1/*
2   +----------------------------------------------------------------------+
3   | Zend Engine                                                          |
4   +----------------------------------------------------------------------+
5   | Copyright (c) 1998-2018 Zend Technologies Ltd. (http://www.zend.com) |
6   +----------------------------------------------------------------------+
7   | This source file is subject to version 2.00 of the Zend license,     |
8   | that is bundled with this package in the file LICENSE, and is        |
9   | available through the world-wide-web at the following url:           |
10   | http://www.zend.com/license/2_00.txt.                                |
11   | If you did not receive a copy of the Zend license and are unable to  |
12   | obtain it through the world-wide-web, please send a note to          |
13   | license@zend.com so we can mail you a copy immediately.              |
14   +----------------------------------------------------------------------+
15   | Authors: Andi Gutmans <andi@php.net>                                 |
16   |          Zeev Suraski <zeev@php.net>                                 |
17   |          Nikita Popov <nikic@php.net>                                |
18   +----------------------------------------------------------------------+
19*/
20
21#include <zend_language_parser.h>
22#include "zend.h"
23#include "zend_compile.h"
24#include "zend_constants.h"
25#include "zend_llist.h"
26#include "zend_API.h"
27#include "zend_exceptions.h"
28#include "zend_interfaces.h"
29#include "zend_virtual_cwd.h"
30#include "zend_multibyte.h"
31#include "zend_language_scanner.h"
32#include "zend_inheritance.h"
33#include "zend_vm.h"
34
35#define SET_NODE(target, src) do { \
36		target ## _type = (src)->op_type; \
37		if ((src)->op_type == IS_CONST) { \
38			target.constant = zend_add_literal(CG(active_op_array), &(src)->u.constant); \
39		} else { \
40			target = (src)->u.op; \
41		} \
42	} while (0)
43
44#define GET_NODE(target, src) do { \
45		(target)->op_type = src ## _type; \
46		if ((target)->op_type == IS_CONST) { \
47			ZVAL_COPY_VALUE(&(target)->u.constant, CT_CONSTANT(src)); \
48		} else { \
49			(target)->u.op = src; \
50		} \
51	} while (0)
52
53#define FC(member) (CG(file_context).member)
54
55typedef struct _zend_loop_var {
56	zend_uchar opcode;
57	zend_uchar var_type;
58	uint32_t   var_num;
59	union {
60		uint32_t try_catch_offset;
61		uint32_t live_range_offset;
62	} u;
63} zend_loop_var;
64
65static inline uint32_t zend_alloc_cache_slot(void) {
66	zend_op_array *op_array = CG(active_op_array);
67	uint32_t ret = op_array->cache_size;
68	op_array->cache_size += sizeof(void*);
69	return ret;
70}
71
72#define POLYMORPHIC_CACHE_SLOT_SIZE 2
73
74static inline uint32_t zend_alloc_polymorphic_cache_slot(void) {
75	zend_op_array *op_array = CG(active_op_array);
76	uint32_t ret = op_array->cache_size;
77	op_array->cache_size += POLYMORPHIC_CACHE_SLOT_SIZE * sizeof(void*);
78	return ret;
79}
80
81ZEND_API zend_op_array *(*zend_compile_file)(zend_file_handle *file_handle, int type);
82ZEND_API zend_op_array *(*zend_compile_string)(zval *source_string, char *filename);
83
84#ifndef ZTS
85ZEND_API zend_compiler_globals compiler_globals;
86ZEND_API zend_executor_globals executor_globals;
87#endif
88
89static zend_op *zend_emit_op(znode *result, zend_uchar opcode, znode *op1, znode *op2);
90static zend_bool zend_try_ct_eval_array(zval *result, zend_ast *ast);
91
92static void init_op(zend_op *op)
93{
94	MAKE_NOP(op);
95	op->extended_value = 0;
96	op->lineno = CG(zend_lineno);
97}
98
99static zend_op *get_next_op(zend_op_array *op_array)
100{
101	uint32_t next_op_num = op_array->last++;
102	zend_op *next_op;
103
104	if (UNEXPECTED(next_op_num >= CG(context).opcodes_size)) {
105		CG(context).opcodes_size *= 4;
106		op_array->opcodes = erealloc(op_array->opcodes, CG(context).opcodes_size * sizeof(zend_op));
107	}
108
109	next_op = &(op_array->opcodes[next_op_num]);
110
111	init_op(next_op);
112
113	return next_op;
114}
115
116static zend_brk_cont_element *get_next_brk_cont_element(void)
117{
118	CG(context).last_brk_cont++;
119	CG(context).brk_cont_array = erealloc(CG(context).brk_cont_array, sizeof(zend_brk_cont_element) * CG(context).last_brk_cont);
120	return &CG(context).brk_cont_array[CG(context).last_brk_cont-1];
121}
122
123static void zend_destroy_property_info_internal(zval *zv) /* {{{ */
124{
125	zend_property_info *property_info = Z_PTR_P(zv);
126
127	zend_string_release_ex(property_info->name, 1);
128	free(property_info);
129}
130/* }}} */
131
132static zend_string *zend_build_runtime_definition_key(zend_string *name, unsigned char *lex_pos) /* {{{ */
133{
134	zend_string *result;
135	char char_pos_buf[32];
136	size_t char_pos_len = zend_sprintf(char_pos_buf, "%p", lex_pos);
137	zend_string *filename = CG(active_op_array)->filename;
138
139	/* NULL, name length, filename length, last accepting char position length */
140	result = zend_string_alloc(1 + ZSTR_LEN(name) + ZSTR_LEN(filename) + char_pos_len, 0);
141 	sprintf(ZSTR_VAL(result), "%c%s%s%s", '\0', ZSTR_VAL(name), ZSTR_VAL(filename), char_pos_buf);
142	return zend_new_interned_string(result);
143}
144/* }}} */
145
146static zend_bool zend_get_unqualified_name(const zend_string *name, const char **result, size_t *result_len) /* {{{ */
147{
148	const char *ns_separator = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
149	if (ns_separator != NULL) {
150		*result = ns_separator + 1;
151		*result_len = ZSTR_VAL(name) + ZSTR_LEN(name) - *result;
152		return 1;
153	}
154
155	return 0;
156}
157/* }}} */
158
159struct reserved_class_name {
160	const char *name;
161	size_t len;
162};
163static const struct reserved_class_name reserved_class_names[] = {
164	{ZEND_STRL("bool")},
165	{ZEND_STRL("false")},
166	{ZEND_STRL("float")},
167	{ZEND_STRL("int")},
168	{ZEND_STRL("null")},
169	{ZEND_STRL("parent")},
170	{ZEND_STRL("self")},
171	{ZEND_STRL("static")},
172	{ZEND_STRL("string")},
173	{ZEND_STRL("true")},
174	{ZEND_STRL("void")},
175	{ZEND_STRL("iterable")},
176	{ZEND_STRL("object")},
177	{NULL, 0}
178};
179
180static zend_bool zend_is_reserved_class_name(const zend_string *name) /* {{{ */
181{
182	const struct reserved_class_name *reserved = reserved_class_names;
183
184	const char *uqname = ZSTR_VAL(name);
185	size_t uqname_len = ZSTR_LEN(name);
186	zend_get_unqualified_name(name, &uqname, &uqname_len);
187
188	for (; reserved->name; ++reserved) {
189		if (uqname_len == reserved->len
190			&& zend_binary_strcasecmp(uqname, uqname_len, reserved->name, reserved->len) == 0
191		) {
192			return 1;
193		}
194	}
195
196	return 0;
197}
198/* }}} */
199
200void zend_assert_valid_class_name(const zend_string *name) /* {{{ */
201{
202	if (zend_is_reserved_class_name(name)) {
203		zend_error_noreturn(E_COMPILE_ERROR,
204			"Cannot use '%s' as class name as it is reserved", ZSTR_VAL(name));
205	}
206}
207/* }}} */
208
209typedef struct _builtin_type_info {
210	const char* name;
211	const size_t name_len;
212	const zend_uchar type;
213} builtin_type_info;
214
215static const builtin_type_info builtin_types[] = {
216	{ZEND_STRL("int"), IS_LONG},
217	{ZEND_STRL("float"), IS_DOUBLE},
218	{ZEND_STRL("string"), IS_STRING},
219	{ZEND_STRL("bool"), _IS_BOOL},
220	{ZEND_STRL("void"), IS_VOID},
221	{ZEND_STRL("iterable"), IS_ITERABLE},
222	{ZEND_STRL("object"), IS_OBJECT},
223	{NULL, 0, IS_UNDEF}
224};
225
226
227static zend_always_inline zend_uchar zend_lookup_builtin_type_by_name(const zend_string *name) /* {{{ */
228{
229	const builtin_type_info *info = &builtin_types[0];
230
231	for (; info->name; ++info) {
232		if (ZSTR_LEN(name) == info->name_len
233			&& zend_binary_strcasecmp(ZSTR_VAL(name), ZSTR_LEN(name), info->name, info->name_len) == 0
234		) {
235			return info->type;
236		}
237	}
238
239	return 0;
240}
241/* }}} */
242
243
244void zend_oparray_context_begin(zend_oparray_context *prev_context) /* {{{ */
245{
246	*prev_context = CG(context);
247	CG(context).opcodes_size = INITIAL_OP_ARRAY_SIZE;
248	CG(context).vars_size = 0;
249	CG(context).literals_size = 0;
250	CG(context).backpatch_count = 0;
251	CG(context).fast_call_var = -1;
252	CG(context).try_catch_offset = -1;
253	CG(context).current_brk_cont = -1;
254	CG(context).last_brk_cont = 0;
255	CG(context).brk_cont_array = NULL;
256	CG(context).labels = NULL;
257}
258/* }}} */
259
260void zend_oparray_context_end(zend_oparray_context *prev_context) /* {{{ */
261{
262	if (CG(context).brk_cont_array) {
263		efree(CG(context).brk_cont_array);
264		CG(context).brk_cont_array = NULL;
265	}
266	if (CG(context).labels) {
267		zend_hash_destroy(CG(context).labels);
268		FREE_HASHTABLE(CG(context).labels);
269		CG(context).labels = NULL;
270	}
271	CG(context) = *prev_context;
272}
273/* }}} */
274
275static void zend_reset_import_tables(void) /* {{{ */
276{
277	if (FC(imports)) {
278		zend_hash_destroy(FC(imports));
279		efree(FC(imports));
280		FC(imports) = NULL;
281	}
282
283	if (FC(imports_function)) {
284		zend_hash_destroy(FC(imports_function));
285		efree(FC(imports_function));
286		FC(imports_function) = NULL;
287	}
288
289	if (FC(imports_const)) {
290		zend_hash_destroy(FC(imports_const));
291		efree(FC(imports_const));
292		FC(imports_const) = NULL;
293	}
294}
295/* }}} */
296
297static void zend_end_namespace(void) /* {{{ */ {
298	FC(in_namespace) = 0;
299	zend_reset_import_tables();
300	if (FC(current_namespace)) {
301		zend_string_release_ex(FC(current_namespace), 0);
302		FC(current_namespace) = NULL;
303	}
304}
305/* }}} */
306
307void zend_file_context_begin(zend_file_context *prev_context) /* {{{ */
308{
309	*prev_context = CG(file_context);
310	FC(imports) = NULL;
311	FC(imports_function) = NULL;
312	FC(imports_const) = NULL;
313	FC(current_namespace) = NULL;
314	FC(in_namespace) = 0;
315	FC(has_bracketed_namespaces) = 0;
316	FC(declarables).ticks = 0;
317	zend_hash_init(&FC(seen_symbols), 8, NULL, NULL, 0);
318}
319/* }}} */
320
321void zend_file_context_end(zend_file_context *prev_context) /* {{{ */
322{
323	zend_end_namespace();
324	zend_hash_destroy(&FC(seen_symbols));
325	CG(file_context) = *prev_context;
326}
327/* }}} */
328
329void zend_init_compiler_data_structures(void) /* {{{ */
330{
331	zend_stack_init(&CG(loop_var_stack), sizeof(zend_loop_var));
332	zend_stack_init(&CG(delayed_oplines_stack), sizeof(zend_op));
333	CG(active_class_entry) = NULL;
334	CG(in_compilation) = 0;
335	CG(start_lineno) = 0;
336
337	CG(encoding_declared) = 0;
338}
339/* }}} */
340
341static void zend_register_seen_symbol(zend_string *name, uint32_t kind) {
342	zval *zv = zend_hash_find(&FC(seen_symbols), name);
343	if (zv) {
344		Z_LVAL_P(zv) |= kind;
345	} else {
346		zval tmp;
347		ZVAL_LONG(&tmp, kind);
348		zend_hash_add_new(&FC(seen_symbols), name, &tmp);
349	}
350}
351
352static zend_bool zend_have_seen_symbol(zend_string *name, uint32_t kind) {
353	zval *zv = zend_hash_find(&FC(seen_symbols), name);
354	return zv && (Z_LVAL_P(zv) & kind) != 0;
355}
356
357ZEND_API void file_handle_dtor(zend_file_handle *fh) /* {{{ */
358{
359
360	zend_file_handle_dtor(fh);
361}
362/* }}} */
363
364void init_compiler(void) /* {{{ */
365{
366	CG(arena) = zend_arena_create(64 * 1024);
367	CG(active_op_array) = NULL;
368	memset(&CG(context), 0, sizeof(CG(context)));
369	zend_init_compiler_data_structures();
370	zend_init_rsrc_list();
371	zend_hash_init(&CG(filenames_table), 8, NULL, ZVAL_PTR_DTOR, 0);
372	zend_llist_init(&CG(open_files), sizeof(zend_file_handle), (void (*)(void *)) file_handle_dtor, 0);
373	CG(unclean_shutdown) = 0;
374}
375/* }}} */
376
377void shutdown_compiler(void) /* {{{ */
378{
379	zend_stack_destroy(&CG(loop_var_stack));
380	zend_stack_destroy(&CG(delayed_oplines_stack));
381	zend_hash_destroy(&CG(filenames_table));
382	zend_arena_destroy(CG(arena));
383}
384/* }}} */
385
386ZEND_API zend_string *zend_set_compiled_filename(zend_string *new_compiled_filename) /* {{{ */
387{
388	zval *p, rv;
389
390	if ((p = zend_hash_find(&CG(filenames_table), new_compiled_filename))) {
391		ZEND_ASSERT(Z_TYPE_P(p) == IS_STRING);
392		CG(compiled_filename) = Z_STR_P(p);
393		return Z_STR_P(p);
394	}
395
396	new_compiled_filename = zend_new_interned_string(zend_string_copy(new_compiled_filename));
397	ZVAL_STR(&rv, new_compiled_filename);
398	zend_hash_add_new(&CG(filenames_table), new_compiled_filename, &rv);
399
400	CG(compiled_filename) = new_compiled_filename;
401	return new_compiled_filename;
402}
403/* }}} */
404
405ZEND_API void zend_restore_compiled_filename(zend_string *original_compiled_filename) /* {{{ */
406{
407	CG(compiled_filename) = original_compiled_filename;
408}
409/* }}} */
410
411ZEND_API zend_string *zend_get_compiled_filename(void) /* {{{ */
412{
413	return CG(compiled_filename);
414}
415/* }}} */
416
417ZEND_API int zend_get_compiled_lineno(void) /* {{{ */
418{
419	return CG(zend_lineno);
420}
421/* }}} */
422
423ZEND_API zend_bool zend_is_compiling(void) /* {{{ */
424{
425	return CG(in_compilation);
426}
427/* }}} */
428
429static uint32_t get_temporary_variable(zend_op_array *op_array) /* {{{ */
430{
431	return (uint32_t)op_array->T++;
432}
433/* }}} */
434
435static int lookup_cv(zend_op_array *op_array, zend_string *name) /* {{{ */{
436	int i = 0;
437	zend_ulong hash_value = zend_string_hash_val(name);
438
439	while (i < op_array->last_var) {
440		if (ZSTR_VAL(op_array->vars[i]) == ZSTR_VAL(name) ||
441		    (ZSTR_H(op_array->vars[i]) == hash_value &&
442		     zend_string_equal_content(op_array->vars[i], name))) {
443			return (int)(zend_intptr_t)ZEND_CALL_VAR_NUM(NULL, i);
444		}
445		i++;
446	}
447	i = op_array->last_var;
448	op_array->last_var++;
449	if (op_array->last_var > CG(context).vars_size) {
450		CG(context).vars_size += 16; /* FIXME */
451		op_array->vars = erealloc(op_array->vars, CG(context).vars_size * sizeof(zend_string*));
452	}
453
454	op_array->vars[i] = zend_string_copy(name);
455	return (int)(zend_intptr_t)ZEND_CALL_VAR_NUM(NULL, i);
456}
457/* }}} */
458
459void zend_del_literal(zend_op_array *op_array, int n) /* {{{ */
460{
461	zval_ptr_dtor_nogc(CT_CONSTANT_EX(op_array, n));
462	if (n + 1 == op_array->last_literal) {
463		op_array->last_literal--;
464	} else {
465		ZVAL_UNDEF(CT_CONSTANT_EX(op_array, n));
466	}
467}
468/* }}} */
469
470static inline zend_string *zval_make_interned_string(zval *zv) /* {{{ */
471{
472	ZEND_ASSERT(Z_TYPE_P(zv) == IS_STRING);
473	Z_STR_P(zv) = zend_new_interned_string(Z_STR_P(zv));
474	if (ZSTR_IS_INTERNED(Z_STR_P(zv))) {
475		Z_TYPE_FLAGS_P(zv) = 0;
476	}
477	return Z_STR_P(zv);
478}
479
480/* Common part of zend_add_literal and zend_append_individual_literal */
481static inline void zend_insert_literal(zend_op_array *op_array, zval *zv, int literal_position) /* {{{ */
482{
483	zval *lit = CT_CONSTANT_EX(op_array, literal_position);
484	if (Z_TYPE_P(zv) == IS_STRING) {
485		zval_make_interned_string(zv);
486	}
487	ZVAL_COPY_VALUE(lit, zv);
488	Z_EXTRA_P(lit) = 0;
489}
490/* }}} */
491
492/* Is used while compiling a function, using the context to keep track
493   of an approximate size to avoid to relocate to often.
494   Literals are truncated to actual size in the second compiler pass (pass_two()). */
495int zend_add_literal(zend_op_array *op_array, zval *zv) /* {{{ */
496{
497	int i = op_array->last_literal;
498	op_array->last_literal++;
499	if (i >= CG(context).literals_size) {
500		while (i >= CG(context).literals_size) {
501			CG(context).literals_size += 16; /* FIXME */
502		}
503		op_array->literals = (zval*)erealloc(op_array->literals, CG(context).literals_size * sizeof(zval));
504	}
505	zend_insert_literal(op_array, zv, i);
506	return i;
507}
508/* }}} */
509
510static inline int zend_add_literal_string(zend_op_array *op_array, zend_string **str) /* {{{ */
511{
512	int ret;
513	zval zv;
514	ZVAL_STR(&zv, *str);
515	ret = zend_add_literal(op_array, &zv);
516	*str = Z_STR(zv);
517	return ret;
518}
519/* }}} */
520
521static int zend_add_func_name_literal(zend_op_array *op_array, zend_string *name) /* {{{ */
522{
523	/* Original name */
524	int ret = zend_add_literal_string(op_array, &name);
525
526	/* Lowercased name */
527	zend_string *lc_name = zend_string_tolower(name);
528	zend_add_literal_string(op_array, &lc_name);
529
530	return ret;
531}
532/* }}} */
533
534static int zend_add_ns_func_name_literal(zend_op_array *op_array, zend_string *name) /* {{{ */
535{
536	const char *unqualified_name;
537	size_t unqualified_name_len;
538
539	/* Original name */
540	int ret = zend_add_literal_string(op_array, &name);
541
542	/* Lowercased name */
543	zend_string *lc_name = zend_string_tolower(name);
544	zend_add_literal_string(op_array, &lc_name);
545
546	/* Lowercased unqualfied name */
547	if (zend_get_unqualified_name(name, &unqualified_name, &unqualified_name_len)) {
548		lc_name = zend_string_alloc(unqualified_name_len, 0);
549		zend_str_tolower_copy(ZSTR_VAL(lc_name), unqualified_name, unqualified_name_len);
550		zend_add_literal_string(op_array, &lc_name);
551	}
552
553	return ret;
554}
555/* }}} */
556
557static int zend_add_class_name_literal(zend_op_array *op_array, zend_string *name) /* {{{ */
558{
559	/* Original name */
560	int ret = zend_add_literal_string(op_array, &name);
561
562	/* Lowercased name */
563	zend_string *lc_name = zend_string_tolower(name);
564	zend_add_literal_string(op_array, &lc_name);
565
566	return ret;
567}
568/* }}} */
569
570static int zend_add_const_name_literal(zend_op_array *op_array, zend_string *name, zend_bool unqualified) /* {{{ */
571{
572	zend_string *tmp_name;
573
574	int ret = zend_add_literal_string(op_array, &name);
575
576	size_t ns_len = 0, after_ns_len = ZSTR_LEN(name);
577	const char *after_ns = zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
578	if (after_ns) {
579		after_ns += 1;
580		ns_len = after_ns - ZSTR_VAL(name) - 1;
581		after_ns_len = ZSTR_LEN(name) - ns_len - 1;
582
583		/* lowercased namespace name & original constant name */
584		tmp_name = zend_string_init(ZSTR_VAL(name), ZSTR_LEN(name), 0);
585		zend_str_tolower(ZSTR_VAL(tmp_name), ns_len);
586		zend_add_literal_string(op_array, &tmp_name);
587
588		/* lowercased namespace name & lowercased constant name */
589		tmp_name = zend_string_tolower(name);
590		zend_add_literal_string(op_array, &tmp_name);
591
592		if (!unqualified) {
593			return ret;
594		}
595	} else {
596		after_ns = ZSTR_VAL(name);
597	}
598
599	/* original unqualified constant name */
600	tmp_name = zend_string_init(after_ns, after_ns_len, 0);
601	zend_add_literal_string(op_array, &tmp_name);
602
603	/* lowercased unqualified constant name */
604	tmp_name = zend_string_alloc(after_ns_len, 0);
605	zend_str_tolower_copy(ZSTR_VAL(tmp_name), after_ns, after_ns_len);
606	zend_add_literal_string(op_array, &tmp_name);
607
608	return ret;
609}
610/* }}} */
611
612#define LITERAL_STR(op, str) do { \
613		zval _c; \
614		ZVAL_STR(&_c, str); \
615		op.constant = zend_add_literal(CG(active_op_array), &_c); \
616	} while (0)
617
618void zend_stop_lexing(void)
619{
620	if (LANG_SCNG(on_event)) {
621		LANG_SCNG(on_event)(ON_STOP, END, 0, LANG_SCNG(on_event_context));
622	}
623
624	LANG_SCNG(yy_cursor) = LANG_SCNG(yy_limit);
625}
626
627static uint32_t zend_start_live_range(zend_op_array *op_array, uint32_t start) /* {{{ */
628{
629	zend_live_range *range;
630
631	op_array->last_live_range++;
632	op_array->live_range = erealloc(op_array->live_range, sizeof(zend_live_range) * op_array->last_live_range);
633	range = op_array->live_range + op_array->last_live_range - 1;
634	range->start = start;
635	return op_array->last_live_range - 1;
636}
637/* }}} */
638
639static void zend_end_live_range(zend_op_array *op_array, uint32_t offset, uint32_t end, uint32_t kind, uint32_t var) /* {{{ */
640{
641	zend_live_range *range = op_array->live_range + offset;
642
643	if (range->start == end && offset == (uint32_t)op_array->last_live_range - 1) {
644		op_array->last_live_range--;
645	} else {
646		range->end = end;
647		range->var = (var * sizeof(zval)) | kind;
648	}
649}
650/* }}} */
651
652static inline void zend_begin_loop(
653		zend_uchar free_opcode, const znode *loop_var, zend_bool is_switch) /* {{{ */
654{
655	zend_brk_cont_element *brk_cont_element;
656	int parent = CG(context).current_brk_cont;
657	zend_loop_var info = {0};
658
659	CG(context).current_brk_cont = CG(context).last_brk_cont;
660	brk_cont_element = get_next_brk_cont_element();
661	brk_cont_element->parent = parent;
662	brk_cont_element->is_switch = is_switch;
663
664	if (loop_var && (loop_var->op_type & (IS_VAR|IS_TMP_VAR))) {
665		uint32_t start = get_next_op_number(CG(active_op_array));
666
667		info.opcode = free_opcode;
668		info.var_type = loop_var->op_type;
669		info.var_num = loop_var->u.op.var;
670		info.u.live_range_offset = zend_start_live_range(CG(active_op_array), start);
671		brk_cont_element->start = start;
672	} else {
673		info.opcode = ZEND_NOP;
674		/* The start field is used to free temporary variables in case of exceptions.
