~ZEND_DIM_ALTERNATIVE_SYNTAX; /* remove flag to avoid duplicate warning */
9857 zend_error(E_COMPILE_ERROR, "Array and string offset access syntax with curly braces is no longer supported");
9858 }
9859
9860 /* Set isset fetch indicator here, opcache disallows runtime altering of the AST */
9861 if ((ast->attr & ZEND_DIM_IS) && ast->child[0]->kind == ZEND_AST_DIM) {
9862 ast->child[0]->attr |= ZEND_DIM_IS;
9863 }
9864
9865 zend_eval_const_expr(&ast->child[0]);
9866 zend_eval_const_expr(&ast->child[1]);
9867 if (ast->child[0]->kind != ZEND_AST_ZVAL || ast->child[1]->kind != ZEND_AST_ZVAL) {
9868 return;
9869 }
9870
9871 container = zend_ast_get_zval(ast->child[0]);
9872 dim = zend_ast_get_zval(ast->child[1]);
9873
9874 if (Z_TYPE_P(container) == IS_ARRAY) {
9875 zval *el;
9876 if (Z_TYPE_P(dim) == IS_LONG) {
9877 el = zend_hash_index_find(Z_ARR_P(container), Z_LVAL_P(dim));
9878 if (el) {
9879 ZVAL_COPY(&result, el);
9880 } else {
9881 return;
9882 }
9883 } else if (Z_TYPE_P(dim) == IS_STRING) {
9884 el = zend_symtable_find(Z_ARR_P(container), Z_STR_P(dim));
9885 if (el) {
9886 ZVAL_COPY(&result, el);
9887 } else {
9888 return;
9889 }
9890 } else {
9891 return; /* warning... handle at runtime */
9892 }
9893 } else if (Z_TYPE_P(container) == IS_STRING) {
9894 zend_long offset;
9895 zend_uchar c;
9896 if (Z_TYPE_P(dim) == IS_LONG) {
9897 offset = Z_LVAL_P(dim);
9898 } else if (Z_TYPE_P(dim) != IS_STRING || is_numeric_string(Z_STRVAL_P(dim), Z_STRLEN_P(dim), &offset, NULL, 1) != IS_LONG) {
9899 return;
9900 }
9901 if (offset < 0 || (size_t)offset >= Z_STRLEN_P(container)) {
9902 return;
9903 }
9904 c = (zend_uchar) Z_STRVAL_P(container)[offset];
9905 ZVAL_CHAR(&result, c);
9906 } else if (Z_TYPE_P(container) <= IS_FALSE) {
9907 ZVAL_NULL(&result);
9908 } else {
9909 return;
9910 }
9911 break;
9912 }
9913 case ZEND_AST_ARRAY:
9914 if (!zend_try_ct_eval_array(&result, ast)) {
9915 return;
9916 }
9917 break;
9918 case ZEND_AST_MAGIC_CONST:
9919 if (!zend_try_ct_eval_magic_const(&result, ast)) {
9920 return;
9921 }
9922 break;
9923 case ZEND_AST_CONST:
9924 {
9925 zend_ast *name_ast = ast->child[0];
9926 zend_bool is_fully_qualified;
9927 zend_string *resolved_name = zend_resolve_const_name(
9928 zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
9929
9930 if (!zend_try_ct_eval_const(&result, resolved_name, is_fully_qualified)) {
9931 zend_string_release_ex(resolved_name, 0);
9932 return;
9933 }
9934
9935 zend_string_release_ex(resolved_name, 0);
9936 break;
9937 }
9938 case ZEND_AST_CLASS_CONST:
9939 {
9940 zend_ast *class_ast;
9941 zend_ast *name_ast;
9942 zend_string *resolved_name;
9943
9944 zend_eval_const_expr(&ast->child[0]);
9945 zend_eval_const_expr(&ast->child[1]);
9946
9947 class_ast = ast->child[0];
9948 name_ast = ast->child[1];
9949
9950 if (class_ast->kind != ZEND_AST_ZVAL || name_ast->kind != ZEND_AST_ZVAL) {
9951 return;
9952 }
9953
9954 resolved_name = zend_resolve_class_name_ast(class_ast);
9955
9956 if (!zend_try_ct_eval_class_const(&result, resolved_name, zend_ast_get_str(name_ast))) {
9957 zend_string_release_ex(resolved_name, 0);
9958 return;
9959 }
9960
9961 zend_string_release_ex(resolved_name, 0);
9962 break;
9963 }
9964 case ZEND_AST_CLASS_NAME:
9965 {
9966 zend_ast *class_ast = ast->child[0];
9967 if (!zend_try_compile_const_expr_resolve_class_name(&result, class_ast)) {
9968 return;
9969 }
9970 break;
9971 }
9972 default:
9973 return;
9974 }
9975
9976 zend_ast_destroy(ast);
9977 *ast_ptr = zend_ast_create_zval(&result);
9978 }
9979 /* }}} */
9980