675		 * We won't try to free something of we don't have loop variable.  */
676		brk_cont_element->start = -1;
677	}
678
679	zend_stack_push(&CG(loop_var_stack), &info);
680}
681/* }}} */
682
683static inline void zend_end_loop(int cont_addr, const znode *var_node) /* {{{ */
684{
685	uint32_t end = get_next_op_number(CG(active_op_array));
686	zend_brk_cont_element *brk_cont_element
687		= &CG(context).brk_cont_array[CG(context).current_brk_cont];
688	brk_cont_element->cont = cont_addr;
689	brk_cont_element->brk = end;
690	CG(context).current_brk_cont = brk_cont_element->parent;
691
692	if (brk_cont_element->start != -1) {
693		zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
694		zend_end_live_range(CG(active_op_array), loop_var->u.live_range_offset, end,
695			loop_var->opcode == ZEND_FE_FREE ? ZEND_LIVE_LOOP : ZEND_LIVE_TMPVAR,
696			var_node->u.op.var);
697	}
698
699	zend_stack_del_top(&CG(loop_var_stack));
700}
701/* }}} */
702
703void zend_do_free(znode *op1) /* {{{ */
704{
705	if (op1->op_type == IS_TMP_VAR) {
706		zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
707
708		while (opline->opcode == ZEND_END_SILENCE) {
709			opline--;
710		}
711
712		if (opline->result_type == IS_TMP_VAR && opline->result.var == op1->u.op.var) {
713			if (opline->opcode == ZEND_BOOL || opline->opcode == ZEND_BOOL_NOT) {
714				return;
715			}
716		}
717
718		zend_emit_op(NULL, ZEND_FREE, op1, NULL);
719	} else if (op1->op_type == IS_VAR) {
720		zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
721		while (opline->opcode == ZEND_END_SILENCE ||
722				opline->opcode == ZEND_EXT_FCALL_END ||
723				opline->opcode == ZEND_OP_DATA) {
724			opline--;
725		}
726		if (opline->result_type == IS_VAR
727			&& opline->result.var == op1->u.op.var) {
728			if (opline->opcode == ZEND_FETCH_THIS) {
729				opline->opcode = ZEND_NOP;
730				opline->result_type = IS_UNUSED;
731			} else {
732				opline->result_type = IS_UNUSED;
733			}
734		} else {
735			while (opline >= CG(active_op_array)->opcodes) {
736				if ((opline->opcode == ZEND_FETCH_LIST_R ||
737                     opline->opcode == ZEND_FETCH_LIST_W) &&
738				    opline->op1_type == IS_VAR &&
739				    opline->op1.var == op1->u.op.var) {
740					zend_emit_op(NULL, ZEND_FREE, op1, NULL);
741					return;
742				}
743				if (opline->result_type == IS_VAR
744					&& opline->result.var == op1->u.op.var) {
745					if (opline->opcode == ZEND_NEW) {
746						zend_emit_op(NULL, ZEND_FREE, op1, NULL);
747					}
748					break;
749				}
750				opline--;
751			}
752		}
753	} else if (op1->op_type == IS_CONST) {
754		/* Destroy value without using GC: When opcache moves arrays into SHM it will
755		 * free the zend_array structure, so references to it from outside the op array
756		 * become invalid. GC would cause such a reference in the root buffer. */
757		zval_ptr_dtor_nogc(&op1->u.constant);
758	}
759}
760/* }}} */
761
762uint32_t zend_add_class_modifier(uint32_t flags, uint32_t new_flag) /* {{{ */
763{
764	uint32_t new_flags = flags | new_flag;
765	if ((flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flag & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) {
766		zend_throw_exception(zend_ce_compile_error,
767			"Multiple abstract modifiers are not allowed", 0);
768		return 0;
769	}
770	if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
771		zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
772		return 0;
773	}
774	if ((new_flags & ZEND_ACC_EXPLICIT_ABSTRACT_CLASS) && (new_flags & ZEND_ACC_FINAL)) {
775		zend_throw_exception(zend_ce_compile_error,
776			"Cannot use the final modifier on an abstract class", 0);
777		return 0;
778	}
779	return new_flags;
780}
781/* }}} */
782
783uint32_t zend_add_member_modifier(uint32_t flags, uint32_t new_flag) /* {{{ */
784{
785	uint32_t new_flags = flags | new_flag;
786	if ((flags & ZEND_ACC_PPP_MASK) && (new_flag & ZEND_ACC_PPP_MASK)) {
787		zend_throw_exception(zend_ce_compile_error,
788			"Multiple access type modifiers are not allowed", 0);
789		return 0;
790	}
791	if ((flags & ZEND_ACC_ABSTRACT) && (new_flag & ZEND_ACC_ABSTRACT)) {
792		zend_throw_exception(zend_ce_compile_error, "Multiple abstract modifiers are not allowed", 0);
793		return 0;
794	}
795	if ((flags & ZEND_ACC_STATIC) && (new_flag & ZEND_ACC_STATIC)) {
796		zend_throw_exception(zend_ce_compile_error, "Multiple static modifiers are not allowed", 0);
797		return 0;
798	}
799	if ((flags & ZEND_ACC_FINAL) && (new_flag & ZEND_ACC_FINAL)) {
800		zend_throw_exception(zend_ce_compile_error, "Multiple final modifiers are not allowed", 0);
801		return 0;
802	}
803	if ((new_flags & ZEND_ACC_ABSTRACT) && (new_flags & ZEND_ACC_FINAL)) {
804		zend_throw_exception(zend_ce_compile_error,
805			"Cannot use the final modifier on an abstract class member", 0);
806		return 0;
807	}
808	return new_flags;
809}
810/* }}} */
811
812zend_string *zend_concat3(char *str1, size_t str1_len, char *str2, size_t str2_len, char *str3, size_t str3_len) /* {{{ */
813{
814	size_t len = str1_len + str2_len + str3_len;
815	zend_string *res = zend_string_alloc(len, 0);
816
817	memcpy(ZSTR_VAL(res), str1, str1_len);
818	memcpy(ZSTR_VAL(res) + str1_len, str2, str2_len);
819	memcpy(ZSTR_VAL(res) + str1_len + str2_len, str3, str3_len);
820	ZSTR_VAL(res)[len] = '\0';
821
822	return res;
823}
824
825zend_string *zend_concat_names(char *name1, size_t name1_len, char *name2, size_t name2_len) {
826	return zend_concat3(name1, name1_len, "\\", 1, name2, name2_len);
827}
828
829zend_string *zend_prefix_with_ns(zend_string *name) {
830	if (FC(current_namespace)) {
831		zend_string *ns = FC(current_namespace);
832		return zend_concat_names(ZSTR_VAL(ns), ZSTR_LEN(ns), ZSTR_VAL(name), ZSTR_LEN(name));
833	} else {
834		return zend_string_copy(name);
835	}
836}
837
838void *zend_hash_find_ptr_lc(HashTable *ht, const char *str, size_t len) {
839	void *result;
840	zend_string *lcname;
841	ALLOCA_FLAG(use_heap);
842
843	ZSTR_ALLOCA_ALLOC(lcname, len, use_heap);
844	zend_str_tolower_copy(ZSTR_VAL(lcname), str, len);
845	result = zend_hash_find_ptr(ht, lcname);
846	ZSTR_ALLOCA_FREE(lcname, use_heap);
847
848	return result;
849}
850
851zend_string *zend_resolve_non_class_name(
852	zend_string *name, uint32_t type, zend_bool *is_fully_qualified,
853	zend_bool case_sensitive, HashTable *current_import_sub
854) {
855	char *compound;
856	*is_fully_qualified = 0;
857
858	if (ZSTR_VAL(name)[0] == '\\') {
859		/* Remove \ prefix (only relevant if this is a string rather than a label) */
860		*is_fully_qualified = 1;
861		return zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
862	}
863
864	if (type == ZEND_NAME_FQ) {
865		*is_fully_qualified = 1;
866		return zend_string_copy(name);
867	}
868
869	if (type == ZEND_NAME_RELATIVE) {
870		*is_fully_qualified = 1;
871		return zend_prefix_with_ns(name);
872	}
873
874	if (current_import_sub) {
875		/* If an unqualified name is a function/const alias, replace it. */
876		zend_string *import_name;
877		if (case_sensitive) {
878			import_name = zend_hash_find_ptr(current_import_sub, name);
879		} else {
880			import_name = zend_hash_find_ptr_lc(current_import_sub, ZSTR_VAL(name), ZSTR_LEN(name));
881		}
882
883		if (import_name) {
884			*is_fully_qualified = 1;
885			return zend_string_copy(import_name);
886		}
887	}
888
889	compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
890	if (compound) {
891		*is_fully_qualified = 1;
892	}
893
894	if (compound && FC(imports)) {
895		/* If the first part of a qualified name is an alias, substitute it. */
896		size_t len = compound - ZSTR_VAL(name);
897		zend_string *import_name = zend_hash_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
898
899		if (import_name) {
900			return zend_concat_names(
901				ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
902		}
903	}
904
905	return zend_prefix_with_ns(name);
906}
907/* }}} */
908
909zend_string *zend_resolve_function_name(zend_string *name, uint32_t type, zend_bool *is_fully_qualified) /* {{{ */
910{
911	return zend_resolve_non_class_name(
912		name, type, is_fully_qualified, 0, FC(imports_function));
913}
914/* }}} */
915
916zend_string *zend_resolve_const_name(zend_string *name, uint32_t type, zend_bool *is_fully_qualified) /* {{{ */ {
917	return zend_resolve_non_class_name(
918		name, type, is_fully_qualified, 1, FC(imports_const));
919}
920/* }}} */
921
922zend_string *zend_resolve_class_name(zend_string *name, uint32_t type) /* {{{ */
923{
924	char *compound;
925
926	if (type == ZEND_NAME_RELATIVE) {
927		return zend_prefix_with_ns(name);
928	}
929
930	if (type == ZEND_NAME_FQ || ZSTR_VAL(name)[0] == '\\') {
931		/* Remove \ prefix (only relevant if this is a string rather than a label) */
932		if (ZSTR_VAL(name)[0] == '\\') {
933			name = zend_string_init(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1, 0);
934		} else {
935			zend_string_addref(name);
936		}
937		/* Ensure that \self, \parent and \static are not used */
938		if (ZEND_FETCH_CLASS_DEFAULT != zend_get_class_fetch_type(name)) {
939			zend_error_noreturn(E_COMPILE_ERROR, "'\\%s' is an invalid class name", ZSTR_VAL(name));
940		}
941		return name;
942	}
943
944	if (FC(imports)) {
945		compound = memchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name));
946		if (compound) {
947			/* If the first part of a qualified name is an alias, substitute it. */
948			size_t len = compound - ZSTR_VAL(name);
949			zend_string *import_name =
950				zend_hash_find_ptr_lc(FC(imports), ZSTR_VAL(name), len);
951
952			if (import_name) {
953				return zend_concat_names(
954					ZSTR_VAL(import_name), ZSTR_LEN(import_name), ZSTR_VAL(name) + len + 1, ZSTR_LEN(name) - len - 1);
955			}
956		} else {
957			/* If an unqualified name is an alias, replace it. */
958			zend_string *import_name
959				= zend_hash_find_ptr_lc(FC(imports), ZSTR_VAL(name), ZSTR_LEN(name));
960
961			if (import_name) {
962				return zend_string_copy(import_name);
963			}
964		}
965	}
966
967	/* If not fully qualified and not an alias, prepend the current namespace */
968	return zend_prefix_with_ns(name);
969}
970/* }}} */
971
972zend_string *zend_resolve_class_name_ast(zend_ast *ast) /* {{{ */
973{
974	zval *class_name = zend_ast_get_zval(ast);
975	if (Z_TYPE_P(class_name) != IS_STRING) {
976		zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
977	}
978	return zend_resolve_class_name(Z_STR_P(class_name), ast->attr);
979}
980/* }}} */
981
982static void label_ptr_dtor(zval *zv) /* {{{ */
983{
984	efree_size(Z_PTR_P(zv), sizeof(zend_label));
985}
986/* }}} */
987
988static void str_dtor(zval *zv)  /* {{{ */ {
989	zend_string_release_ex(Z_STR_P(zv), 0);
990}
991/* }}} */
992
993static zend_bool zend_is_call(zend_ast *ast);
994
995static uint32_t zend_add_try_element(uint32_t try_op) /* {{{ */
996{
997	zend_op_array *op_array = CG(active_op_array);
998	uint32_t try_catch_offset = op_array->last_try_catch++;
999	zend_try_catch_element *elem;
1000
1001	op_array->try_catch_array = safe_erealloc(
1002		op_array->try_catch_array, sizeof(zend_try_catch_element), op_array->last_try_catch, 0);
1003
1004	elem = &op_array->try_catch_array[try_catch_offset];
1005	elem->try_op = try_op;
1006	elem->catch_op = 0;
1007	elem->finally_op = 0;
1008	elem->finally_end = 0;
1009
1010	return try_catch_offset;
1011}
1012/* }}} */
1013
1014ZEND_API void function_add_ref(zend_function *function) /* {{{ */
1015{
1016	if (function->type == ZEND_USER_FUNCTION) {
1017		zend_op_array *op_array = &function->op_array;
1018
1019		if (op_array->refcount) {
1020			(*op_array->refcount)++;
1021		}
1022		if (op_array->static_variables) {
1023			if (!(GC_FLAGS(op_array->static_variables) & IS_ARRAY_IMMUTABLE)) {
1024				GC_ADDREF(op_array->static_variables);
1025			}
1026		}
1027		op_array->run_time_cache = NULL;
1028	} else if (function->type == ZEND_INTERNAL_FUNCTION) {
1029		if (function->common.function_name) {
1030			zend_string_addref(function->common.function_name);
1031		}
1032	}
1033}
1034/* }}} */
1035
1036ZEND_API int do_bind_function(const zend_op_array *op_array, const zend_op *opline, HashTable *function_table, zend_bool compile_time) /* {{{ */
1037{
1038	zend_function *function, *new_function;
1039	zval *lcname, *rtd_key, *zv;
1040
1041	if (compile_time) {
1042		lcname = CT_CONSTANT_EX(op_array, opline->op1.constant);
1043		rtd_key = lcname + 1;
1044	} else {
1045		lcname = RT_CONSTANT(opline, opline->op1);
1046		rtd_key = lcname + 1;
1047	}
1048
1049	zv = zend_hash_find_ex(function_table, Z_STR_P(rtd_key), 1);
1050	function = (zend_function*)Z_PTR_P(zv);
1051	new_function = zend_arena_alloc(&CG(arena), sizeof(zend_op_array));
1052	memcpy(new_function, function, sizeof(zend_op_array));
1053	if (zend_hash_add_ptr(function_table, Z_STR_P(lcname), new_function) == NULL) {
1054		int error_level = compile_time ? E_COMPILE_ERROR : E_ERROR;
1055		zend_function *old_function;
1056
1057		zv = zend_hash_find_ex(function_table, Z_STR_P(lcname), 1);
1058		ZEND_ASSERT(zv != NULL);
1059		old_function = (zend_function*)Z_PTR_P(zv);
1060		if (old_function->type == ZEND_USER_FUNCTION
1061			&& old_function->op_array.last > 0) {
1062			zend_error_noreturn(error_level, "Cannot redeclare %s() (previously declared in %s:%d)",
1063						ZSTR_VAL(function->common.function_name),
1064						ZSTR_VAL(old_function->op_array.filename),
1065						old_function->op_array.opcodes[0].lineno);
1066		} else {
1067			zend_error_noreturn(error_level, "Cannot redeclare %s()", ZSTR_VAL(function->common.function_name));
1068		}
1069		return FAILURE;
1070	} else {
1071		if (function->op_array.refcount) {
1072			(*function->op_array.refcount)++;
1073		}
1074		if (!(function->op_array.fn_flags & ZEND_ACC_IMMUTABLE)) {
1075			function->op_array.static_variables = NULL; /* NULL out the unbound function */
1076		}
1077		return SUCCESS;
1078	}
1079}
1080/* }}} */
1081
1082ZEND_API zend_class_entry *do_bind_class(const zend_op_array* op_array, const zend_op *opline, HashTable *class_table, zend_bool compile_time) /* {{{ */
1083{
1084	zend_class_entry *ce;
1085	zval *lcname, *rtd_key, *zv;
1086
1087	if (compile_time) {
1088		lcname = CT_CONSTANT_EX(op_array, opline->op1.constant);
1089		rtd_key = lcname + 1;
1090	} else {
1091		lcname = RT_CONSTANT(opline, opline->op1);
1092		rtd_key = lcname + 1;
1093	}
1094	zv = zend_hash_find_ex(class_table, Z_STR_P(rtd_key), 1);
1095	ZEND_ASSERT(zv);
1096	ce = (zend_class_entry*)Z_PTR_P(zv);
1097	ce->refcount++;
1098	if (zend_hash_add_ptr(class_table, Z_STR_P(lcname), ce) == NULL) {
1099		ce->refcount--;
1100		if (!compile_time) {
1101			/* If we're in compile time, in practice, it's quite possible
1102			 * that we'll never reach this class declaration at runtime,
1103			 * so we shut up about it.  This allows the if (!defined('FOO')) { return; }
1104			 * approach to work.
1105			 */
1106			zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1107		}
1108		return NULL;
1109	} else {
1110		if (!(ce->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLEMENT_INTERFACES|ZEND_ACC_IMPLEMENT_TRAITS))) {
1111			zend_verify_abstract_class(ce);
1112		}
1113		return ce;
1114	}
1115}
1116/* }}} */
1117
1118ZEND_API zend_class_entry *do_bind_inherited_class(const zend_op_array *op_array, const zend_op *opline, HashTable *class_table, zend_class_entry *parent_ce, zend_bool compile_time) /* {{{ */
1119{
1120	zend_class_entry *ce;
1121	zval *lcname, *rtd_key, *zv;
1122
1123	if (compile_time) {
1124		lcname = CT_CONSTANT_EX(op_array, opline->op1.constant);
1125		rtd_key = lcname + 1;
1126	} else {
1127		lcname = RT_CONSTANT(opline, opline->op1);
1128		rtd_key = lcname + 1;
1129	}
1130
1131	zv = zend_hash_find_ex(class_table, Z_STR_P(rtd_key), 1);
1132
1133	if (!zv) {
1134		if (!compile_time) {
1135			/* If we're in compile time, in practice, it's quite possible
1136			 * that we'll never reach this class declaration at runtime,
1137			 * so we shut up about it.  This allows the if (!defined('FOO')) { return; }
1138			 * approach to work.
1139			 */
1140			zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare  %s, because the name is already in use", zend_get_object_type(Z_OBJCE_P(lcname)));
1141		}
1142		return NULL;
1143	}
1144
1145	ce = (zend_class_entry*)Z_PTR_P(zv);
1146
1147	if (zend_hash_exists(class_table, Z_STR_P(lcname))) {
1148		zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1149	}
1150
1151	zend_do_inheritance(ce, parent_ce);
1152
1153	ce->refcount++;
1154
1155	/* Register the derived class */
1156	if (zend_hash_add_ptr(class_table, Z_STR_P(lcname), ce) == NULL) {
1157		zend_error_noreturn(E_COMPILE_ERROR, "Cannot declare %s %s, because the name is already in use", zend_get_object_type(ce), ZSTR_VAL(ce->name));
1158	}
1159	return ce;
1160}
1161/* }}} */
1162
1163void zend_do_early_binding(void) /* {{{ */
1164{
1165	zend_op *opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1];
1166	HashTable *table;
1167
1168	while (opline->opcode == ZEND_TICKS && opline > CG(active_op_array)->opcodes) {
1169		opline--;
1170	}
1171
1172	switch (opline->opcode) {
1173		case ZEND_DECLARE_FUNCTION:
1174			if (do_bind_function(CG(active_op_array), opline, CG(function_table), 1) == FAILURE) {
1175				return;
1176			}
1177			table = CG(function_table);
1178			break;
1179		case ZEND_DECLARE_CLASS:
1180			if (do_bind_class(CG(active_op_array), opline, CG(class_table), 1) == NULL) {
1181				return;
1182			}
1183			table = CG(class_table);
1184			break;
1185		case ZEND_DECLARE_INHERITED_CLASS:
1186			{
1187				zval *parent_name;
1188				zend_class_entry *ce;
1189
1190				parent_name = CT_CONSTANT(opline->op2);
1191				if (((ce = zend_lookup_class_ex(Z_STR_P(parent_name), parent_name + 1, 0)) == NULL) ||
1192				    ((CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_CLASSES) &&
1193				     (ce->type == ZEND_INTERNAL_CLASS))) {
1194					if (CG(compiler_options) & ZEND_COMPILE_DELAYED_BINDING) {
1195						CG(active_op_array)->fn_flags |= ZEND_ACC_EARLY_BINDING;
1196						opline->opcode = ZEND_DECLARE_INHERITED_CLASS_DELAYED;
1197						opline->result_type = IS_UNUSED;
1198						opline->result.opline_num = -1;
1199					}
1200					return;
1201				}
1202				if (do_bind_inherited_class(CG(active_op_array), opline, CG(class_table), ce, 1) == NULL) {
1203					return;
1204				}
1205				zend_del_literal(CG(active_op_array), opline->op2.constant+1);
1206				zend_del_literal(CG(active_op_array), opline->op2.constant);
1207
1208				table = CG(class_table);
1209				break;
1210			}
1211		case ZEND_VERIFY_ABSTRACT_CLASS:
1212		case ZEND_ADD_INTERFACE:
1213		case ZEND_ADD_TRAIT:
1214		case ZEND_BIND_TRAITS:
1215			/* We currently don't early-bind classes that implement interfaces */
1216			/* Classes with traits are handled exactly the same, no early-bind here */
1217			return;
1218		default:
1219			zend_error_noreturn(E_COMPILE_ERROR, "Invalid binding type");
1220			return;
1221	}
1222
1223	zend_hash_del(table, Z_STR_P(CT_CONSTANT(opline->op1)+1));
1224	zend_del_literal(CG(active_op_array), opline->op1.constant+1);
1225	zend_del_literal(CG(active_op_array), opline->op1.constant);
1226	MAKE_NOP(opline);
1227}
1228/* }}} */
1229
1230static void zend_mark_function_as_generator() /* {{{ */
1231{
1232	if (!CG(active_op_array)->function_name) {
1233		zend_error_noreturn(E_COMPILE_ERROR,
1234			"The \"yield\" expression can only be used inside a function");
1235	}
1236
1237	if (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
1238		zend_arg_info return_info = CG(active_op_array)->arg_info[-1];
1239
1240		if (ZEND_TYPE_CODE(return_info.type) != IS_ITERABLE) {
1241			const char *msg = "Generators may only declare a return type of Generator, Iterator, Traversable, or iterable, %s is not permitted";
1242
1243			if (!ZEND_TYPE_IS_CLASS(return_info.type)) {
1244				zend_error_noreturn(E_COMPILE_ERROR, msg, zend_get_type_by_const(ZEND_TYPE_CODE(return_info.type)));
1245			}
1246
1247			if (!zend_string_equals_literal_ci(ZEND_TYPE_NAME(return_info.type), "Traversable")
1248				&& !zend_string_equals_literal_ci(ZEND_TYPE_NAME(return_info.type), "Iterator")
1249				&& !zend_string_equals_literal_ci(ZEND_TYPE_NAME(return_info.type), "Generator")) {
1250				zend_error_noreturn(E_COMPILE_ERROR, msg, ZSTR_VAL(ZEND_TYPE_NAME(return_info.type)));
1251			}
1252		}
1253	}
1254
1255	CG(active_op_array)->fn_flags |= ZEND_ACC_GENERATOR;
1256}
1257/* }}} */
1258
1259ZEND_API uint32_t zend_build_delayed_early_binding_list(const zend_op_array *op_array) /* {{{ */
1260{
1261	if (op_array->fn_flags & ZEND_ACC_EARLY_BINDING) {
1262		uint32_t  first_early_binding_opline = (uint32_t)-1;
1263		uint32_t *prev_opline_num = &first_early_binding_opline;
1264		zend_op  *opline = op_array->opcodes;
1265		zend_op  *end = opline + op_array->last;
1266
1267		while (opline < end) {
1268			if (opline->opcode == ZEND_DECLARE_INHERITED_CLASS_DELAYED) {
1269				*prev_opline_num = opline - op_array->opcodes;
1270				prev_opline_num = &opline->result.opline_num;
1271			}
1272			++opline;
1273		}
1274		*prev_opline_num = -1;
1275		return first_early_binding_opline;
1276	}
1277	return (uint32_t)-1;
1278}
1279/* }}} */
1280
1281ZEND_API void zend_do_delayed_early_binding(const zend_op_array *op_array, uint32_t first_early_binding_opline) /* {{{ */
1282{
1283	if (first_early_binding_opline != (uint32_t)-1) {
1284		zend_bool orig_in_compilation = CG(in_compilation);
1285		uint32_t opline_num = first_early_binding_opline;
1286		zend_class_entry *ce;
1287
1288		CG(in_compilation) = 1;
1289		while (opline_num != (uint32_t)-1) {
1290			const zend_op *opline = &op_array->opcodes[opline_num];
1291			zval *parent_name = RT_CONSTANT(opline, opline->op2);
1292			if ((ce = zend_lookup_class_ex(Z_STR_P(parent_name), parent_name + 1, 0)) != NULL) {
1293				do_bind_inherited_class(op_array, &op_array->opcodes[opline_num], EG(class_table), ce, 0);
1294			}
1295			opline_num = op_array->opcodes[opline_num].result.opline_num;
1296		}
1297		CG(in_compilation) = orig_in_compilation;
1298	}
1299}
1300/* }}} */
1301
1302ZEND_API zend_string *zend_mangle_property_name(const char *src1, size_t src1_length, const char *src2, size_t src2_length, int internal) /* {{{ */
1303{
1304	size_t prop_name_length = 1 + src1_length + 1 + src2_length;
1305	zend_string *prop_name = zend_string_alloc(prop_name_length, internal);
1306
1307	ZSTR_VAL(prop_name)[0] = '\0';
1308	memcpy(ZSTR_VAL(prop_name) + 1, src1, src1_length+1);
1309	memcpy(ZSTR_VAL(prop_name) + 1 + src1_length + 1, src2, src2_length+1);
1310	return prop_name;
1311}
1312/* }}} */
1313
1314static zend_always_inline size_t zend_strnlen(const char* s, size_t maxlen) /* {{{ */
1315{
1316	size_t len = 0;
1317	while (*s++ && maxlen--) len++;
1318	return len;
1319}
1320/* }}} */
1321
1322ZEND_API int zend_unmangle_property_name_ex(const zend_string *name, const char **class_name, const char **prop_name, size_t *prop_len) /* {{{ */
1323{
1324	size_t class_name_len;
1325	size_t anonclass_src_len;
1326
1327	*class_name = NULL;
1328
1329	if (!ZSTR_LEN(name) || ZSTR_VAL(name)[0] != '\0') {
1330		*prop_name = ZSTR_VAL(name);
1331		if (prop_len) {
1332			*prop_len = ZSTR_LEN(name);
1333		}
1334		return SUCCESS;
1335	}
1336	if (ZSTR_LEN(name) < 3 || ZSTR_VAL(name)[1] == '\0') {
1337		zend_error(E_NOTICE, "Illegal member variable name");
1338		*prop_name = ZSTR_VAL(name);
1339		if (prop_len) {
1340			*prop_len = ZSTR_LEN(name);
1341		}
1342		return FAILURE;
1343	}
1344
1345	class_name_len = zend_strnlen(ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 2);
1346	if (class_name_len >= ZSTR_LEN(name) - 2 || ZSTR_VAL(name)[class_name_len + 1] != '\0') {
1347		zend_error(E_NOTICE, "Corrupt member variable name");
1348		*prop_name = ZSTR_VAL(name);
1349		if (prop_len) {
1350			*prop_len = ZSTR_LEN(name);
1351		}
1352		return FAILURE;
1353	}
1354
1355	*class_name = ZSTR_VAL(name) + 1;
1356	anonclass_src_len = zend_strnlen(*class_name + class_name_len + 1, ZSTR_LEN(name) - class_name_len - 2);
1357	if (class_name_len + anonclass_src_len + 2 != ZSTR_LEN(name)) {
1358		class_name_len += anonclass_src_len + 1;
1359	}
1360	*prop_name = ZSTR_VAL(name) + class_name_len + 2;
1361	if (prop_len) {
1362		*prop_len = ZSTR_LEN(name) - class_name_len - 2;
1363	}
1364	return SUCCESS;
1365}
1366/* }}} */
1367
1368static zend_constant *zend_lookup_reserved_const(const char *name, size_t len) /* {{{ */
1369{
1370	zend_constant *c = zend_hash_find_ptr_lc(EG(zend_constants), name, len);
1371	if (c && !(ZEND_CONSTANT_FLAGS(c) & CONST_CS) && (ZEND_CONSTANT_FLAGS(c) & CONST_CT_SUBST)) {
1372		return c;
1373	}
1374	return NULL;
1375}
1376/* }}} */
1377
1378static zend_bool zend_try_ct_eval_const(zval *zv, zend_string *name, zend_bool is_fully_qualified) /* {{{ */
1379{
1380	zend_constant *c;
1381
1382	/* Substitute case-sensitive (or lowercase) constants */
1383	c = zend_hash_find_ptr(EG(zend_constants), name);
1384	if (c && (
1385	      ((ZEND_CONSTANT_FLAGS(c) & CONST_PERSISTENT)
1386	      && !(CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION)
1387	      && (!(ZEND_CONSTANT_FLAGS(c) & CONST_NO_FILE_CACHE) || !(CG(compiler_options) & ZEND_COMPILE_WITH_FILE_CACHE)))
1388	   || (Z_TYPE(c->value) < IS_OBJECT && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION))
1389	)) {
1390		ZVAL_COPY_OR_DUP(zv, &c->value);
1391		return 1;
1392	}
1393
1394	{
1395		/* Substitute true, false and null (including unqualified usage in namespaces) */
1396		const char *lookup_name = ZSTR_VAL(name);
1397		size_t lookup_len = ZSTR_LEN(name);
1398
1399		if (!is_fully_qualified) {
1400			zend_get_unqualified_name(name, &lookup_name, &lookup_len);
1401		}
1402
1403		c = zend_lookup_reserved_const(lookup_name, lookup_len);
1404		if (c) {
1405			ZVAL_COPY_OR_DUP(zv, &c->value);
1406			return 1;
1407		}
1408	}
1409
1410	return 0;
1411}
1412/* }}} */
1413
1414static inline zend_bool zend_is_scope_known() /* {{{ */
1415{
1416	if (CG(active_op_array)->fn_flags & ZEND_ACC_CLOSURE) {
1417		/* Closures can be rebound to a different scope */
1418		return 0;
1419	}
1420
1421	if (!CG(active_class_entry)) {
1422		/* The scope is known if we're in a free function (no scope), but not if we're in
1423		 * a file/eval (which inherits including/eval'ing scope). */
1424		return CG(active_op_array)->function_name != NULL;
1425	}
1426
1427	/* For traits self etc refers to the using class, not the trait itself */
1428	return (CG(active_class_entry)->ce_flags & ZEND_ACC_TRAIT) == 0;
1429}
1430/* }}} */
1431
1432static inline zend_bool class_name_refers_to_active_ce(zend_string *class_name, uint32_t fetch_type) /* {{{ */
1433{
1434	if (!CG(active_class_entry)) {
1435		return 0;
1436	}
1437	if (fetch_type == ZEND_FETCH_CLASS_SELF && zend_is_scope_known()) {
1438		return 1;
1439	}
1440	return fetch_type == ZEND_FETCH_CLASS_DEFAULT
1441		&& zend_string_equals_ci(class_name, CG(active_class_entry)->name);
1442}
1443/* }}} */
1444
1445uint32_t zend_get_class_fetch_type(zend_string *name) /* {{{ */
1446{
1447	if (zend_string_equals_literal_ci(name, "self")) {
1448		return ZEND_FETCH_CLASS_SELF;
1449	} else if (zend_string_equals_literal_ci(name, "parent")) {
1450		return ZEND_FETCH_CLASS_PARENT;
1451	} else if (zend_string_equals_literal_ci(name, "static")) {
1452		return ZEND_FETCH_CLASS_STATIC;
1453	} else {
1454		return ZEND_FETCH_CLASS_DEFAULT;
1455	}
1456}
1457/* }}} */
1458
1459static uint32_t zend_get_class_fetch_type_ast(zend_ast *name_ast) /* {{{ */
1460{
1461	/* Fully qualified names are always default refs */
1462	if (name_ast->attr == ZEND_NAME_FQ) {
1463		return ZEND_FETCH_CLASS_DEFAULT;
1464	}
1465
1466	return zend_get_class_fetch_type(zend_ast_get_str(name_ast));
1467}
1468/* }}} */
1469
1470static void zend_ensure_valid_class_fetch_type(uint32_t fetch_type) /* {{{ */
1471{
1472	if (fetch_type != ZEND_FETCH_CLASS_DEFAULT && !CG(active_class_entry) && zend_is_scope_known()) {
1473		zend_error_noreturn(E_COMPILE_ERROR, "Cannot use \"%s\" when no class scope is active",
1474			fetch_type == ZEND_FETCH_CLASS_SELF ? "self" :
1475			fetch_type == ZEND_FETCH_CLASS_PARENT ? "parent" : "static");
1476	}
1477}
1478/* }}} */
1479
1480static zend_bool zend_try_compile_const_expr_resolve_class_name(zval *zv, zend_ast *class_ast, zend_ast *name_ast, zend_bool constant) /* {{{ */
1481{
1482	uint32_t fetch_type;
1483	zval *class_name;
1484
1485	if (name_ast->kind != ZEND_AST_ZVAL) {
1486		return 0;
1487	}
1488
1489	if (!zend_string_equals_literal_ci(zend_ast_get_str(name_ast), "class")) {
1490		return 0;
1491	}
1492
1493	if (class_ast->kind != ZEND_AST_ZVAL) {
1494		zend_error_noreturn(E_COMPILE_ERROR,
1495			"Dynamic class names are not allowed in compile-time ::class fetch");
1496	}
1497
1498	class_name = zend_ast_get_zval(class_ast);
1499
1500	if (Z_TYPE_P(class_name) != IS_STRING) {
1501		zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
1502	}
1503
1504	fetch_type = zend_get_class_fetch_type(Z_STR_P(class_name));
1505	zend_ensure_valid_class_fetch_type(fetch_type);
1506
1507	switch (fetch_type) {
1508		case ZEND_FETCH_CLASS_SELF:
1509			if (CG(active_class_entry) && zend_is_scope_known()) {
1510				ZVAL_STR_COPY(zv, CG(active_class_entry)->name);
1511			} else {
1512				ZVAL_NULL(zv);
1513			}
1514			return 1;
1515		case ZEND_FETCH_CLASS_STATIC:
1516		case ZEND_FETCH_CLASS_PARENT:
1517			if (constant) {
1518				zend_error_noreturn(E_COMPILE_ERROR,
1519					"%s::class cannot be used for compile-time class name resolution",
1520					fetch_type == ZEND_FETCH_CLASS_STATIC ? "static" : "parent"
1521				);
1522			} else {
1523				ZVAL_NULL(zv);
1524			}
1525			return 1;
1526		case ZEND_FETCH_CLASS_DEFAULT:
1527			ZVAL_STR(zv, zend_resolve_class_name_ast(class_ast));
1528			return 1;
1529		EMPTY_SWITCH_DEFAULT_CASE()
1530	}
1531}
1532/* }}} */
1533
1534static zend_bool zend_try_ct_eval_class_const(zval *zv, zend_string *class_name, zend_string *name) /* {{{ */
1535{
1536	uint32_t fetch_type = zend_get_class_fetch_type(class_name);
1537	zend_class_constant *cc;
1538	zval *c;
1539
1540	if (class_name_refers_to_active_ce(class_name, fetch_type)) {
1541		cc = zend_hash_find_ptr(&CG(active_class_entry)->constants_table, name);
1542	} else if (fetch_type == ZEND_FETCH_CLASS_DEFAULT && !(CG(compiler_options) & ZEND_COMPILE_NO_CONSTANT_SUBSTITUTION)) {
1543		zend_class_entry *ce = zend_hash_find_ptr_lc(CG(class_table), ZSTR_VAL(class_name), ZSTR_LEN(class_name));
1544		if (ce) {
1545			cc = zend_hash_find_ptr(&ce->constants_table, name);
1546		} else {
1547			return 0;
1548		}
1549	} else {
1550		return 0;
1551	}
1552
1553	if (CG(compiler_options) & ZEND_COMPILE_NO_PERSISTENT_CONSTANT_SUBSTITUTION) {
1554		return 0;
1555	}
1556
1557	if (!cc || !zend_verify_const_access(cc, CG(active_class_entry))) {
1558		return 0;
1559	}
1560
1561	c = &cc->value;
1562
1563	/* Substitute case-sensitive (or lowercase) persistent class constants */
1564	if (Z_TYPE_P(c) < IS_OBJECT) {
1565		ZVAL_COPY_OR_DUP(zv, c);
1566		return 1;
1567	}
1568
1569	return 0;
1570}
1571/* }}} */
1572
1573static void zend_add_to_list(void *result, void *item) /* {{{ */
1574{
1575	void** list = *(void**)result;
1576	size_t n = 0;
1577
1578	if (list) {
1579		while (list[n]) {
1580			n++;
1581		}
1582	}
1583
1584	list = erealloc(list, sizeof(void*) * (n+2));
1585
1586	list[n]   = item;
1587	list[n+1] = NULL;
1588
1589	*(void**)result = list;
1590}
1591/* }}} */
1592
1593void zend_do_extended_info(void) /* {{{ */
1594{
1595	zend_op *opline;
1596
1597	if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_INFO)) {
1598		return;
1599	}
1600
1601	opline = get_next_op(CG(active_op_array));
1602
1603	opline->opcode = ZEND_EXT_STMT;
1604}
1605/* }}} */
1606
1607void zend_do_extended_fcall_begin(void) /* {{{ */
1608{
1609	zend_op *opline;
1610
1611	if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_INFO)) {
1612		return;
1613	}
1614
1615	opline = get_next_op(CG(active_op_array));
1616
1617	opline->opcode = ZEND_EXT_FCALL_BEGIN;
1618}
1619/* }}} */
1620
1621void zend_do_extended_fcall_end(void) /* {{{ */
1622{
1623	zend_op *opline;
1624
1625	if (!(CG(compiler_options) & ZEND_COMPILE_EXTENDED_INFO)) {
1626		return;
1627	}
1628
1629	opline = get_next_op(CG(active_op_array));
1630
1631	opline->opcode = ZEND_EXT_FCALL_END;
1632}
1633/* }}} */
1634
1635zend_bool zend_is_auto_global_str(char *name, size_t len) /* {{{ */ {
1636	zend_auto_global *auto_global;
1637
1638	if ((auto_global = zend_hash_str_find_ptr(CG(auto_globals), name, len)) != NULL) {
1639		if (auto_global->armed) {
1640			auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1641		}
1642		return 1;
1643	}
1644	return 0;
1645}
1646/* }}} */
1647
1648zend_bool zend_is_auto_global(zend_string *name) /* {{{ */
1649{
1650	zend_auto_global *auto_global;
1651
1652	if ((auto_global = zend_hash_find_ptr(CG(auto_globals), name)) != NULL) {
1653		if (auto_global->armed) {
1654			auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1655		}
1656		return 1;
1657	}
1658	return 0;
1659}
1660/* }}} */
1661
1662int zend_register_auto_global(zend_string *name, zend_bool jit, zend_auto_global_callback auto_global_callback) /* {{{ */
1663{
1664	zend_auto_global auto_global;
1665	int retval;
1666
1667	auto_global.name = name;
1668	auto_global.auto_global_callback = auto_global_callback;
1669	auto_global.jit = jit;
1670
1671	retval = zend_hash_add_mem(CG(auto_globals), auto_global.name, &auto_global, sizeof(zend_auto_global)) != NULL ? SUCCESS : FAILURE;
1672
1673	return retval;
1674}
1675/* }}} */
1676
1677ZEND_API void zend_activate_auto_globals(void) /* {{{ */
1678{
1679	zend_auto_global *auto_global;
1680
1681	ZEND_HASH_FOREACH_PTR(CG(auto_globals), auto_global) {
1682		if (auto_global->jit) {
1683			auto_global->armed = 1;
1684		} else if (auto_global->auto_global_callback) {
1685			auto_global->armed = auto_global->auto_global_callback(auto_global->name);
1686		} else {
1687			auto_global->armed = 0;
1688		}
1689	} ZEND_HASH_FOREACH_END();
1690}
1691/* }}} */
1692
1693int ZEND_FASTCALL zendlex(zend_parser_stack_elem *elem) /* {{{ */
1694{
1695	zval zv;
1696	int ret;
1697
1698	if (CG(increment_lineno)) {
1699		CG(zend_lineno)++;
1700		CG(increment_lineno) = 0;
1701	}
1702
1703	ret = lex_scan(&zv, elem);
1704	ZEND_ASSERT(!EG(exception) || ret == T_ERROR);
1705	return ret;
1706
1707}
1708/* }}} */
1709
1710ZEND_API void zend_initialize_class_data(zend_class_entry *ce, zend_bool nullify_handlers) /* {{{ */
1711{
1712	zend_bool persistent_hashes = (ce->type == ZEND_INTERNAL_CLASS) ? 1 : 0;
1713
1714	ce->refcount = 1;
1715	ce->ce_flags = ZEND_ACC_CONSTANTS_UPDATED;
1716
1717	if (CG(compiler_options) & ZEND_COMPILE_GUARDS) {
1718		ce->ce_flags |= ZEND_ACC_USE_GUARDS;
1719	}
1720
1721	ce->default_properties_table = NULL;
1722	ce->default_static_members_table = NULL;
1723	zend_hash_init_ex(&ce->properties_info, 8, NULL, (persistent_hashes ? zend_destroy_property_info_internal : NULL), persistent_hashes, 0);
1724	zend_hash_init_ex(&ce->constants_table, 8, NULL, NULL, persistent_hashes, 0);
1725	zend_hash_init_ex(&ce->function_table, 8, NULL, ZEND_FUNCTION_DTOR, persistent_hashes, 0);
1726
1727	if (ce->type == ZEND_INTERNAL_CLASS) {
1728#ifdef ZTS
1729		int n = zend_hash_num_elements(CG(class_table));
1730
1731		if (CG(static_members_table) && n >= CG(last_static_member)) {
1732			/* Support for run-time declaration: dl() */
1733			CG(last_static_member) = n+1;
1734			CG(static_members_table) = realloc(CG(static_members_table), (n+1)*sizeof(zval*));
1735			CG(static_members_table)[n] = NULL;
1736		}
1737		ce->static_members_table = (zval*)(zend_intptr_t)n;
1738#else
1739		ce->static_members_table = NULL;
1740#endif
1741	} else {
1742		ce->static_members_table = ce->default_static_members_table;
1743		ce->info.user.doc_comment = NULL;
1744	}
1745
1746	ce->default_properties_count = 0;
1747	ce->default_static_members_count = 0;
1748
1749	if (nullify_handlers) {
1750		ce->constructor = NULL;
1751		ce->destructor = NULL;
1752		ce->clone = NULL;
1753		ce->__get = NULL;
1754		ce->__set = NULL;
1755		ce->__unset = NULL;
1756		ce->__isset = NULL;
1757		ce->__call = NULL;
1758		ce->__callstatic = NULL;
1759		ce->__tostring = NULL;
1760		ce->create_object = NULL;
1761		ce->get_iterator = NULL;
1762		ce->iterator_funcs_ptr = NULL;
1763		ce->get_static_method = NULL;
1764		ce->parent = NULL;
1765		ce->num_interfaces = 0;
1766		ce->interfaces = NULL;
1767		ce->num_traits = 0;
1768		ce->traits = NULL;
1769		ce->trait_aliases = NULL;
1770		ce->trait_precedences = NULL;
1771		ce->serialize = NULL;
1772		ce->unserialize = NULL;
1773		ce->serialize_func = NULL;
1774		ce->unserialize_func = NULL;
1775		ce->__debugInfo = NULL;
1776		if (ce->type == ZEND_INTERNAL_CLASS) {
1777			ce->info.internal.module = NULL;
1778			ce->info.internal.builtin_functions = NULL;
1779		}
1780	}
1781}
1782/* }}} */
1783
1784ZEND_API zend_string *zend_get_compiled_variable_name(const zend_op_array *op_array, uint32_t var) /* {{{ */
1785{
1786	return op_array->vars[EX_VAR_TO_NUM(var)];
1787}
1788/* }}} */
1789
1790zend_ast *zend_ast_append_str(zend_ast *left_ast, zend_ast *right_ast) /* {{{ */
1791{
1792	zval *left_zv = zend_ast_get_zval(left_ast);
1793	zend_string *left = Z_STR_P(left_zv);
1794	zend_string *right = zend_ast_get_str(right_ast);
1795
1796	zend_string *result;
1797	size_t left_len = ZSTR_LEN(left);
1798	size_t len = left_len + ZSTR_LEN(right) + 1; /* left\right */
1799
1800	result = zend_string_extend(left, len, 0);
1801	ZSTR_VAL(result)[left_len] = '\\';
1802	memcpy(&ZSTR_VAL(result)[left_len + 1], ZSTR_VAL(right), ZSTR_LEN(right));
1803	ZSTR_VAL(result)[len] = '\0';
1804	zend_string_release_ex(right, 0);
1805
1806	ZVAL_STR(left_zv, result);
1807	return left_ast;
1808}
1809/* }}} */
1810
1811zend_ast *zend_negate_num_string(zend_ast *ast) /* {{{ */
1812{
1813	zval *zv = zend_ast_get_zval(ast);
1814	if (Z_TYPE_P(zv) == IS_LONG) {
1815		if (Z_LVAL_P(zv) == 0) {
1816			ZVAL_NEW_STR(zv, zend_string_init("-0", sizeof("-0")-1, 0));
1817		} else {
1818			ZEND_ASSERT(Z_LVAL_P(zv) > 0);
1819			Z_LVAL_P(zv) *= -1;
1820		}
1821	} else if (Z_TYPE_P(zv) == IS_STRING) {
1822		size_t orig_len = Z_STRLEN_P(zv);
1823		Z_STR_P(zv) = zend_string_extend(Z_STR_P(zv), orig_len + 1, 0);
1824		memmove(Z_STRVAL_P(zv) + 1, Z_STRVAL_P(zv), orig_len + 1);
1825		Z_STRVAL_P(zv)[0] = '-';
1826	} else {
1827		ZEND_ASSERT(0);
1828	}
1829	return ast;
1830}
1831/* }}} */
1832
1833void zend_verify_namespace(void) /* {{{ */
1834{
1835	if (FC(has_bracketed_namespaces) && !FC(in_namespace)) {
1836		zend_error_noreturn(E_COMPILE_ERROR, "No code may exist outside of namespace {}");
1837	}
1838}
1839/* }}} */
1840
1841/* {{{ zend_dirname
1842   Returns directory name component of path */
1843ZEND_API size_t zend_dirname(char *path, size_t len)
1844{
1845	register char *end = path + len - 1;
1846	unsigned int len_adjust = 0;
1847
1848#ifdef ZEND_WIN32
1849	/* Note that on Win32 CWD is per drive (heritage from CP/M).
1850	 * This means dirname("c:foo") maps to "c:." or "c:" - which means CWD on C: drive.
1851	 */
1852	if ((2 <= len) && isalpha((int)((unsigned char *)path)[0]) && (':' == path[1])) {
1853		/* Skip over the drive spec (if any) so as not to change */
1854		path += 2;
1855		len_adjust += 2;
1856		if (2 == len) {
1857			/* Return "c:" on Win32 for dirname("c:").
1858			 * It would be more consistent to return "c:."
1859			 * but that would require making the string *longer*.
1860			 */
1861			return len;
1862		}
1863	}
1864#endif
1865
1866	if (len == 0) {
1867		/* Illegal use of this function */
1868		return 0;
1869	}
1870
1871	/* Strip trailing slashes */
1872	while (end >= path && IS_SLASH_P(end)) {
1873		end--;
1874	}
1875	if (end < path) {
1876		/* The path only contained slashes */
1877		path[0] = DEFAULT_SLASH;
1878		path[1] = '\0';
1879		return 1 + len_adjust;
1880	}
1881
1882	/* Strip filename */
1883	while (end >= path && !IS_SLASH_P(end)) {
1884		end--;
1885	}
1886	if (end < path) {
1887		/* No slash found, therefore return '.' */
1888		path[0] = '.';
1889		path[1] = '\0';
1890		return 1 + len_adjust;
1891	}
1892
1893	/* Strip slashes which came before the file name */
1894	while (end >= path && IS_SLASH_P(end)) {
1895		end--;
1896	}
1897	if (end < path) {
1898		path[0] = DEFAULT_SLASH;
1899		path[1] = '\0';
1900		return 1 + len_adjust;
1901	}
1902	*(end+1) = '\0';
1903
1904	return (size_t)(end + 1 - path) + len_adjust;
1905}
1906/* }}} */
1907
1908static void zend_adjust_for_fetch_type(zend_op *opline, znode *result, uint32_t type) /* {{{ */
1909{
1910	zend_uchar factor = (opline->opcode == ZEND_FETCH_STATIC_PROP_R) ? 1 : 3;
1911
1912	switch (type) {
1913		case BP_VAR_R:
1914			opline->result_type = IS_TMP_VAR;
1915			result->op_type = IS_TMP_VAR;
1916			return;
1917		case BP_VAR_W:
1918			opline->opcode += 1 * factor;
1919			return;
1920		case BP_VAR_RW:
1921			opline->opcode += 2 * factor;
1922			return;
1923		case BP_VAR_IS:
1924			opline->result_type = IS_TMP_VAR;
1925			result->op_type = IS_TMP_VAR;
1926			opline->opcode += 3 * factor;
1927			return;
1928		case BP_VAR_FUNC_ARG:
1929			opline->opcode += 4 * factor;
1930			return;
1931		case BP_VAR_UNSET:
1932			opline->opcode += 5 * factor;
1933			return;
1934		EMPTY_SWITCH_DEFAULT_CASE()
1935	}
1936}
1937/* }}} */
1938
1939static inline void zend_make_var_result(znode *result, zend_op *opline) /* {{{ */
1940{
1941	opline->result_type = IS_VAR;
1942	opline->result.var = get_temporary_variable(CG(active_op_array));
1943	GET_NODE(result, opline->result);
1944}
1945/* }}} */
1946
1947static inline void zend_make_tmp_result(znode *result, zend_op *opline) /* {{{ */
1948{
1949	opline->result_type = IS_TMP_VAR;
1950	opline->result.var = get_temporary_variable(CG(active_op_array));
1951	GET_NODE(result, opline->result);
1952}
1953/* }}} */
1954
1955static void zend_find_live_range(zend_op *opline, zend_uchar type, uint32_t var) /* {{{ */
1956{
1957	zend_op *def = opline;
1958
1959	while (def != CG(active_op_array)->opcodes) {
1960		def--;
1961		if (def->result_type == type && def->result.var == var) {
1962			if (def->opcode == ZEND_ADD_ARRAY_ELEMENT ||
1963			    def->opcode == ZEND_ROPE_ADD) {
1964			    /* not a real definition */
1965				continue;
1966			} else if (def->opcode == ZEND_JMPZ_EX ||
1967			           def->opcode == ZEND_JMPNZ_EX ||
1968			           def->opcode == ZEND_BOOL ||
1969			           def->opcode == ZEND_BOOL_NOT) {
1970				/* result IS_BOOL, it does't have to be destroyed */
1971				break;
1972			} else if (def->opcode == ZEND_DECLARE_CLASS ||
1973			           def->opcode == ZEND_DECLARE_INHERITED_CLASS ||
1974			           def->opcode == ZEND_DECLARE_INHERITED_CLASS_DELAYED ||
1975			           def->opcode == ZEND_DECLARE_ANON_CLASS ||
1976			           def->opcode == ZEND_DECLARE_ANON_INHERITED_CLASS) {
1977				/* classes don't have to be destroyed */
1978				break;
1979			} else if (def->opcode == ZEND_FAST_CALL) {
1980				/* fast_calls don't have to be destroyed */
1981				break;
1982			} else if (def->opcode == ZEND_NEW) {
1983				/* Objects created via ZEND_NEW are only fully initialized
1984				 * after the DO_FCALL (constructor call) */
1985				int level = 0;
1986				while (def + 1 != opline) {
1987					def++;
1988					if (def->opcode == ZEND_DO_FCALL) {
1989						if (level == 0) {
1990							break;
1991						}
1992						level--;
1993					} else {
1994						switch(def->opcode) {
1995							case ZEND_INIT_FCALL:
1996							case ZEND_INIT_FCALL_BY_NAME:
1997							case ZEND_INIT_NS_FCALL_BY_NAME:
1998							case ZEND_INIT_DYNAMIC_CALL:
1999							case ZEND_INIT_USER_CALL:
2000							case ZEND_INIT_METHOD_CALL:
2001							case ZEND_INIT_STATIC_METHOD_CALL:
2002							case ZEND_NEW:
2003								level++;
2004								break;
2005							case ZEND_DO_ICALL:
2006							case ZEND_DO_UCALL:
2007							case ZEND_DO_FCALL_BY_NAME:
2008								level--;
2009								break;
2010						}
2011					}
2012				}
2013				if (def + 1 == opline) {
2014					break;
2015				}
2016			}
2017
2018	        zend_end_live_range(CG(active_op_array),
2019				zend_start_live_range(CG(active_op_array),
2020					def + 1 - CG(active_op_array)->opcodes),
2021				opline - CG(active_op_array)->opcodes,
2022				ZEND_LIVE_TMPVAR, var);
2023		    break;
2024		}
2025	}
2026}
2027/* }}} */
2028
2029static zend_always_inline int zend_is_def_range(zend_op *opline, zend_uchar type, uint32_t var) /* {{{ */
2030{
2031	while (1) {
2032		if (opline->result_type == type && opline->result.var == var) {
2033			return opline->opcode != ZEND_ADD_ARRAY_ELEMENT &&
2034				opline->opcode != ZEND_ROPE_ADD;
2035		} else if (opline->opcode == ZEND_OP_DATA) {
2036			return (opline-1)->result_type == type &&
2037				(opline-1)->result.var == var;
2038		} else if (opline->opcode == ZEND_END_SILENCE ||
2039		           opline->opcode == ZEND_NOP ||
2040	    	       opline->opcode == ZEND_EXT_NOP ||
2041	        	   opline->opcode == ZEND_EXT_STMT ||
2042	        	   opline->opcode == ZEND_EXT_FCALL_BEGIN ||
2043	        	   opline->opcode == ZEND_EXT_FCALL_END ||
2044	        	   opline->opcode == ZEND_TICKS) {
2045			opline--;
2046		} else {
2047			return 0;
2048		}
2049	}
2050}
2051/* }}} */
2052
2053static void zend_check_live_ranges(zend_op *opline) /* {{{ */
2054{
2055	if ((opline->op1_type & (IS_VAR|IS_TMP_VAR)) &&
2056		!zend_is_def_range(opline - 1, opline->op1_type, opline->op1.var)) {
2057
2058		if (opline->opcode == ZEND_OP_DATA) {
2059			if (!zend_is_def_range(opline - 2, opline->op1_type, opline->op1.var)) {
2060				zend_find_live_range(opline - 1, opline->op1_type, opline->op1.var);
2061			}
2062		} else if (opline->opcode == ZEND_INIT_STATIC_METHOD_CALL ||
2063		           opline->opcode == ZEND_NEW ||
2064		           opline->opcode == ZEND_FETCH_CLASS_CONSTANT ||
2065		           opline->opcode == ZEND_ADD_INTERFACE ||
2066		           opline->opcode == ZEND_ADD_TRAIT ||
2067		           opline->opcode == ZEND_BIND_TRAITS ||
2068		           opline->opcode == ZEND_VERIFY_ABSTRACT_CLASS) {
2069			/* classes don't have to be destroyed */
2070		} else if (opline->opcode == ZEND_FAST_RET) {
2071			/* fast_calls don't have to be destroyed */
2072		} else if (opline->opcode == ZEND_CASE ||
2073		           opline->opcode == ZEND_SWITCH_LONG ||
2074		           opline->opcode == ZEND_SWITCH_STRING ||
2075		           opline->opcode == ZEND_FE_FETCH_R ||
2076		           opline->opcode == ZEND_FE_FETCH_RW ||
2077			       opline->opcode == ZEND_FE_FREE ||
2078			       opline->opcode == ZEND_ROPE_ADD ||
2079			       opline->opcode == ZEND_ROPE_END ||
2080			       opline->opcode == ZEND_END_SILENCE ||
2081			       opline->opcode == ZEND_FETCH_LIST_R ||
2082			       opline->opcode == ZEND_FETCH_LIST_W ||
2083			       opline->opcode == ZEND_VERIFY_RETURN_TYPE ||
2084			       opline->opcode == ZEND_BIND_LEXICAL) {
2085			/* these opcodes are handled separately */
2086		} else {
2087			zend_find_live_range(opline, opline->op1_type, opline->op1.var);
2088		}
2089	}
2090
2091	if ((opline->op2_type & (IS_VAR|IS_TMP_VAR)) &&
2092		!zend_is_def_range(opline - 1, opline->op2_type, opline->op2.var)) {
2093
2094		if (opline->opcode == ZEND_OP_DATA) {
2095			if (!zend_is_def_range(opline - 2, opline->op2_type, opline->op2.var)) {
2096				zend_find_live_range(opline-1, opline->op2_type, opline->op2.var);
2097			}
2098		} else if (opline->opcode == ZEND_FETCH_STATIC_PROP_R ||
2099		           opline->opcode == ZEND_FETCH_STATIC_PROP_W ||
2100		           opline->opcode == ZEND_FETCH_STATIC_PROP_RW ||
2101		           opline->opcode == ZEND_FETCH_STATIC_PROP_IS ||
2102		           opline->opcode == ZEND_FETCH_STATIC_PROP_FUNC_ARG ||
2103		           opline->opcode == ZEND_FETCH_STATIC_PROP_UNSET ||
2104		           opline->opcode == ZEND_UNSET_STATIC_PROP ||
2105		           opline->opcode == ZEND_ISSET_ISEMPTY_STATIC_PROP ||
2106		           opline->opcode == ZEND_INSTANCEOF) {
2107			/* classes don't have to be destroyed */
2108		} else {
2109			zend_find_live_range(opline, opline->op2_type, opline->op2.var);
2110		}
2111	}
2112}
2113/* }}} */
2114
2115static zend_op *zend_emit_op(znode *result, zend_uchar opcode, znode *op1, znode *op2) /* {{{ */
2116{
2117	zend_op *opline = get_next_op(CG(active_op_array));
2118	opline->opcode = opcode;
2119
2120	if (op1 != NULL) {
2121		SET_NODE(opline->op1, op1);
2122	}
2123
2124	if (op2 != NULL) {
2125		SET_NODE(opline->op2, op2);
2126	}
2127
2128	zend_check_live_ranges(opline);
2129
2130	if (result) {
2131		zend_make_var_result(result, opline);
2132	}
2133	return opline;
2134}
2135/* }}} */
2136
2137static zend_op *zend_emit_op_tmp(znode *result, zend_uchar opcode, znode *op1, znode *op2) /* {{{ */
2138{
2139	zend_op *opline = get_next_op(CG(active_op_array));
2140	opline->opcode = opcode;
2141
2142	if (op1 != NULL) {
2143		SET_NODE(opline->op1, op1);
2144	}
2145
2146	if (op2 != NULL) {
2147		SET_NODE(opline->op2, op2);
2148	}
2149
2150	zend_check_live_ranges(opline);
2151
2152	if (result) {
2153		zend_make_tmp_result(result, opline);
2154	}
2155
2156	return opline;
2157}
2158/* }}} */
2159
2160static void zend_emit_tick(void) /* {{{ */
2161{
2162	zend_op *opline;
2163
2164	/* This prevents a double TICK generated by the parser statement of "declare()" */
2165	if (CG(active_op_array)->last && CG(active_op_array)->opcodes[CG(active_op_array)->last - 1].opcode == ZEND_TICKS) {
2166		return;
2167	}
2168
2169	opline = get_next_op(CG(active_op_array));
2170
2171	opline->opcode = ZEND_TICKS;
2172	opline->extended_value = FC(declarables).ticks;
2173}
2174/* }}} */
2175
2176static inline zend_op *zend_emit_op_data(znode *value) /* {{{ */
2177{
2178	return zend_emit_op(NULL, ZEND_OP_DATA, value, NULL);
2179}
2180/* }}} */
2181
2182static inline uint32_t zend_emit_jump(uint32_t opnum_target) /* {{{ */
2183{
2184	uint32_t opnum = get_next_op_number(CG(active_op_array));
2185	zend_op *opline = zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
2186	opline->op1.opline_num = opnum_target;
2187	return opnum;
2188}
2189/* }}} */
2190
2191ZEND_API int zend_is_smart_branch(zend_op *opline) /* {{{ */
2192{
2193	switch (opline->opcode) {
2194		case ZEND_IS_IDENTICAL:
2195		case ZEND_IS_NOT_IDENTICAL:
2196		case ZEND_IS_EQUAL:
2197		case ZEND_IS_NOT_EQUAL:
2198		case ZEND_IS_SMALLER:
2199		case ZEND_IS_SMALLER_OR_EQUAL:
2200		case ZEND_CASE:
2201		case ZEND_ISSET_ISEMPTY_CV:
2202		case ZEND_ISSET_ISEMPTY_VAR:
2203		case ZEND_ISSET_ISEMPTY_DIM_OBJ:
2204		case ZEND_ISSET_ISEMPTY_PROP_OBJ:
2205		case ZEND_ISSET_ISEMPTY_STATIC_PROP:
2206		case ZEND_INSTANCEOF:
2207		case ZEND_TYPE_CHECK:
2208		case ZEND_DEFINED:
2209		case ZEND_IN_ARRAY:
2210			return 1;
2211		default:
2212			return 0;
2213	}
2214}
2215/* }}} */
2216
2217static inline uint32_t zend_emit_cond_jump(zend_uchar opcode, znode *cond, uint32_t opnum_target) /* {{{ */
2218{
2219	uint32_t opnum = get_next_op_number(CG(active_op_array));
2220	zend_op *opline;
2221
2222	if ((cond->op_type & (IS_CV|IS_CONST))
2223	 && opnum > 0
2224	 && zend_is_smart_branch(CG(active_op_array)->opcodes + opnum - 1)) {
2225		/* emit extra NOP to avoid incorrect SMART_BRANCH in very rare cases */
2226		zend_emit_op(NULL, ZEND_NOP, NULL, NULL);
2227		opnum = get_next_op_number(CG(active_op_array));
2228	}
2229	opline = zend_emit_op(NULL, opcode, cond, NULL);
2230	opline->op2.opline_num = opnum_target;
2231	return opnum;
2232}
2233/* }}} */
2234
2235static inline void zend_update_jump_target(uint32_t opnum_jump, uint32_t opnum_target) /* {{{ */
2236{
2237	zend_op *opline = &CG(active_op_array)->opcodes[opnum_jump];
2238	switch (opline->opcode) {
2239		case ZEND_JMP:
2240			opline->op1.opline_num = opnum_target;
2241			break;
2242		case ZEND_JMPZ:
2243		case ZEND_JMPNZ:
2244		case ZEND_JMPZ_EX:
2245		case ZEND_JMPNZ_EX:
2246		case ZEND_JMP_SET:
2247			opline->op2.opline_num = opnum_target;
2248			break;
2249		EMPTY_SWITCH_DEFAULT_CASE()
2250	}
2251}
2252/* }}} */
2253
2254static inline void zend_update_jump_target_to_next(uint32_t opnum_jump) /* {{{ */
2255{
2256	zend_update_jump_target(opnum_jump, get_next_op_number(CG(active_op_array)));
2257}
2258/* }}} */
2259
2260static inline zend_op *zend_delayed_emit_op(znode *result, zend_uchar opcode, znode *op1, znode *op2) /* {{{ */
2261{
2262	zend_op tmp_opline;
2263
2264	init_op(&tmp_opline);
2265
2266	tmp_opline.opcode = opcode;
2267	if (op1 != NULL) {
2268		SET_NODE(tmp_opline.op1, op1);
2269	}
2270	if (op2 != NULL) {
2271		SET_NODE(tmp_opline.op2, op2);
2272	}
2273	if (result) {
2274		zend_make_var_result(result, &tmp_opline);
2275	}
2276
2277	zend_stack_push(&CG(delayed_oplines_stack), &tmp_opline);
2278	return zend_stack_top(&CG(delayed_oplines_stack));
2279}
2280/* }}} */
2281
2282static inline uint32_t zend_delayed_compile_begin(void) /* {{{ */
2283{
2284	return zend_stack_count(&CG(delayed_oplines_stack));
2285}
2286/* }}} */
2287
2288static zend_op *zend_delayed_compile_end(uint32_t offset) /* {{{ */
2289{
2290	zend_op *opline = NULL, *oplines = zend_stack_base(&CG(delayed_oplines_stack));
2291	uint32_t i, count = zend_stack_count(&CG(delayed_oplines_stack));
2292
2293	ZEND_ASSERT(count >= offset);
2294	for (i = offset; i < count; ++i) {
2295		opline = get_next_op(CG(active_op_array));
2296		memcpy(opline, &oplines[i], sizeof(zend_op));
2297		zend_check_live_ranges(opline);
2298	}
2299	CG(delayed_oplines_stack).top = offset;
2300	return opline;
2301}
2302/* }}} */
2303
2304static void zend_emit_return_type_check(
2305		znode *expr, zend_arg_info *return_info, zend_bool implicit) /* {{{ */
2306{
2307	if (ZEND_TYPE_IS_SET(return_info->type)) {
2308		zend_op *opline;
2309
2310		/* `return ...;` is illegal in a void function (but `return;` isn't) */
2311		if (ZEND_TYPE_CODE(return_info->type) == IS_VOID) {
2312			if (expr) {
2313				if (expr->op_type == IS_CONST && Z_TYPE(expr->u.constant) == IS_NULL) {
2314					zend_error_noreturn(E_COMPILE_ERROR,
2315						"A void function must not return a value "
2316						"(did you mean \"return;\" instead of \"return null;\"?)");
2317				} else {
2318					zend_error_noreturn(E_COMPILE_ERROR, "A void function must not return a value");
2319				}
2320			}
2321			/* we don't need run-time check */
2322			return;
2323		}
2324
2325		if (!expr && !implicit) {
2326			if (ZEND_TYPE_ALLOW_NULL(return_info->type)) {
2327				zend_error_noreturn(E_COMPILE_ERROR,
2328					"A function with return type must return a value "
2329					"(did you mean \"return null;\" instead of \"return;\"?)");
2330			} else {
2331				zend_error_noreturn(E_COMPILE_ERROR,
2332					"A function with return type must return a value");
2333			}
2334		}
2335
2336		if (expr && expr->op_type == IS_CONST) {
2337			if ((ZEND_TYPE_CODE(return_info->type) == Z_TYPE(expr->u.constant))
2338			 ||((ZEND_TYPE_CODE(return_info->type) == _IS_BOOL)
2339			  && (Z_TYPE(expr->u.constant) == IS_FALSE
2340			   || Z_TYPE(expr->u.constant) == IS_TRUE))
2341			 || (ZEND_TYPE_ALLOW_NULL(return_info->type)
2342			  && Z_TYPE(expr->u.constant) == IS_NULL)) {
2343				/* we don't need run-time check */
2344				return;
2345			}
2346		}
2347
2348		opline = zend_emit_op(NULL, ZEND_VERIFY_RETURN_TYPE, expr, NULL);
2349		if (expr && expr->op_type == IS_CONST) {
2350			opline->result_type = expr->op_type = IS_TMP_VAR;
2351			opline->result.var = expr->u.op.var = get_temporary_variable(CG(active_op_array));
2352		}
2353		if (ZEND_TYPE_IS_CLASS(return_info->type)) {
2354			opline->op2.num = CG(active_op_array)->cache_size;
2355			CG(active_op_array)->cache_size += sizeof(void*);
2356		} else {
2357			opline->op2.num = -1;
2358		}
2359	}
2360}
2361/* }}} */
2362
2363void zend_emit_final_return(int return_one) /* {{{ */
2364{
2365	znode zn;
2366	zend_op *ret;
2367	zend_bool returns_reference = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
2368
2369	if (CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE
2370			&& !(CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR)) {
2371		zend_emit_return_type_check(NULL, CG(active_op_array)->arg_info - 1, 1);
2372	}
2373
2374	zn.op_type = IS_CONST;
2375	if (return_one) {
2376		ZVAL_LONG(&zn.u.constant, 1);
2377	} else {
2378		ZVAL_NULL(&zn.u.constant);
2379	}
2380
2381	ret = zend_emit_op(NULL, returns_reference ? ZEND_RETURN_BY_REF : ZEND_RETURN, &zn, NULL);
2382	ret->extended_value = -1;
2383}
2384/* }}} */
2385
2386static inline zend_bool zend_is_variable(zend_ast *ast) /* {{{ */
2387{
2388	return ast->kind == ZEND_AST_VAR || ast->kind == ZEND_AST_DIM
2389		|| ast->kind == ZEND_AST_PROP || ast->kind == ZEND_AST_STATIC_PROP
2390		|| ast->kind == ZEND_AST_CALL || ast->kind == ZEND_AST_METHOD_CALL
2391		|| ast->kind == ZEND_AST_STATIC_CALL;
2392}
2393/* }}} */
2394
2395static inline zend_bool zend_is_call(zend_ast *ast) /* {{{ */
2396{
2397	return ast->kind == ZEND_AST_CALL
2398		|| ast->kind == ZEND_AST_METHOD_CALL
2399		|| ast->kind == ZEND_AST_STATIC_CALL;
2400}
2401/* }}} */
2402
2403static inline zend_bool zend_is_unticked_stmt(zend_ast *ast) /* {{{ */
2404{
2405	return ast->kind == ZEND_AST_STMT_LIST || ast->kind == ZEND_AST_LABEL
2406		|| ast->kind == ZEND_AST_PROP_DECL || ast->kind == ZEND_AST_CLASS_CONST_DECL
2407		|| ast->kind == ZEND_AST_USE_TRAIT || ast->kind == ZEND_AST_METHOD;
2408}
2409/* }}} */
2410
2411static inline zend_bool zend_can_write_to_variable(zend_ast *ast) /* {{{ */
2412{
2413	while (ast->kind == ZEND_AST_DIM || ast->kind == ZEND_AST_PROP) {
2414		ast = ast->child[0];
2415	}
2416
2417	return zend_is_variable(ast);
2418}
2419/* }}} */
2420
2421static inline zend_bool zend_is_const_default_class_ref(zend_ast *name_ast) /* {{{ */
2422{
2423	if (name_ast->kind != ZEND_AST_ZVAL) {
2424		return 0;
2425	}
2426
2427	return ZEND_FETCH_CLASS_DEFAULT == zend_get_class_fetch_type_ast(name_ast);
2428}
2429/* }}} */
2430
2431static inline void zend_handle_numeric_op(znode *node) /* {{{ */
2432{
2433	if (node->op_type == IS_CONST && Z_TYPE(node->u.constant) == IS_STRING) {
2434		zend_ulong index;
2435
2436		if (ZEND_HANDLE_NUMERIC(Z_STR(node->u.constant), index)) {
2437			zval_ptr_dtor(&node->u.constant);
2438			ZVAL_LONG(&node->u.constant, index);
2439		}
2440	}
2441}
2442/* }}} */
2443
2444static inline void zend_handle_numeric_dim(zend_op *opline, znode *dim_node) /* {{{ */
2445{
2446	if (Z_TYPE(dim_node->u.constant) == IS_STRING) {
2447		zend_ulong index;
2448
2449		if (ZEND_HANDLE_NUMERIC(Z_STR(dim_node->u.constant), index)) {
2450			/* For numeric indexs we also keep the original value to use by ArrayAccess
2451			 * See bug #63217
2452			 */
2453			int c = zend_add_literal(CG(active_op_array), &dim_node->u.constant);
2454			ZEND_ASSERT(opline->op2.constant + 1 == c);
2455			ZVAL_LONG(CT_CONSTANT(opline->op2), index);
2456			Z_EXTRA_P(CT_CONSTANT(opline->op2)) = ZEND_EXTRA_VALUE;
2457			return;
2458		}
2459	}
2460}
2461/* }}} */
2462
2463static inline void zend_set_class_name_op1(zend_op *opline, znode *class_node) /* {{{ */
2464{
2465	if (class_node->op_type == IS_CONST) {
2466		opline->op1_type = IS_CONST;
2467		opline->op1.constant = zend_add_class_name_literal(
2468			CG(active_op_array), Z_STR(class_node->u.constant));
2469	} else {
2470		SET_NODE(opline->op1, class_node);
2471	}
2472}
2473/* }}} */
2474
2475static void zend_compile_class_ref_ex(znode *result, zend_ast *name_ast, uint32_t fetch_flags) /* {{{ */
2476{
2477	uint32_t fetch_type;
2478
2479	if (name_ast->kind != ZEND_AST_ZVAL) {
2480		znode name_node;
2481
2482		zend_compile_expr(&name_node, name_ast);
2483
2484		if (name_node.op_type == IS_CONST) {
2485			zend_string *name;
2486
2487			if (Z_TYPE(name_node.u.constant) != IS_STRING) {
2488				zend_error_noreturn(E_COMPILE_ERROR, "Illegal class name");
2489			}
2490
2491			name = Z_STR(name_node.u.constant);
2492			fetch_type = zend_get_class_fetch_type(name);
2493
2494			if (fetch_type == ZEND_FETCH_CLASS_DEFAULT) {
2495				result->op_type = IS_CONST;
2496				ZVAL_STR(&result->u.constant, zend_resolve_class_name(name, ZEND_NAME_FQ));
2497			} else {
2498				zend_ensure_valid_class_fetch_type(fetch_type);
2499				result->op_type = IS_UNUSED;
2500				result->u.op.num = fetch_type | fetch_flags;
2501			}
2502
2503			zend_string_release_ex(name, 0);
2504		} else {
2505			zend_op *opline = zend_emit_op(result, ZEND_FETCH_CLASS, NULL, &name_node);
2506			opline->op1.num = ZEND_FETCH_CLASS_DEFAULT | fetch_flags;
2507		}
2508		return;
2509	}
2510
2511	/* Fully qualified names are always default refs */
2512	if (name_ast->attr == ZEND_NAME_FQ) {
2513		result->op_type = IS_CONST;
2514		ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2515		return;
2516	}
2517
2518	fetch_type = zend_get_class_fetch_type(zend_ast_get_str(name_ast));
2519	if (ZEND_FETCH_CLASS_DEFAULT == fetch_type) {
2520		result->op_type = IS_CONST;
2521		ZVAL_STR(&result->u.constant, zend_resolve_class_name_ast(name_ast));
2522	} else {
2523		zend_ensure_valid_class_fetch_type(fetch_type);
2524		result->op_type = IS_UNUSED;
2525		result->u.op.num = fetch_type | fetch_flags;
2526	}
2527}
2528/* }}} */
2529
2530static int zend_try_compile_cv(znode *result, zend_ast *ast) /* {{{ */
2531{
2532	zend_ast *name_ast = ast->child[0];
2533	if (name_ast->kind == ZEND_AST_ZVAL) {
2534		zval *zv = zend_ast_get_zval(name_ast);
2535		zend_string *name;
2536
2537		if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
2538			name = zval_make_interned_string(zv);
2539		} else {
2540			name = zend_new_interned_string(zval_get_string_func(zv));
2541		}
2542
2543		if (zend_is_auto_global(name)) {
2544			return FAILURE;
2545		}
2546
2547		result->op_type = IS_CV;
2548		result->u.op.var = lookup_cv(CG(active_op_array), name);
2549
2550		if (UNEXPECTED(Z_TYPE_P(zv) != IS_STRING)) {
2551			zend_string_release_ex(name, 0);
2552		}
2553
2554		return SUCCESS;
2555	}
2556
2557	return FAILURE;
2558}
2559/* }}} */
2560
2561static zend_op *zend_compile_simple_var_no_cv(znode *result, zend_ast *ast, uint32_t type, int delayed) /* {{{ */
2562{
2563	zend_ast *name_ast = ast->child[0];
2564	znode name_node;
2565	zend_op *opline;
2566
2567	zend_compile_expr(&name_node, name_ast);
2568	if (name_node.op_type == IS_CONST) {
2569		convert_to_string(&name_node.u.constant);
2570	}
2571
2572	if (delayed) {
2573		opline = zend_delayed_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2574	} else {
2575		opline = zend_emit_op(result, ZEND_FETCH_R, &name_node, NULL);
2576	}
2577
2578	if (name_node.op_type == IS_CONST &&
2579	    zend_is_auto_global(Z_STR(name_node.u.constant))) {
2580
2581		opline->extended_value = ZEND_FETCH_GLOBAL;
2582	} else {
2583		opline->extended_value = ZEND_FETCH_LOCAL;
2584	}
2585
2586	zend_adjust_for_fetch_type(opline, result, type);
2587	return opline;
2588}
2589/* }}} */
2590
2591static zend_bool is_this_fetch(zend_ast *ast) /* {{{ */
2592{
2593	if (ast->kind == ZEND_AST_VAR && ast->child[0]->kind == ZEND_AST_ZVAL) {
2594		zval *name = zend_ast_get_zval(ast->child[0]);
2595		return Z_TYPE_P(name) == IS_STRING && zend_string_equals_literal(Z_STR_P(name), "this");
2596	}
2597
2598	return 0;
2599}
2600/* }}} */
2601
2602static void zend_compile_simple_var(znode *result, zend_ast *ast, uint32_t type, int delayed) /* {{{ */
2603{
2604	if (is_this_fetch(ast)) {
2605		zend_op *opline = zend_emit_op(result, ZEND_FETCH_THIS, NULL, NULL);
2606		if ((type == BP_VAR_R) || (type == BP_VAR_IS)) {
2607			opline->result_type = IS_TMP_VAR;
2608			result->op_type = IS_TMP_VAR;
2609		}
2610	} else if (zend_try_compile_cv(result, ast) == FAILURE) {
2611		zend_compile_simple_var_no_cv(result, ast, type, delayed);
2612	}
2613}
2614/* }}} */
2615
2616static void zend_separate_if_call_and_write(znode *node, zend_ast *ast, uint32_t type) /* {{{ */
2617{
2618	if (type != BP_VAR_R && type != BP_VAR_IS && zend_is_call(ast)) {
2619		if (node->op_type == IS_VAR) {
2620			zend_op *opline = zend_emit_op(NULL, ZEND_SEPARATE, node, NULL);
2621			opline->result_type = IS_VAR;
2622			opline->result.var = opline->op1.var;
2623		} else {
2624			zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
2625		}
2626	}
2627}
2628/* }}} */
2629
2630void zend_delayed_compile_var(znode *result, zend_ast *ast, uint32_t type);
2631void zend_compile_assign(znode *result, zend_ast *ast);
2632
2633static inline void zend_emit_assign_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
2634{
2635	znode dummy_node;
2636	zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN, var_ast,
2637		zend_ast_create_znode(value_node));
2638	zend_compile_assign(&dummy_node, assign_ast);
2639	zend_do_free(&dummy_node);
2640}
2641/* }}} */
2642
2643static zend_op *zend_delayed_compile_dim(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2644{
2645	zend_ast *var_ast = ast->child[0];
2646	zend_ast *dim_ast = ast->child[1];
2647	zend_op *opline;
2648
2649	znode var_node, dim_node;
2650
2651	zend_delayed_compile_var(&var_node, var_ast, type);
2652	zend_separate_if_call_and_write(&var_node, var_ast, type);
2653
2654	if (dim_ast == NULL) {
2655		if (type == BP_VAR_R || type == BP_VAR_IS) {
2656			zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for reading");
2657		}
2658		if (type == BP_VAR_UNSET) {
2659			zend_error_noreturn(E_COMPILE_ERROR, "Cannot use [] for unsetting");
2660		}
2661		dim_node.op_type = IS_UNUSED;
2662	} else {
2663		zend_compile_expr(&dim_node, dim_ast);
2664	}
2665
2666	opline = zend_delayed_emit_op(result, ZEND_FETCH_DIM_R, &var_node, &dim_node);
2667	zend_adjust_for_fetch_type(opline, result, type);
2668
2669	if (dim_node.op_type == IS_CONST) {
2670		zend_handle_numeric_dim(opline, &dim_node);
2671	}
2672	return opline;
2673}
2674/* }}} */
2675
2676static zend_op *zend_compile_dim(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2677{
2678	uint32_t offset = zend_delayed_compile_begin();
2679	zend_delayed_compile_dim(result, ast, type);
2680	return zend_delayed_compile_end(offset);
2681}
2682/* }}} */
2683
2684static zend_op *zend_delayed_compile_prop(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2685{
2686	zend_ast *obj_ast = ast->child[0];
2687	zend_ast *prop_ast = ast->child[1];
2688
2689	znode obj_node, prop_node;
2690	zend_op *opline;
2691
2692	if (is_this_fetch(obj_ast)) {
2693		obj_node.op_type = IS_UNUSED;
2694	} else {
2695		zend_delayed_compile_var(&obj_node, obj_ast, type);
2696		zend_separate_if_call_and_write(&obj_node, obj_ast, type);
2697	}
2698	zend_compile_expr(&prop_node, prop_ast);
2699
2700	opline = zend_delayed_emit_op(result, ZEND_FETCH_OBJ_R, &obj_node, &prop_node);
2701	if (opline->op2_type == IS_CONST) {
2702		convert_to_string(CT_CONSTANT(opline->op2));
2703		opline->extended_value = zend_alloc_polymorphic_cache_slot();
2704	}
2705
2706	zend_adjust_for_fetch_type(opline, result, type);
2707	return opline;
2708}
2709/* }}} */
2710
2711static zend_op *zend_compile_prop(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
2712{
2713	uint32_t offset = zend_delayed_compile_begin();
2714	zend_delayed_compile_prop(result, ast, type);
2715	return zend_delayed_compile_end(offset);
2716}
2717/* }}} */
2718
2719zend_op *zend_compile_static_prop(znode *result, zend_ast *ast, uint32_t type, int delayed) /* {{{ */
2720{
2721	zend_ast *class_ast = ast->child[0];
2722	zend_ast *prop_ast = ast->child[1];
2723
2724	znode class_node, prop_node;
2725	zend_op *opline;
2726
2727	zend_compile_class_ref_ex(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
2728
2729	zend_compile_expr(&prop_node, prop_ast);
2730
2731	if (delayed) {
2732		opline = zend_delayed_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
2733	} else {
2734		opline = zend_emit_op(result, ZEND_FETCH_STATIC_PROP_R, &prop_node, NULL);
2735	}
2736	if (opline->op1_type == IS_CONST) {
2737		convert_to_string(CT_CONSTANT(opline->op1));
2738		opline->extended_value = zend_alloc_polymorphic_cache_slot();
2739	}
2740	if (class_node.op_type == IS_CONST) {
2741		opline->op2_type = IS_CONST;
2742		opline->op2.constant = zend_add_class_name_literal(
2743			CG(active_op_array), Z_STR(class_node.u.constant));
2744		if (opline->op1_type != IS_CONST) {
2745			opline->extended_value = zend_alloc_cache_slot();
2746		}
2747	} else {
2748		SET_NODE(opline->op2, &class_node);
2749	}
2750
2751	zend_adjust_for_fetch_type(opline, result, type);
2752	return opline;
2753}
2754/* }}} */
2755
2756static void zend_verify_list_assign_target(zend_ast *var_ast, zend_bool old_style) /* {{{ */ {
2757	if (var_ast->kind == ZEND_AST_ARRAY) {
2758		if (var_ast->attr == ZEND_ARRAY_SYNTAX_LONG) {
2759			zend_error_noreturn(E_COMPILE_ERROR, "Cannot assign to array(), use [] instead");
2760		}
2761		if (old_style != var_ast->attr) {
2762			zend_error_noreturn(E_COMPILE_ERROR, "Cannot mix [] and list()");
2763		}
2764	} else if (!zend_can_write_to_variable(var_ast)) {
2765		zend_error_noreturn(E_COMPILE_ERROR, "Assignments can only happen to writable values");
2766	}
2767}
2768/* }}} */
2769
2770static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node);
2771
2772/* Propagate refs used on leaf elements to the surrounding list() structures. */
2773static zend_bool zend_propagate_list_refs(zend_ast *ast) { /* {{{ */
2774	zend_ast_list *list = zend_ast_get_list(ast);
2775	zend_bool has_refs = 0;
2776	uint32_t i;
2777
2778	for (i = 0; i < list->children; ++i) {
2779		zend_ast *elem_ast = list->child[i];
2780
2781		if (elem_ast) {
2782			zend_ast *var_ast = elem_ast->child[0];
2783			if (var_ast->kind == ZEND_AST_ARRAY) {
2784				elem_ast->attr = zend_propagate_list_refs(var_ast);
2785			}
2786			has_refs |= elem_ast->attr;
2787		}
2788	}
2789
2790	return has_refs;
2791}
2792/* }}} */
2793
2794static void zend_compile_list_assign(
2795		znode *result, zend_ast *ast, znode *expr_node, zend_bool old_style) /* {{{ */
2796{
2797	zend_ast_list *list = zend_ast_get_list(ast);
2798	uint32_t i;
2799	zend_bool has_elems = 0;
2800	zend_bool is_keyed =
2801		list->children > 0 && list->child[0] != NULL && list->child[0]->child[1] != NULL;
2802
2803	if (list->children && expr_node->op_type == IS_CONST && Z_TYPE(expr_node->u.constant) == IS_STRING) {
2804		zval_make_interned_string(&expr_node->u.constant);
2805	}
2806
2807	for (i = 0; i < list->children; ++i) {
2808		zend_ast *elem_ast = list->child[i];
2809		zend_ast *var_ast, *key_ast;
2810		znode fetch_result, dim_node;
2811		zend_op *opline;
2812
2813		if (elem_ast == NULL) {
2814			if (is_keyed) {
2815				zend_error(E_COMPILE_ERROR,
2816					"Cannot use empty array entries in keyed array assignment");
2817			} else {
2818				continue;
2819			}
2820		}
2821
2822		var_ast = elem_ast->child[0];
2823		key_ast = elem_ast->child[1];
2824		has_elems = 1;
2825
2826		if (is_keyed) {
2827			if (key_ast == NULL) {
2828				zend_error(E_COMPILE_ERROR,
2829					"Cannot mix keyed and unkeyed array entries in assignments");
2830			}
2831
2832			zend_compile_expr(&dim_node, key_ast);
2833		} else {
2834			if (key_ast != NULL) {
2835				zend_error(E_COMPILE_ERROR,
2836					"Cannot mix keyed and unkeyed array entries in assignments");
2837			}
2838
2839			dim_node.op_type = IS_CONST;
2840			ZVAL_LONG(&dim_node.u.constant, i);
2841		}
2842
2843		if (expr_node->op_type == IS_CONST) {
2844			Z_TRY_ADDREF(expr_node->u.constant);
2845		}
2846
2847		zend_verify_list_assign_target(var_ast, old_style);
2848
2849		opline = zend_emit_op(&fetch_result,
2850			elem_ast->attr ? (expr_node->op_type == IS_CV ? ZEND_FETCH_DIM_W : ZEND_FETCH_LIST_W) : ZEND_FETCH_LIST_R, expr_node, &dim_node);
2851
2852		if (dim_node.op_type == IS_CONST) {
2853			zend_handle_numeric_dim(opline, &dim_node);
2854		}
2855
2856		if (var_ast->kind == ZEND_AST_ARRAY) {
2857			if (elem_ast->attr) {
2858				zend_emit_op(&fetch_result, ZEND_MAKE_REF, &fetch_result, NULL);
2859			}
2860			zend_compile_list_assign(NULL, var_ast, &fetch_result, var_ast->attr);
2861		} else if (elem_ast->attr) {
2862			zend_emit_assign_ref_znode(var_ast, &fetch_result);
2863		} else {
2864			zend_emit_assign_znode(var_ast, &fetch_result);
2865		}
2866	}
2867
2868	if (has_elems == 0) {
2869		zend_error_noreturn(E_COMPILE_ERROR, "Cannot use empty list");
2870	}
2871
2872	if (result) {
2873		*result = *expr_node;
2874	} else {
2875		zend_do_free(expr_node);
2876	}
2877}
2878/* }}} */
2879
2880static void zend_ensure_writable_variable(const zend_ast *ast) /* {{{ */
2881{
2882	if (ast->kind == ZEND_AST_CALL) {
2883		zend_error_noreturn(E_COMPILE_ERROR, "Can't use function return value in write context");
2884	}
2885	if (ast->kind == ZEND_AST_METHOD_CALL || ast->kind == ZEND_AST_STATIC_CALL) {
2886		zend_error_noreturn(E_COMPILE_ERROR, "Can't use method return value in write context");
2887	}
2888}
2889/* }}} */
2890
2891/* Detects $a... = $a pattern */
2892zend_bool zend_is_assign_to_self(zend_ast *var_ast, zend_ast *expr_ast) /* {{{ */
2893{
2894	if (expr_ast->kind != ZEND_AST_VAR || expr_ast->child[0]->kind != ZEND_AST_ZVAL) {
2895		return 0;
2896	}
2897
2898	while (zend_is_variable(var_ast) && var_ast->kind != ZEND_AST_VAR) {
2899		var_ast = var_ast->child[0];
2900	}
2901
2902	if (var_ast->kind != ZEND_AST_VAR || var_ast->child[0]->kind != ZEND_AST_ZVAL) {
2903		return 0;
2904	}
2905
2906	{
2907		zend_string *name1 = zval_get_string(zend_ast_get_zval(var_ast->child[0]));
2908		zend_string *name2 = zval_get_string(zend_ast_get_zval(expr_ast->child[0]));
2909		zend_bool result = zend_string_equals(name1, name2);
2910		zend_string_release_ex(name1, 0);
2911		zend_string_release_ex(name2, 0);
2912		return result;
2913	}
2914}
2915/* }}} */
2916
2917/* Detects if list($a, $b, $c) contains variable with given name */
2918zend_bool zend_list_has_assign_to(zend_ast *list_ast, zend_string *name) /* {{{ */
2919{
2920	zend_ast_list *list = zend_ast_get_list(list_ast);
2921	uint32_t i;
2922	for (i = 0; i < list->children; i++) {
2923		zend_ast *elem_ast = list->child[i];
2924		zend_ast *var_ast;
2925
2926		if (!elem_ast) {
2927			continue;
2928		}
2929		var_ast = elem_ast->child[0];
2930
2931		/* Recursively check nested list()s */
2932		if (var_ast->kind == ZEND_AST_ARRAY && zend_list_has_assign_to(var_ast, name)) {
2933			return 1;
2934		}
2935
2936		if (var_ast->kind == ZEND_AST_VAR && var_ast->child[0]->kind == ZEND_AST_ZVAL) {
2937			zend_string *var_name = zval_get_string(zend_ast_get_zval(var_ast->child[0]));
2938			zend_bool result = zend_string_equals(var_name, name);
2939			zend_string_release_ex(var_name, 0);
2940			if (result) {
2941				return 1;
2942			}
2943		}
2944	}
2945
2946	return 0;
2947}
2948/* }}} */
2949
2950/* Detects patterns like list($a, $b, $c) = $a */
2951zend_bool zend_list_has_assign_to_self(zend_ast *list_ast, zend_ast *expr_ast) /* {{{ */
2952{
2953	/* Only check simple variables on the RHS, as only CVs cause issues with this. */
2954	if (expr_ast->kind == ZEND_AST_VAR && expr_ast->child[0]->kind == ZEND_AST_ZVAL) {
2955		zend_string *name = zval_get_string(zend_ast_get_zval(expr_ast->child[0]));
2956		zend_bool result = zend_list_has_assign_to(list_ast, name);
2957		zend_string_release_ex(name, 0);
2958		return result;
2959	}
2960	return 0;
2961}
2962/* }}} */
2963
2964void zend_compile_assign(znode *result, zend_ast *ast) /* {{{ */
2965{
2966	zend_ast *var_ast = ast->child[0];
2967	zend_ast *expr_ast = ast->child[1];
2968
2969	znode var_node, expr_node;
2970	zend_op *opline;
2971	uint32_t offset;
2972
2973	if (is_this_fetch(var_ast)) {
2974		zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
2975	}
2976
2977	zend_ensure_writable_variable(var_ast);
2978
2979	switch (var_ast->kind) {
2980		case ZEND_AST_VAR:
2981		case ZEND_AST_STATIC_PROP:
2982			offset = zend_delayed_compile_begin();
2983			zend_delayed_compile_var(&var_node, var_ast, BP_VAR_W);
2984			zend_compile_expr(&expr_node, expr_ast);
2985			zend_delayed_compile_end(offset);
2986			zend_emit_op(result, ZEND_ASSIGN, &var_node, &expr_node);
2987			return;
2988		case ZEND_AST_DIM:
2989			offset = zend_delayed_compile_begin();
2990			zend_delayed_compile_dim(result, var_ast, BP_VAR_W);
2991
2992			if (zend_is_assign_to_self(var_ast, expr_ast)
2993			 && !is_this_fetch(expr_ast)) {
2994				/* $a[0] = $a should evaluate the right $a first */
2995				znode cv_node;
2996
2997				if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
2998					zend_compile_simple_var_no_cv(&expr_node, expr_ast, BP_VAR_R, 0);
2999				} else {
3000					zend_emit_op(&expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3001				}
3002			} else {
3003				zend_compile_expr(&expr_node, expr_ast);
3004			}
3005
3006			opline = zend_delayed_compile_end(offset);
3007			opline->opcode = ZEND_ASSIGN_DIM;
3008
3009			opline = zend_emit_op_data(&expr_node);
3010			return;
3011		case ZEND_AST_PROP:
3012			offset = zend_delayed_compile_begin();
3013			zend_delayed_compile_prop(result, var_ast, BP_VAR_W);
3014			zend_compile_expr(&expr_node, expr_ast);
3015
3016			opline = zend_delayed_compile_end(offset);
3017			opline->opcode = ZEND_ASSIGN_OBJ;
3018
3019			zend_emit_op_data(&expr_node);
3020			return;
3021		case ZEND_AST_ARRAY:
3022			if (zend_propagate_list_refs(var_ast)) {
3023				if (!zend_is_variable(expr_ast)) {
3024					zend_error_noreturn(E_COMPILE_ERROR,
3025						"Cannot assign reference to non referencable value");
3026				}
3027
3028				zend_compile_var(&expr_node, expr_ast, BP_VAR_W);
3029				/* MAKE_REF is usually not necessary for CVs. However, if there are
3030				 * self-assignments, this forces the RHS to evaluate first. */
3031				if (expr_node.op_type != IS_CV
3032						|| zend_list_has_assign_to_self(var_ast, expr_ast)) {
3033					zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
3034				}
3035			} else {
3036				if (zend_list_has_assign_to_self(var_ast, expr_ast)) {
3037					/* list($a, $b) = $a should evaluate the right $a first */
3038					znode cv_node;
3039
3040					if (zend_try_compile_cv(&cv_node, expr_ast) == FAILURE) {
3041						zend_compile_simple_var_no_cv(&expr_node, expr_ast, BP_VAR_R, 0);
3042					} else {
3043						zend_emit_op(&expr_node, ZEND_QM_ASSIGN, &cv_node, NULL);
3044					}
3045				} else {
3046					zend_compile_expr(&expr_node, expr_ast);
3047				}
3048			}
3049
3050			zend_compile_list_assign(result, var_ast, &expr_node, var_ast->attr);
3051			return;
3052		EMPTY_SWITCH_DEFAULT_CASE();
3053	}
3054}
3055/* }}} */
3056
3057void zend_compile_assign_ref(znode *result, zend_ast *ast) /* {{{ */
3058{
3059	zend_ast *target_ast = ast->child[0];
3060	zend_ast *source_ast = ast->child[1];
3061
3062	znode target_node, source_node;
3063	zend_op *opline;
3064	uint32_t offset;
3065
3066	if (is_this_fetch(target_ast)) {
3067		zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
3068	}
3069	zend_ensure_writable_variable(target_ast);
3070
3071	offset = zend_delayed_compile_begin();
3072	zend_delayed_compile_var(&target_node, target_ast, BP_VAR_W);
3073	zend_compile_var(&source_node, source_ast, BP_VAR_W);
3074
3075	if ((target_ast->kind != ZEND_AST_VAR
3076	  || target_ast->child[0]->kind != ZEND_AST_ZVAL)
3077	 && source_node.op_type != IS_CV) {
3078		/* Both LHS and RHS expressions may modify the same data structure,
3079		 * and the modification during RHS evaluation may dangle the pointer
3080		 * to the result of the LHS evaluation.
3081		 * Use MAKE_REF instruction to replace direct pointer with REFERENCE.
3082		 * See: Bug #71539
3083		 */
3084		zend_emit_op(&source_node, ZEND_MAKE_REF, &source_node, NULL);
3085	}
3086
3087	zend_delayed_compile_end(offset);
3088
3089	if (source_node.op_type != IS_VAR && zend_is_call(source_ast)) {
3090		zend_error_noreturn(E_COMPILE_ERROR, "Cannot use result of built-in function in write context");
3091	}
3092
3093	opline = zend_emit_op(result, ZEND_ASSIGN_REF, &target_node, &source_node);
3094
3095	if (zend_is_call(source_ast)) {
3096		opline->extended_value = ZEND_RETURNS_FUNCTION;
3097	}
3098}
3099/* }}} */
3100
3101static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node) /* {{{ */
3102{
3103	zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN_REF, var_ast,
3104		zend_ast_create_znode(value_node));
3105	zend_compile_assign_ref(NULL, assign_ast);
3106}
3107/* }}} */
3108
3109void zend_compile_compound_assign(znode *result, zend_ast *ast) /* {{{ */
3110{
3111	zend_ast *var_ast = ast->child[0];
3112	zend_ast *expr_ast = ast->child[1];
3113	uint32_t opcode = ast->attr;
3114
3115	znode var_node, expr_node;
3116	zend_op *opline;
3117	uint32_t offset, cache_slot;
3118
3119	zend_ensure_writable_variable(var_ast);
3120
3121	switch (var_ast->kind) {
3122		case ZEND_AST_VAR:
3123		case ZEND_AST_STATIC_PROP:
3124			offset = zend_delayed_compile_begin();
3125			zend_delayed_compile_var(&var_node, var_ast, BP_VAR_RW);
3126			zend_compile_expr(&expr_node, expr_ast);
3127			zend_delayed_compile_end(offset);
3128			zend_emit_op(result, opcode, &var_node, &expr_node);
3129			return;
3130		case ZEND_AST_DIM:
3131			offset = zend_delayed_compile_begin();
3132			zend_delayed_compile_dim(result, var_ast, BP_VAR_RW);
3133			zend_compile_expr(&expr_node, expr_ast);
3134
3135			opline = zend_delayed_compile_end(offset);
3136			opline->opcode = opcode;
3137			opline->extended_value = ZEND_ASSIGN_DIM;
3138
3139			opline = zend_emit_op_data(&expr_node);
3140			return;
3141		case ZEND_AST_PROP:
3142			offset = zend_delayed_compile_begin();
3143			zend_delayed_compile_prop(result, var_ast, BP_VAR_RW);
3144			zend_compile_expr(&expr_node, expr_ast);
3145
3146			opline = zend_delayed_compile_end(offset);
3147			cache_slot = opline->extended_value;
3148			opline->opcode = opcode;
3149			opline->extended_value = ZEND_ASSIGN_OBJ;
3150
3151			opline = zend_emit_op_data(&expr_node);
3152			opline->extended_value = cache_slot;
3153			return;
3154		EMPTY_SWITCH_DEFAULT_CASE()
3155	}
3156}
3157/* }}} */
3158
3159uint32_t zend_compile_args(zend_ast *ast, zend_function *fbc) /* {{{ */
3160{
3161	zend_ast_list *args = zend_ast_get_list(ast);
3162	uint32_t i;
3163	zend_bool uses_arg_unpack = 0;
3164	uint32_t arg_count = 0; /* number of arguments not including unpacks */
3165
3166	for (i = 0; i < args->children; ++i) {
3167		zend_ast *arg = args->child[i];
3168		uint32_t arg_num = i + 1;
3169
3170		znode arg_node;
3171		zend_op *opline;
3172		zend_uchar opcode;
3173
3174		if (arg->kind == ZEND_AST_UNPACK) {
3175			uses_arg_unpack = 1;
3176			fbc = NULL;
3177
3178			zend_compile_expr(&arg_node, arg->child[0]);
3179			opline = zend_emit_op(NULL, ZEND_SEND_UNPACK, &arg_node, NULL);
3180			opline->op2.num = arg_count;
3181			opline->result.var = (uint32_t)(zend_intptr_t)ZEND_CALL_ARG(NULL, arg_count);
3182			continue;
3183		}
3184
3185		if (uses_arg_unpack) {
3186			zend_error_noreturn(E_COMPILE_ERROR,
3187				"Cannot use positional argument after argument unpacking");
3188		}
3189
3190		arg_count++;
3191		if (zend_is_variable(arg)) {
3192			if (zend_is_call(arg)) {
3193				zend_compile_var(&arg_node, arg, BP_VAR_R);
3194				if (arg_node.op_type & (IS_CONST|IS_TMP_VAR)) {
3195					/* Function call was converted into builtin instruction */
3196					opcode = ZEND_SEND_VAL;
3197				} else {
3198					if (fbc) {
3199						if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3200							opcode = ZEND_SEND_VAR_NO_REF;
3201						} else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3202							opcode = ZEND_SEND_VAL;
3203						} else {
3204							opcode = ZEND_SEND_VAR;
3205						}
3206					} else {
3207						opcode = ZEND_SEND_VAR_NO_REF_EX;
3208					}
3209				}
3210			} else if (fbc) {
3211				if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3212					zend_compile_var(&arg_node, arg, BP_VAR_W);
3213					opcode = ZEND_SEND_REF;
3214				} else {
3215					zend_compile_var(&arg_node, arg, BP_VAR_R);
3216					opcode = (arg_node.op_type == IS_TMP_VAR) ? ZEND_SEND_VAL : ZEND_SEND_VAR;
3217				}
3218			} else {
3219				do {
3220					if (arg->kind == ZEND_AST_VAR) {
3221						CG(zend_lineno) = zend_ast_get_lineno(ast);
3222						if (is_this_fetch(arg)) {
3223							zend_emit_op(&arg_node, ZEND_FETCH_THIS, NULL, NULL);
3224							opcode = ZEND_SEND_VAR_EX;
3225							break;
3226						} else if (zend_try_compile_cv(&arg_node, arg) == SUCCESS) {
3227							opcode = ZEND_SEND_VAR_EX;
3228							break;
3229						}
3230					}
3231					opline = zend_emit_op(NULL, ZEND_CHECK_FUNC_ARG, NULL, NULL);
3232					opline->op2.num = arg_num;
3233					zend_compile_var(&arg_node, arg, BP_VAR_FUNC_ARG);
3234					opcode = ZEND_SEND_FUNC_ARG;
3235				} while (0);
3236			}
3237		} else {
3238			zend_compile_expr(&arg_node, arg);
3239			if (arg_node.op_type == IS_VAR) {
3240				/* pass ++$a or something similar */
3241				if (fbc) {
3242					if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3243						opcode = ZEND_SEND_VAR_NO_REF;
3244					} else if (ARG_MAY_BE_SENT_BY_REF(fbc, arg_num)) {
3245						opcode = ZEND_SEND_VAL;
3246					} else {
3247						opcode = ZEND_SEND_VAR;
3248					}
3249				} else {
3250					opcode = ZEND_SEND_VAR_NO_REF_EX;
3251				}
3252			} else if (arg_node.op_type == IS_CV) {
3253				if (fbc) {
3254					if (ARG_SHOULD_BE_SENT_BY_REF(fbc, arg_num)) {
3255						opcode = ZEND_SEND_REF;
3256					} else {
3257						opcode = ZEND_SEND_VAR;
3258					}
3259				} else {
3260					opcode = ZEND_SEND_VAR_EX;
3261				}
3262			} else {
3263				if (fbc) {
3264					opcode = ZEND_SEND_VAL;
3265					if (ARG_MUST_BE_SENT_BY_REF(fbc, arg_num)) {
3266						zend_error_noreturn(E_COMPILE_ERROR, "Only variables can be passed by reference");
3267					}
3268				} else {
3269					opcode = ZEND_SEND_VAL_EX;
3270				}
3271			}
3272		}
3273
3274		opline = zend_emit_op(NULL, opcode, &arg_node, NULL);
3275		opline->op2.opline_num = arg_num;
3276		opline->result.var = (uint32_t)(zend_intptr_t)ZEND_CALL_ARG(NULL, arg_num);
3277	}
3278
3279	return arg_count;
3280}
3281/* }}} */
3282
3283ZEND_API zend_uchar zend_get_call_op(const zend_op *init_op, zend_function *fbc) /* {{{ */
3284{
3285	if (fbc) {
3286		if (fbc->type == ZEND_INTERNAL_FUNCTION) {
3287			if (init_op->opcode == ZEND_INIT_FCALL && !zend_execute_internal) {
3288				if (!(fbc->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED|ZEND_ACC_HAS_TYPE_HINTS|ZEND_ACC_RETURN_REFERENCE))) {
3289					return ZEND_DO_ICALL;
3290				} else {
3291					return ZEND_DO_FCALL_BY_NAME;
3292				}
3293			}
3294		} else {
3295			if (zend_execute_ex == execute_ex && !(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
3296				return ZEND_DO_UCALL;
3297			}
3298		}
3299	} else if (zend_execute_ex == execute_ex &&
3300	           !zend_execute_internal &&
3301	           (init_op->opcode == ZEND_INIT_FCALL_BY_NAME ||
3302	            init_op->opcode == ZEND_INIT_NS_FCALL_BY_NAME)) {
3303		return ZEND_DO_FCALL_BY_NAME;
3304	}
3305	return ZEND_DO_FCALL;
3306}
3307/* }}} */
3308
3309void zend_compile_call_common(znode *result, zend_ast *args_ast, zend_function *fbc) /* {{{ */
3310{
3311	zend_op *opline;
3312	uint32_t opnum_init = get_next_op_number(CG(active_op_array)) - 1;
3313	uint32_t arg_count;
3314	uint32_t call_flags;
3315
3316	zend_do_extended_fcall_begin();
3317
3318	arg_count = zend_compile_args(args_ast, fbc);
3319
3320	opline = &CG(active_op_array)->opcodes[opnum_init];
3321	opline->extended_value = arg_count;
3322
3323	if (opline->opcode == ZEND_INIT_FCALL) {
3324		opline->op1.num = zend_vm_calc_used_stack(arg_count, fbc);
3325	}
3326
3327	call_flags = (opline->opcode == ZEND_NEW ? ZEND_CALL_CTOR : 0);
3328	opline = zend_emit_op(result, zend_get_call_op(opline, fbc), NULL, NULL);
3329	opline->op1.num = call_flags;
3330
3331	zend_do_extended_fcall_end();
3332}
3333/* }}} */
3334
3335zend_bool zend_compile_function_name(znode *name_node, zend_ast *name_ast) /* {{{ */
3336{
3337	zend_string *orig_name = zend_ast_get_str(name_ast);
3338	zend_bool is_fully_qualified;
3339
3340	name_node->op_type = IS_CONST;
3341	ZVAL_STR(&name_node->u.constant, zend_resolve_function_name(
3342		orig_name, name_ast->attr, &is_fully_qualified));
3343
3344	return !is_fully_qualified && FC(current_namespace);
3345}
3346/* }}} */
3347
3348void zend_compile_ns_call(znode *result, znode *name_node, zend_ast *args_ast) /* {{{ */
3349{
3350	zend_op *opline = get_next_op(CG(active_op_array));
3351	opline->opcode = ZEND_INIT_NS_FCALL_BY_NAME;
3352	opline->op2_type = IS_CONST;
3353	opline->op2.constant = zend_add_ns_func_name_literal(
3354		CG(active_op_array), Z_STR(name_node->u.constant));
3355	opline->result.num = zend_alloc_cache_slot();
3356
3357	zend_compile_call_common(result, args_ast, NULL);
3358}
3359/* }}} */
3360
3361void zend_compile_dynamic_call(znode *result, znode *name_node, zend_ast *args_ast) /* {{{ */
3362{
3363	if (name_node->op_type == IS_CONST && Z_TYPE(name_node->u.constant) == IS_STRING) {
3364		const char *colon;
3365		zend_string *str = Z_STR(name_node->u.constant);
3366		if ((colon = zend_memrchr(ZSTR_VAL(str), ':', ZSTR_LEN(str))) != NULL && colon > ZSTR_VAL(str) && *(colon - 1) == ':') {
3367			zend_string *class = zend_string_init(ZSTR_VAL(str), colon - ZSTR_VAL(str) - 1, 0);
3368			zend_string *method = zend_string_init(colon + 1, ZSTR_LEN(str) - (colon - ZSTR_VAL(str)) - 1, 0);
3369			zend_op *opline = get_next_op(CG(active_op_array));
3370
3371			opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
3372			opline->op1_type = IS_CONST;
3373			opline->op1.constant = zend_add_class_name_literal(CG(active_op_array), class);
3374			opline->op2_type = IS_CONST;
3375			opline->op2.constant = zend_add_func_name_literal(CG(active_op_array), method);
3376			/* 2 slots, for class and method */
3377			opline->result.num = zend_alloc_polymorphic_cache_slot();
3378			zval_ptr_dtor(&name_node->u.constant);
3379		} else {
3380			zend_op *opline = get_next_op(CG(active_op_array));
3381
3382			opline->opcode = ZEND_INIT_FCALL_BY_NAME;
3383			opline->op2_type = IS_CONST;
3384			opline->op2.constant = zend_add_func_name_literal(CG(active_op_array), str);
3385			opline->result.num = zend_alloc_cache_slot();
3386		}
3387	} else {
3388		zend_emit_op(NULL, ZEND_INIT_DYNAMIC_CALL, NULL, name_node);
3389	}
3390
3391	zend_compile_call_common(result, args_ast, NULL);
3392}
3393/* }}} */
3394
3395static zend_bool zend_args_contain_unpack(zend_ast_list *args) /* {{{ */
3396{
3397	uint32_t i;
3398	for (i = 0; i < args->children; ++i) {
3399		if (args->child[i]->kind == ZEND_AST_UNPACK) {
3400			return 1;
3401		}
3402	}
3403	return 0;
3404}
3405/* }}} */
3406
3407int zend_compile_func_strlen(znode *result, zend_ast_list *args) /* {{{ */
3408{
3409	znode arg_node;
3410
3411	if ((CG(compiler_options) & ZEND_COMPILE_NO_BUILTIN_STRLEN)
3412		|| args->children != 1 || args->child[0]->kind == ZEND_AST_UNPACK
3413	) {
3414		return FAILURE;
3415	}
3416
3417	zend_compile_expr(&arg_node, args->child[0]);
3418	if (arg_node.op_type == IS_CONST && Z_TYPE(arg_node.u.constant) == IS_STRING) {
3419		result->op_type = IS_CONST;
3420		ZVAL_LONG(&result->u.constant, Z_STRLEN(arg_node.u.constant));
3421		zval_ptr_dtor_str(&arg_node.u.constant);
3422	} else {
3423		zend_emit_op_tmp(result, ZEND_STRLEN, &arg_node, NULL);
3424	}
3425	return SUCCESS;
3426}
3427/* }}} */
3428
3429int zend_compile_func_typecheck(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
3430{
3431	znode arg_node;
3432	zend_op *opline;
3433
3434	if (args->children != 1 || args->child[0]->kind == ZEND_AST_UNPACK) {
3435		return FAILURE;
3436	}
3437
3438	zend_compile_expr(&arg_node, args->child[0]);
3439	opline = zend_emit_op_tmp(result, ZEND_TYPE_CHECK, &arg_node, NULL);
3440	if (type != _IS_BOOL) {
3441		opline->extended_value = (1 << type);
3442	} else {
3443		opline->extended_value = (1 << IS_FALSE) | (1 << IS_TRUE);
3444	}
3445	return SUCCESS;
3446}
3447/* }}} */
3448
3449int zend_compile_func_cast(znode *result, zend_ast_list *args, uint32_t type) /* {{{ */
3450{
3451	znode arg_node;
3452	zend_op *opline;
3453
3454	if (args->children != 1 || args->child[0]->kind == ZEND_AST_UNPACK) {
3455		return FAILURE;
3456	}
3457
3458	zend_compile_expr(&arg_node, args->child[0]);
3459	opline = zend_emit_op_tmp(result, ZEND_CAST, &arg_node, NULL);
3460	opline->extended_value = type;
3461	return SUCCESS;
3462}
3463/* }}} */
3464
3465int zend_compile_func_defined(znode *result, zend_ast_list *args) /* {{{ */
3466{
3467	zend_string *name;
3468	zend_op *opline;
3469
3470	if (args->children != 1 || args->child[0]->kind != ZEND_AST_ZVAL) {
3471		return FAILURE;
3472	}
3473
3474	name = zval_get_string(zend_ast_get_zval(args->child[0]));
3475	if (zend_memrchr(ZSTR_VAL(name), '\\', ZSTR_LEN(name)) || zend_memrchr(ZSTR_VAL(name), ':', ZSTR_LEN(name))) {
3476		zend_string_release_ex(name, 0);
3477		return FAILURE;
3478	}
3479
3480	if (zend_try_ct_eval_const(&result->u.constant, name, 0)) {
3481		zend_string_release_ex(name, 0);
3482		zval_ptr_dtor(&result->u.constant);
3483		ZVAL_TRUE(&result->u.constant);
3484		result->op_type = IS_CONST;
3485		return SUCCESS;
3486	}
3487
3488	opline = zend_emit_op_tmp(result, ZEND_DEFINED, NULL, NULL);
3489	opline->op1_type = IS_CONST;
3490	LITERAL_STR(opline->op1, name);
3491	opline->extended_value = zend_alloc_cache_slot();
3492
3493	/* Lowercase constant name in a separate literal */
3494	{
3495		zval c;
3496		zend_string *lcname = zend_string_tolower(name);
3497		ZVAL_NEW_STR(&c, lcname);
3498		zend_add_literal(CG(active_op_array), &c);
3499	}
3500	return SUCCESS;
3501}
3502/* }}} */
3503
3504int zend_compile_func_chr(znode *result, zend_ast_list *args) /* {{{ */
3505{
3506
3507	if (args->children == 1 &&
3508	    args->child[0]->kind == ZEND_AST_ZVAL &&
3509	    Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_LONG) {
3510
3511		zend_long c = Z_LVAL_P(zend_ast_get_zval(args->child[0])) & 0xff;
3512
3513		result->op_type = IS_CONST;
3514		ZVAL_INTERNED_STR(&result->u.constant, ZSTR_CHAR(c));
3515		return SUCCESS;
3516	} else {
3517		return FAILURE;
3518	}
3519}
3520/* }}} */
3521
3522int zend_compile_func_ord(znode *result, zend_ast_list *args) /* {{{ */
3523{
3524	if (args->children == 1 &&
3525	    args->child[0]->kind == ZEND_AST_ZVAL &&
3526	    Z_TYPE_P(zend_ast_get_zval(args->child[0])) == IS_STRING) {
3527
3528		result->op_type = IS_CONST;
3529		ZVAL_LONG(&result->u.constant, (unsigned char)Z_STRVAL_P(zend_ast_get_zval(args->child[0]))[0]);
3530		return SUCCESS;
3531	} else {
3532		return FAILURE;
3533	}
3534}
3535/* }}} */
3536
3537
3538static int zend_try_compile_ct_bound_init_user_func(zend_ast *name_ast, uint32_t num_args) /* {{{ */
3539{
3540	zend_string *name, *lcname;
3541	zend_function *fbc;
3542	zend_op *opline;
3543
3544	if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
3545		return FAILURE;
3546	}
3547
3548	name = zend_ast_get_str(name_ast);
3549	lcname = zend_string_tolower(name);
3550
3551	fbc = zend_hash_find_ptr(CG(function_table), lcname);
3552	if (!fbc
3553	 || (fbc->type == ZEND_INTERNAL_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS))
3554	 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS))
3555	) {
3556		zend_string_release_ex(lcname, 0);
3557		return FAILURE;
3558	}
3559
3560	opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, NULL);
3561	opline->extended_value = num_args;
3562	opline->op1.num = zend_vm_calc_used_stack(num_args, fbc);
3563	opline->op2_type = IS_CONST;
3564	LITERAL_STR(opline->op2, lcname);
3565	opline->result.num = zend_alloc_cache_slot();
3566
3567	return SUCCESS;
3568}
3569/* }}} */
3570
3571static void zend_compile_init_user_func(zend_ast *name_ast, uint32_t num_args, zend_string *orig_func_name) /* {{{ */
3572{
3573	zend_op *opline;
3574	znode name_node;
3575
3576	if (zend_try_compile_ct_bound_init_user_func(name_ast, num_args) == SUCCESS) {
3577		return;
3578	}
3579
3580	zend_compile_expr(&name_node, name_ast);
3581
3582	opline = zend_emit_op(NULL, ZEND_INIT_USER_CALL, NULL, &name_node);
3583	opline->op1_type = IS_CONST;
3584	LITERAL_STR(opline->op1, zend_string_copy(orig_func_name));
3585	opline->extended_value = num_args;
3586}
3587/* }}} */
3588
3589/* cufa = call_user_func_array */
3590int zend_compile_func_cufa(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
3591{
3592	znode arg_node;
3593
3594	if (args->children != 2 || zend_args_contain_unpack(args)) {
3595		return FAILURE;
3596	}
3597
3598	zend_compile_init_user_func(args->child[0], 0, lcname);
3599	if (args->child[1]->kind == ZEND_AST_CALL
3600	 && args->child[1]->child[0]->kind == ZEND_AST_ZVAL
3601	 && Z_TYPE_P(zend_ast_get_zval(args->child[1]->child[0])) == IS_STRING
3602	 && args->child[1]->child[1]->kind == ZEND_AST_ARG_LIST) {
3603		zend_string *orig_name = zend_ast_get_str(args->child[1]->child[0]);
3604		zend_ast_list *list = zend_ast_get_list(args->child[1]->child[1]);
3605		zend_bool is_fully_qualified;
3606		zend_string *name = zend_resolve_function_name(orig_name, args->child[1]->child[0]->attr, &is_fully_qualified);
3607
3608		if (zend_string_equals_literal_ci(name, "array_slice")
3609		 && list->children == 3
3610		 && list->child[1]->kind == ZEND_AST_ZVAL) {
3611			zval *zv = zend_ast_get_zval(list->child[1]);
3612
3613			if (Z_TYPE_P(zv) == IS_LONG
3614			 && Z_LVAL_P(zv) >= 0
3615			 && Z_LVAL_P(zv) <= 0x7fffffff) {
3616				zend_op *opline;
3617				znode len_node;
3618
3619				zend_compile_expr(&arg_node, list->child[0]);
3620				zend_compile_expr(&len_node, list->child[2]);
3621				opline = zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, &len_node);
3622				opline->extended_value = Z_LVAL_P(zv);
3623				zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
3624				zend_string_release_ex(name, 0);
3625				return SUCCESS;
3626			}
3627		}
3628		zend_string_release_ex(name, 0);
3629	}
3630	zend_compile_expr(&arg_node, args->child[1]);
3631	zend_emit_op(NULL, ZEND_SEND_ARRAY, &arg_node, NULL);
3632	zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
3633
3634	return SUCCESS;
3635}
3636/* }}} */
3637
3638/* cuf = call_user_func */
3639int zend_compile_func_cuf(znode *result, zend_ast_list *args, zend_string *lcname) /* {{{ */
3640{
3641	uint32_t i;
3642
3643	if (args->children < 1 || zend_args_contain_unpack(args)) {
3644		return FAILURE;
3645	}
3646
3647	zend_compile_init_user_func(args->child[0], args->children - 1, lcname);
3648	for (i = 1; i < args->children; ++i) {
3649		zend_ast *arg_ast = args->child[i];
3650		znode arg_node;
3651		zend_op *opline;
3652
3653		zend_compile_expr(&arg_node, arg_ast);
3654
3655		opline = zend_emit_op(NULL, ZEND_SEND_USER, &arg_node, NULL);
3656		opline->op2.num = i;
3657		opline->result.var = (uint32_t)(zend_intptr_t)ZEND_CALL_ARG(NULL, i);
3658	}
3659	zend_emit_op(result, ZEND_DO_FCALL, NULL, NULL);
3660
3661	return SUCCESS;
3662}
3663/* }}} */
3664
3665static void zend_compile_assert(znode *result, zend_ast_list *args, zend_string *name, zend_function *fbc) /* {{{ */
3666{
3667	if (EG(assertions) >= 0) {
3668		znode name_node;
3669		zend_op *opline;
3670		uint32_t check_op_number = get_next_op_number(CG(active_op_array));
3671
3672		zend_emit_op(NULL, ZEND_ASSERT_CHECK, NULL, NULL);
3673
3674		if (fbc) {
3675			name_node.op_type = IS_CONST;
3676			ZVAL_STR_COPY(&name_node.u.constant, name);
3677
3678			opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
3679		} else {
3680			opline = zend_emit_op(NULL, ZEND_INIT_NS_FCALL_BY_NAME, NULL, NULL);
3681			opline->op2_type = IS_CONST;
3682			opline->op2.constant = zend_add_ns_func_name_literal(
3683				CG(active_op_array), name);
3684		}
3685		opline->result.num = zend_alloc_cache_slot();
3686
3687		if (args->children == 1 &&
3688		    (args->child[0]->kind != ZEND_AST_ZVAL ||
3689		     Z_TYPE_P(zend_ast_get_zval(args->child[0])) != IS_STRING)) {
3690			/* add "assert(condition) as assertion message */
3691			zend_ast_list_add((zend_ast*)args,
3692				zend_ast_create_zval_from_str(
3693					zend_ast_export("assert(", args->child[0], ")")));
3694		}
3695
3696		zend_compile_call_common(result, (zend_ast*)args, fbc);
3697
3698		opline = &CG(active_op_array)->opcodes[check_op_number];
3699		opline->op2.opline_num = get_next_op_number(CG(active_op_array));
3700		SET_NODE(opline->result, result);
3701	} else {
3702		if (!fbc) {
3703			zend_string_release_ex(name, 0);
3704		}
3705		result->op_type = IS_CONST;
3706		ZVAL_TRUE(&result->u.constant);
3707	}
3708}
3709/* }}} */
3710
3711static int zend_compile_func_in_array(znode *result, zend_ast_list *args) /* {{{ */
3712{
3713	zend_bool strict = 0;
3714	znode array, needly;
3715	zend_op *opline;
3716
3717	if (args->children == 3) {
3718		if (args->child[2]->kind == ZEND_AST_ZVAL) {
3719			strict = zend_is_true(zend_ast_get_zval(args->child[2]));
3720		} else if (args->child[2]->kind == ZEND_AST_CONST) {
3721			zval value;
3722			zend_ast *name_ast = args->child[2]->child[0];
3723			zend_bool is_fully_qualified;
3724			zend_string *resolved_name = zend_resolve_const_name(
3725				zend_ast_get_str(name_ast), name_ast->attr, &is_fully_qualified);
3726
3727			if (!zend_try_ct_eval_const(&value, resolved_name, is_fully_qualified)) {
3728				zend_string_release_ex(resolved_name, 0);
3729				return FAILURE;
3730			}
3731
3732			zend_string_release_ex(resolved_name, 0);
3733			strict = zend_is_true(&value);
3734			zval_ptr_dtor(&value);
3735		} else {
3736			return FAILURE;
3737		}
3738	} else if (args->children != 2) {
3739		return FAILURE;
3740	}
3741
3742	if (args->child[1]->kind != ZEND_AST_ARRAY
3743	 || !zend_try_ct_eval_array(&array.u.constant, args->child[1])) {
3744		return FAILURE;
3745	}
3746
3747	if (zend_hash_num_elements(Z_ARRVAL(array.u.constant)) > 0) {
3748		zend_bool ok = 1;
3749		zval *val, tmp;
3750		HashTable *src = Z_ARRVAL(array.u.constant);
3751		HashTable *dst = zend_new_array(zend_hash_num_elements(src));
3752
3753		ZVAL_TRUE(&tmp);
3754
3755		if (strict) {
3756			ZEND_HASH_FOREACH_VAL(src, val) {
3757				if (Z_TYPE_P(val) == IS_STRING) {
3758					zend_hash_add(dst, Z_STR_P(val), &tmp);
3759				} else if (Z_TYPE_P(val) == IS_LONG) {
3760					zend_hash_index_add(dst, Z_LVAL_P(val), &tmp);
3761				} else {
3762					zend_array_destroy(dst);
3763					ok = 0;
3764					break;
3765				}
3766			} ZEND_HASH_FOREACH_END();
3767		} else {
3768			ZEND_HASH_FOREACH_VAL(src, val) {
3769				if (Z_TYPE_P(val) != IS_STRING
3770				 || is_numeric_string(Z_STRVAL_P(val), Z_STRLEN_P(val), NULL, NULL, 0)) {
3771					zend_array_destroy(dst);
3772					ok = 0;
3773					break;
3774				}
3775				zend_hash_add(dst, Z_STR_P(val), &tmp);
3776			} ZEND_HASH_FOREACH_END();
3777		}
3778
3779		zend_array_destroy(src);
3780		if (!ok) {
3781			return FAILURE;
3782		}
3783		Z_ARRVAL(array.u.constant) = dst;
3784	}
3785	array.op_type = IS_CONST;
3786
3787	zend_compile_expr(&needly, args->child[0]);
3788
3789	opline = zend_emit_op_tmp(result, ZEND_IN_ARRAY, &needly, &array);
3790	opline->extended_value = strict;
3791
3792	return SUCCESS;
3793}
3794/* }}} */
3795
3796int zend_compile_func_count(znode *result, zend_ast_list *args) /* {{{ */
3797{
3798	znode arg_node;
3799
3800	if (args->children != 1 || args->child[0]->kind == ZEND_AST_UNPACK) {
3801		return FAILURE;
3802	}
3803
3804	zend_compile_expr(&arg_node, args->child[0]);
3805	zend_emit_op_tmp(result, ZEND_COUNT, &arg_node, NULL);
3806	return SUCCESS;
3807}
3808/* }}} */
3809
3810int zend_compile_func_get_class(znode *result, zend_ast_list *args) /* {{{ */
3811{
3812	if (args->children == 0) {
3813		zend_emit_op_tmp(result, ZEND_GET_CLASS, NULL, NULL);
3814	} else {
3815		znode arg_node;
3816
3817		if (args->children != 1 || args->child[0]->kind == ZEND_AST_UNPACK) {
3818			return FAILURE;
3819		}
3820
3821		zend_compile_expr(&arg_node, args->child[0]);
3822		zend_emit_op_tmp(result, ZEND_GET_CLASS, &arg_node, NULL);
3823	}
3824	return SUCCESS;
3825}
3826/* }}} */
3827
3828int zend_compile_func_get_called_class(znode *result, zend_ast_list *args) /* {{{ */
3829{
3830	if (args->children != 0) {
3831		return FAILURE;
3832	}
3833
3834	zend_emit_op_tmp(result, ZEND_GET_CALLED_CLASS, NULL, NULL);
3835	return SUCCESS;
3836}
3837/* }}} */
3838
3839int zend_compile_func_gettype(znode *result, zend_ast_list *args) /* {{{ */
3840{
3841	znode arg_node;
3842
3843	if (args->children != 1 || args->child[0]->kind == ZEND_AST_UNPACK) {
3844		return FAILURE;
3845	}
3846
3847	zend_compile_expr(&arg_node, args->child[0]);
3848	zend_emit_op_tmp(result, ZEND_GET_TYPE, &arg_node, NULL);
3849	return SUCCESS;
3850}
3851/* }}} */
3852
3853int zend_compile_func_num_args(znode *result, zend_ast_list *args) /* {{{ */
3854{
3855	if (CG(active_op_array)->function_name && args->children == 0) {
3856		zend_emit_op_tmp(result, ZEND_FUNC_NUM_ARGS, NULL, NULL);
3857		return SUCCESS;
3858	} else {
3859		return FAILURE;
3860	}
3861}
3862/* }}} */
3863
3864int zend_compile_func_get_args(znode *result, zend_ast_list *args) /* {{{ */
3865{
3866	if (CG(active_op_array)->function_name && args->children == 0) {
3867		zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, NULL, NULL);
3868		return SUCCESS;
3869	} else {
3870		return FAILURE;
3871	}
3872}
3873/* }}} */
3874
3875int zend_compile_func_array_slice(znode *result, zend_ast_list *args) /* {{{ */
3876{
3877	if (CG(active_op_array)->function_name
3878	 && args->children == 2
3879	 && args->child[0]->kind == ZEND_AST_CALL
3880	 && args->child[0]->child[0]->kind == ZEND_AST_ZVAL
3881	 && Z_TYPE_P(zend_ast_get_zval(args->child[0]->child[0])) == IS_STRING
3882	 && args->child[0]->child[1]->kind == ZEND_AST_ARG_LIST
3883	 && args->child[1]->kind == ZEND_AST_ZVAL) {
3884
3885		zend_string *orig_name = zend_ast_get_str(args->child[0]->child[0]);
3886		zend_bool is_fully_qualified;
3887		zend_string *name = zend_resolve_function_name(orig_name, args->child[0]->child[0]->attr, &is_fully_qualified);
3888		zend_ast_list *list = zend_ast_get_list(args->child[0]->child[1]);
3889		zval *zv = zend_ast_get_zval(args->child[1]);
3890		znode first;
3891
3892		if (zend_string_equals_literal_ci(name, "func_get_args")
3893		 && list->children == 0
3894		 && Z_TYPE_P(zv) == IS_LONG
3895		 && Z_LVAL_P(zv) >= 0) {
3896			first.op_type = IS_CONST;
3897			ZVAL_LONG(&first.u.constant, Z_LVAL_P(zv));
3898			zend_emit_op_tmp(result, ZEND_FUNC_GET_ARGS, &first, NULL);
3899			zend_string_release_ex(name, 0);
3900			return SUCCESS;
3901		}
3902		zend_string_release_ex(name, 0);
3903	}
3904	return FAILURE;
3905}
3906/* }}} */
3907
3908int zend_try_compile_special_func(znode *result, zend_string *lcname, zend_ast_list *args, zend_function *fbc, uint32_t type) /* {{{ */
3909{
3910	if (fbc->internal_function.handler == ZEND_FN(display_disabled_function)) {
3911		return FAILURE;
3912	}
3913
3914	if (CG(compiler_options) & ZEND_COMPILE_NO_BUILTINS) {
3915		return FAILURE;
3916	}
3917
3918	if (zend_string_equals_literal(lcname, "strlen")) {
3919		return zend_compile_func_strlen(result, args);
3920	} else if (zend_string_equals_literal(lcname, "is_null")) {
3921		return zend_compile_func_typecheck(result, args, IS_NULL);
3922	} else if (zend_string_equals_literal(lcname, "is_bool")) {
3923		return zend_compile_func_typecheck(result, args, _IS_BOOL);
3924	} else if (zend_string_equals_literal(lcname, "is_long")
3925		|| zend_string_equals_literal(lcname, "is_int")
3926		|| zend_string_equals_literal(lcname, "is_integer")
3927	) {
3928		return zend_compile_func_typecheck(result, args, IS_LONG);
3929	} else if (zend_string_equals_literal(lcname, "is_float")
3930		|| zend_string_equals_literal(lcname, "is_double")
3931		|| zend_string_equals_literal(lcname, "is_real")
3932	) {
3933		return zend_compile_func_typecheck(result, args, IS_DOUBLE);
3934	} else if (zend_string_equals_literal(lcname, "is_string")) {
3935		return zend_compile_func_typecheck(result, args, IS_STRING);
3936	} else if (zend_string_equals_literal(lcname, "is_array")) {
3937		return zend_compile_func_typecheck(result, args, IS_ARRAY);
3938	} else if (zend_string_equals_literal(lcname, "is_object")) {
3939		return zend_compile_func_typecheck(result, args, IS_OBJECT);
3940	} else if (zend_string_equals_literal(lcname, "is_resource")) {
3941		return zend_compile_func_typecheck(result, args, IS_RESOURCE);
3942	} else if (zend_string_equals_literal(lcname, "boolval")) {
3943		return zend_compile_func_cast(result, args, _IS_BOOL);
3944	} else if (zend_string_equals_literal(lcname, "intval")) {
3945		return zend_compile_func_cast(result, args, IS_LONG);
3946	} else if (zend_string_equals_literal(lcname, "floatval")
3947		|| zend_string_equals_literal(lcname, "doubleval")
3948	) {
3949		return zend_compile_func_cast(result, args, IS_DOUBLE);
3950	} else if (zend_string_equals_literal(lcname, "strval")) {
3951		return zend_compile_func_cast(result, args, IS_STRING);
3952	} else if (zend_string_equals_literal(lcname, "defined")) {
3953		return zend_compile_func_defined(result, args);
3954	} else if (zend_string_equals_literal(lcname, "chr") && type == BP_VAR_R) {
3955		return zend_compile_func_chr(result, args);
3956	} else if (zend_string_equals_literal(lcname, "ord") && type == BP_VAR_R) {
3957		return zend_compile_func_ord(result, args);
3958	} else if (zend_string_equals_literal(lcname, "call_user_func_array")) {
3959		return zend_compile_func_cufa(result, args, lcname);
3960	} else if (zend_string_equals_literal(lcname, "call_user_func")) {
3961		return zend_compile_func_cuf(result, args, lcname);
3962	} else if (zend_string_equals_literal(lcname, "in_array")) {
3963		return zend_compile_func_in_array(result, args);
3964	} else if (zend_string_equals_literal(lcname, "count")) {
3965		return zend_compile_func_count(result, args);
3966	} else if (zend_string_equals_literal(lcname, "get_class")) {
3967		return zend_compile_func_get_class(result, args);
3968	} else if (zend_string_equals_literal(lcname, "get_called_class")) {
3969		return zend_compile_func_get_called_class(result, args);
3970	} else if (zend_string_equals_literal(lcname, "gettype")) {
3971		return zend_compile_func_gettype(result, args);
3972	} else if (zend_string_equals_literal(lcname, "func_num_args")) {
3973		return zend_compile_func_num_args(result, args);
3974	} else if (zend_string_equals_literal(lcname, "func_get_args")) {
3975		return zend_compile_func_get_args(result, args);
3976	} else if (zend_string_equals_literal(lcname, "array_slice")) {
3977		return zend_compile_func_array_slice(result, args);
3978	} else {
3979		return FAILURE;
3980	}
3981}
3982/* }}} */
3983
3984void zend_compile_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
3985{
3986	zend_ast *name_ast = ast->child[0];
3987	zend_ast *args_ast = ast->child[1];
3988
3989	znode name_node;
3990
3991	if (name_ast->kind != ZEND_AST_ZVAL || Z_TYPE_P(zend_ast_get_zval(name_ast)) != IS_STRING) {
3992		zend_compile_expr(&name_node, name_ast);
3993		zend_compile_dynamic_call(result, &name_node, args_ast);
3994		return;
3995	}
3996
3997	{
3998		zend_bool runtime_resolution = zend_compile_function_name(&name_node, name_ast);
3999		if (runtime_resolution) {
4000			if (zend_string_equals_literal_ci(zend_ast_get_str(name_ast), "assert")) {
4001				zend_compile_assert(result, zend_ast_get_list(args_ast), Z_STR(name_node.u.constant), NULL);
4002			} else {
4003				zend_compile_ns_call(result, &name_node, args_ast);
4004			}
4005			return;
4006		}
4007	}
4008
4009	{
4010		zval *name = &name_node.u.constant;
4011		zend_string *lcname;
4012		zend_function *fbc;
4013		zend_op *opline;
4014
4015		lcname = zend_string_tolower(Z_STR_P(name));
4016		fbc = zend_hash_find_ptr(CG(function_table), lcname);
4017
4018		/* Special assert() handling should apply independently of compiler flags. */
4019		if (fbc && zend_string_equals_literal(lcname, "assert")) {
4020			zend_compile_assert(result, zend_ast_get_list(args_ast), lcname, fbc);
4021			zend_string_release(lcname);
4022			zval_ptr_dtor(&name_node.u.constant);
4023			return;
4024		}
4025
4026		if (!fbc
4027		 || (fbc->type == ZEND_INTERNAL_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_INTERNAL_FUNCTIONS))
4028		 || (fbc->type == ZEND_USER_FUNCTION && (CG(compiler_options) & ZEND_COMPILE_IGNORE_USER_FUNCTIONS))
4029		) {
4030			zend_string_release_ex(lcname, 0);
4031			zend_compile_dynamic_call(result, &name_node, args_ast);
4032			return;
4033		}
4034
4035		if (zend_try_compile_special_func(result, lcname,
4036				zend_ast_get_list(args_ast), fbc, type) == SUCCESS
4037		) {
4038			zend_string_release_ex(lcname, 0);
4039			zval_ptr_dtor(&name_node.u.constant);
4040			return;
4041		}
4042
4043		zval_ptr_dtor(&name_node.u.constant);
4044		ZVAL_NEW_STR(&name_node.u.constant, lcname);
4045
4046		opline = zend_emit_op(NULL, ZEND_INIT_FCALL, NULL, &name_node);
4047		opline->result.num = zend_alloc_cache_slot();
4048
4049		zend_compile_call_common(result, args_ast, fbc);
4050	}
4051}
4052/* }}} */
4053
4054void zend_compile_method_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4055{
4056	zend_ast *obj_ast = ast->child[0];
4057	zend_ast *method_ast = ast->child[1];
4058	zend_ast *args_ast = ast->child[2];
4059
4060	znode obj_node, method_node;
4061	zend_op *opline;
4062	zend_function *fbc = NULL;
4063
4064	if (is_this_fetch(obj_ast)) {
4065		obj_node.op_type = IS_UNUSED;
4066	} else {
4067		zend_compile_expr(&obj_node, obj_ast);
4068	}
4069
4070	zend_compile_expr(&method_node, method_ast);
4071	opline = zend_emit_op(NULL, ZEND_INIT_METHOD_CALL, &obj_node, NULL);
4072
4073	if (method_node.op_type == IS_CONST) {
4074		if (Z_TYPE(method_node.u.constant) != IS_STRING) {
4075			zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4076		}
4077
4078		opline->op2_type = IS_CONST;
4079		opline->op2.constant = zend_add_func_name_literal(CG(active_op_array),
4080			Z_STR(method_node.u.constant));
4081		opline->result.num = zend_alloc_polymorphic_cache_slot();
4082	} else {
4083		SET_NODE(opline->op2, &method_node);
4084	}
4085
4086	/* Check if this calls a known method on $this */
4087	if (opline->op1_type == IS_UNUSED && opline->op2_type == IS_CONST &&
4088			CG(active_class_entry) && zend_is_scope_known()) {
4089		zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4090		fbc = zend_hash_find_ptr(&CG(active_class_entry)->function_table, lcname);
4091
4092		/* We only know the exact method that is being called if it is either private or final.
4093		 * Otherwise an overriding method in a child class may be called. */
4094		if (fbc && !(fbc->common.fn_flags & (ZEND_ACC_PRIVATE|ZEND_ACC_FINAL))) {
4095			fbc = NULL;
4096		}
4097	}
4098
4099	zend_compile_call_common(result, args_ast, fbc);
4100}
4101/* }}} */
4102
4103static zend_bool zend_is_constructor(zend_string *name) /* {{{ */
4104{
4105	return zend_string_equals_literal_ci(name, ZEND_CONSTRUCTOR_FUNC_NAME);
4106}
4107/* }}} */
4108
4109void zend_compile_static_call(znode *result, zend_ast *ast, uint32_t type) /* {{{ */
4110{
4111	zend_ast *class_ast = ast->child[0];
4112	zend_ast *method_ast = ast->child[1];
4113	zend_ast *args_ast = ast->child[2];
4114
4115	znode class_node, method_node;
4116	zend_op *opline;
4117	zend_function *fbc = NULL;
4118
4119	zend_compile_class_ref_ex(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4120
4121	zend_compile_expr(&method_node, method_ast);
4122	if (method_node.op_type == IS_CONST) {
4123		zval *name = &method_node.u.constant;
4124		if (Z_TYPE_P(name) != IS_STRING) {
4125			zend_error_noreturn(E_COMPILE_ERROR, "Method name must be a string");
4126		}
4127		if (zend_is_constructor(Z_STR_P(name))) {
4128			zval_ptr_dtor(name);
4129			method_node.op_type = IS_UNUSED;
4130		}
4131	}
4132
4133	opline = get_next_op(CG(active_op_array));
4134	opline->opcode = ZEND_INIT_STATIC_METHOD_CALL;
4135
4136	zend_set_class_name_op1(opline, &class_node);
4137
4138	if (method_node.op_type == IS_CONST) {
4139		opline->op2_type = IS_CONST;
4140		opline->op2.constant = zend_add_func_name_literal(CG(active_op_array),
4141			Z_STR(method_node.u.constant));
4142		opline->result.num = zend_alloc_polymorphic_cache_slot();
4143	} else {
4144		if (opline->op1_type == IS_CONST) {
4145			opline->result.num = zend_alloc_cache_slot();
4146		}
4147		SET_NODE(opline->op2, &method_node);
4148	}
4149	zend_check_live_ranges(opline);
4150
4151	/* Check if we already know which method we're calling */
4152	if (opline->op2_type == IS_CONST) {
4153		zend_class_entry *ce = NULL;
4154		if (opline->op1_type == IS_CONST) {
4155			zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op1) + 1);
4156			ce = zend_hash_find_ptr(CG(class_table), lcname);
4157			if (!ce && CG(active_class_entry)
4158					&& zend_string_equals_ci(CG(active_class_entry)->name, lcname)) {
4159				ce = CG(active_class_entry);
4160			}
4161		} else if (opline->op1_type == IS_UNUSED
4162				&& (opline->op1.num & ZEND_FETCH_CLASS_MASK) == ZEND_FETCH_CLASS_SELF
4163				&& zend_is_scope_known()) {
4164			ce = CG(active_class_entry);
4165		}
4166		if (ce) {
4167			zend_string *lcname = Z_STR_P(CT_CONSTANT(opline->op2) + 1);
4168			fbc = zend_hash_find_ptr(&ce->function_table, lcname);
4169			if (fbc && !(fbc->common.fn_flags & ZEND_ACC_PUBLIC)) {
4170				if (ce != CG(active_class_entry)
4171				 &&((fbc->common.fn_flags & ZEND_ACC_PRIVATE)
4172				  || !zend_check_protected(zend_get_function_root_class(fbc), CG(active_class_entry)))) {
4173					/* incompatibe function */
4174					fbc = NULL;
4175				}
4176			}
4177		}
4178	}
4179
4180	zend_compile_call_common(result, args_ast, fbc);
4181}
4182/* }}} */
4183
4184void zend_compile_class_decl(zend_ast *ast);
4185
4186void zend_compile_new(znode *result, zend_ast *ast) /* {{{ */
4187{
4188	zend_ast *class_ast = ast->child[0];
4189	zend_ast *args_ast = ast->child[1];
4190
4191	znode class_node, ctor_result;
4192	zend_op *opline;
4193
4194	if (class_ast->kind == ZEND_AST_CLASS) {
4195		uint32_t dcl_opnum = get_next_op_number(CG(active_op_array));
4196		zend_compile_class_decl(class_ast);
4197		/* jump over anon class declaration */
4198		opline = &CG(active_op_array)->opcodes[dcl_opnum];
4199		if (opline->opcode == ZEND_FETCH_CLASS) {
4200			opline++;
4201		}
4202		class_node.op_type = opline->result_type;
4203		class_node.u.op.var = opline->result.var;
4204		opline->extended_value = get_next_op_number(CG(active_op_array));
4205	} else {
4206		zend_compile_class_ref_ex(&class_node, class_ast, ZEND_FETCH_CLASS_EXCEPTION);
4207	}
4208
4209	opline = zend_emit_op(result, ZEND_NEW, NULL, NULL);
4210
4211	if (class_node.op_type == IS_CONST) {
4212		opline->op1_type = IS_CONST;
4213		opline->op1.constant = zend_add_class_name_literal(
4214			CG(active_op_array), Z_STR(class_node.u.constant));
4215		opline->op2.num = zend_alloc_cache_slot();
4216	} else {
4217		SET_NODE(opline->op1, &class_node);
4218	}
4219
4220	zend_compile_call_common(&ctor_result, args_ast, NULL);
4221	zend_do_free(&ctor_result);
4222}
4223/* }}} */
4224
4225void zend_compile_clone(znode *result, zend_ast *ast) /* {{{ */
4226{
4227	zend_ast *obj_ast = ast->child[0];
4228
4229	znode obj_node;
4230	zend_compile_expr(&obj_node, obj_ast);
4231
4232	zend_emit_op_tmp(result, ZEND_CLONE, &obj_node, NULL);
4233}
4234/* }}} */
4235
4236void zend_compile_global_var(zend_ast *ast) /* {{{ */
4237{
4238	zend_ast *var_ast = ast->child[0];
4239	zend_ast *name_ast = var_ast->child[0];
4240
4241	znode name_node, result;
4242
4243	zend_compile_expr(&name_node, name_ast);
4244	if (name_node.op_type == IS_CONST) {
4245		convert_to_string(&name_node.u.constant);
4246	}
4247
4248	if (is_this_fetch(var_ast)) {
4249		zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as global variable");
4250	} else if (zend_try_compile_cv(&result, var_ast) == SUCCESS) {
4251		zend_op *opline = zend_emit_op(NULL, ZEND_BIND_GLOBAL, &result, &name_node);
4252		opline->extended_value = zend_alloc_cache_slot();
4253	} else {
4254		/* name_ast should be evaluated only. FETCH_GLOBAL_LOCK instructs FETCH_W
4255		 * to not free the name_node operand, so it can be reused in the following
4256		 * ASSIGN_REF, which then frees it. */
4257		zend_op *opline = zend_emit_op(&result, ZEND_FETCH_W, &name_node, NULL);
4258		opline->extended_value = ZEND_FETCH_GLOBAL_LOCK;
4259
4260		if (name_node.op_type == IS_CONST) {
4261			zend_string_addref(Z_STR(name_node.u.constant));
4262		}
4263
4264		zend_emit_assign_ref_znode(
4265			zend_ast_create(ZEND_AST_VAR, zend_ast_create_znode(&name_node)),
4266			&result
4267		);
4268	}
4269}
4270/* }}} */
4271
4272static void zend_compile_static_var_common(zend_ast *var_ast, zval *value, uint32_t by_ref) /* {{{ */
4273{
4274	znode var_node;
4275	zend_op *opline;
4276	zend_string *var_name;
4277
4278	if (var_ast->kind == ZEND_AST_ZVAL) {
4279		var_name = zval_make_interned_string(zend_ast_get_zval(var_ast));
4280		zend_compile_expr(&var_node, var_ast);
4281	} else {
4282		zend_compile_expr(&var_node, var_ast);
4283		var_name = zval_make_interned_string(&var_node.u.constant);
4284	}
4285
4286	if (!CG(active_op_array)->static_variables) {
4287		if (CG(active_op_array)->scope) {
4288			CG(active_op_array)->scope->ce_flags |= ZEND_HAS_STATIC_IN_METHODS;
4289		}
4290		CG(active_op_array)->static_variables = zend_new_array(8);
4291	}
4292
4293	if (GC_REFCOUNT(CG(active_op_array)->static_variables) > 1) {
4294		if (!(GC_FLAGS(CG(active_op_array)->static_variables) & IS_ARRAY_IMMUTABLE)) {
4295			GC_DELREF(CG(active_op_array)->static_variables);
4296		}
4297		CG(active_op_array)->static_variables = zend_array_dup(CG(active_op_array)->static_variables);
4298	}
4299	value = zend_hash_update(CG(active_op_array)->static_variables, var_name, value);
4300
4301	if (zend_string_equals_literal(var_name, "this")) {
4302		zend_error_noreturn(E_COMPILE_ERROR, "Cannot use $this as static variable");
4303	}
4304
4305	opline = zend_emit_op(NULL, ZEND_BIND_STATIC, NULL, &var_node);
4306	opline->op1_type = IS_CV;
4307	opline->op1.var = lookup_cv(CG(active_op_array), var_name);
4308	opline->extended_value = (uint32_t)((char*)value - (char*)CG(active_op_array)->static_variables->arData) | by_ref;
4309}
4310/* }}} */
4311
4312void zend_compile_static_var(zend_ast *ast) /* {{{ */
4313{
4314	zend_ast *var_ast = ast->child[0];
4315	zend_ast *value_ast = ast->child[1];
4316	zval value_zv;
4317
4318	if (value_ast) {
4319		zend_const_expr_to_zval(&value_zv, value_ast);
4320	} else {
4321		ZVAL_NULL(&value_zv);
4322	}
4323
4324	zend_compile_static_var_common(var_ast, &value_zv, ZEND_BIND_REF);
4325}
4326/* }}} */
4327
4328void zend_compile_unset(zend_ast *ast) /* {{{ */
4329{
4330	zend_ast *var_ast = ast->child[0];
4331	znode var_node;
4332	zend_op *opline;
4333
4334	zend_ensure_writable_variable(var_ast);
4335
4336	switch (var_ast->kind) {
4337		case ZEND_AST_VAR:
4338			if (is_this_fetch(var_ast)) {
4339				zend_error_noreturn(E_COMPILE_ERROR, "Cannot unset $this");
4340			} else if (zend_try_compile_cv(&var_node, var_ast) == SUCCESS) {
4341				opline = zend_emit_op(NULL, ZEND_UNSET_CV, &var_node, NULL);
4342			} else {
4343				opline = zend_compile_simple_var_no_cv(NULL, var_ast, BP_VAR_UNSET, 0);
4344				opline->opcode = ZEND_UNSET_VAR;
4345			}
4346			return;
4347		case ZEND_AST_DIM:
4348			opline = zend_compile_dim(NULL, var_ast, BP_VAR_UNSET);
4349			opline->opcode = ZEND_UNSET_DIM;
4350			return;
4351		case ZEND_AST_PROP:
4352			opline = zend_compile_prop(NULL, var_ast, BP_VAR_UNSET);
4353			opline->opcode = ZEND_UNSET_OBJ;
4354			return;
4355		case ZEND_AST_STATIC_PROP:
4356			opline = zend_compile_static_prop(NULL, var_ast, BP_VAR_UNSET, 0);
4357			opline->opcode = ZEND_UNSET_STATIC_PROP;
4358			return;
4359		EMPTY_SWITCH_DEFAULT_CASE()
4360	}
4361}
4362/* }}} */
4363
4364static int zend_handle_loops_and_finally_ex(zend_long depth, znode *return_value) /* {{{ */
4365{
4366	zend_loop_var *base;
4367	zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
4368
4369	if (!loop_var) {
4370		return 1;
4371	}
4372	base = zend_stack_base(&CG(loop_var_stack));
4373	for (; loop_var >= base; loop_var--) {
4374		if (loop_var->opcode == ZEND_FAST_CALL) {
4375			zend_op *opline = get_next_op(CG(active_op_array));
4376
4377			opline->opcode = ZEND_FAST_CALL;
4378			opline->result_type = IS_TMP_VAR;
4379			opline->result.var = loop_var->var_num;
4380			if (return_value) {
4381				SET_NODE(opline->op2, return_value);
4382			}
4383			opline->op1.num = loop_var->u.try_catch_offset;
4384		} else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
4385			zend_op *opline = get_next_op(CG(active_op_array));
4386			opline->opcode = ZEND_DISCARD_EXCEPTION;
4387			opline->op1_type = IS_TMP_VAR;
4388			opline->op1.var = loop_var->var_num;
4389		} else if (loop_var->opcode == ZEND_RETURN) {
4390			/* Stack separator */
4391			break;
4392		} else if (depth <= 1) {
4393			return 1;
4394		} else if (loop_var->opcode == ZEND_NOP) {
4395			/* Loop doesn't have freeable variable */
4396			depth--;
4397		} else {
4398			zend_op *opline;
4399
4400			ZEND_ASSERT(loop_var->var_type & (IS_VAR|IS_TMP_VAR));
4401			opline = get_next_op(CG(active_op_array));
4402			opline->opcode = loop_var->opcode;
4403			opline->op1_type = loop_var->var_type;
4404			opline->op1.var = loop_var->var_num;
4405			opline->extended_value = ZEND_FREE_ON_RETURN;
4406			depth--;
4407	    }
4408	}
4409	return (depth == 0);
4410}
4411/* }}} */
4412
4413static int zend_handle_loops_and_finally(znode *return_value) /* {{{ */
4414{
4415	return zend_handle_loops_and_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1, return_value);
4416}
4417/* }}} */
4418
4419static int zend_has_finally_ex(zend_long depth) /* {{{ */
4420{
4421	zend_loop_var *base;
4422	zend_loop_var *loop_var = zend_stack_top(&CG(loop_var_stack));
4423
4424	if (!loop_var) {
4425		return 0;
4426	}
4427	base = zend_stack_base(&CG(loop_var_stack));
4428	for (; loop_var >= base; loop_var--) {
4429		if (loop_var->opcode == ZEND_FAST_CALL) {
4430			return 1;
4431		} else if (loop_var->opcode == ZEND_DISCARD_EXCEPTION) {
4432		} else if (loop_var->opcode == ZEND_RETURN) {
4433			/* Stack separator */
4434			return 0;
4435		} else if (depth <= 1) {
4436			return 0;
4437		} else {
4438			depth--;
4439	    }
4440	}
4441	return 0;
4442}
4443/* }}} */
4444
4445static int zend_has_finally(void) /* {{{ */
4446{
4447	return zend_has_finally_ex(zend_stack_count(&CG(loop_var_stack)) + 1);
4448}
4449/* }}} */
4450
4451void zend_compile_return(zend_ast *ast) /* {{{ */
4452{
4453	zend_ast *expr_ast = ast->child[0];
4454	zend_bool is_generator = (CG(active_op_array)->fn_flags & ZEND_ACC_GENERATOR) != 0;
4455	zend_bool by_ref = (CG(active_op_array)->fn_flags & ZEND_ACC_RETURN_REFERENCE) != 0;
4456
4457	znode expr_node;
4458	zend_op *opline;
4459
4460	if (is_generator) {
4461		/* For generators the by-ref flag refers to yields, not returns */
4462		by_ref = 0;
4463	}
4464
4465	if (!expr_ast) {
4466		expr_node.op_type = IS_CONST;
4467		ZVAL_NULL(&expr_node.u.constant);
4468	} else if (by_ref && zend_is_variable(expr_ast) && !zend_is_call(expr_ast)) {
4469		zend_compile_var(&expr_node, expr_ast, BP_VAR_W);
4470	} else {
4471		zend_compile_expr(&expr_node, expr_ast);
4472	}
4473
4474	if ((CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)
4475	 && (expr_node.op_type == IS_CV || (by_ref && expr_node.op_type == IS_VAR))
4476	 && zend_has_finally()) {
4477		/* Copy return value into temporary VAR to avoid modification in finally code */
4478		if (by_ref) {
4479			zend_emit_op(&expr_node, ZEND_MAKE_REF, &expr_node, NULL);
4480		} else {
4481			zend_emit_op_tmp(&expr_node, ZEND_QM_ASSIGN, &expr_node, NULL);
4482		}
4483	}
4484
4485	/* Generator return types are handled separately */
4486	if (!is_generator && CG(active_op_array)->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
4487		zend_emit_return_type_check(
4488			expr_ast ? &expr_node : NULL, CG(active_op_array)->arg_info - 1, 0);
4489	}
4490
4491	zend_handle_loops_and_finally((expr_node.op_type & (IS_TMP_VAR | IS_VAR)) ? &expr_node : NULL);
4492
4493	opline = zend_emit_op(NULL, by_ref ? ZEND_RETURN_BY_REF : ZEND_RETURN,
4494		&expr_node, NULL);
4495
4496	if (by_ref && expr_ast) {
4497		if (zend_is_call(expr_ast)) {
4498			opline->extended_value = ZEND_RETURNS_FUNCTION;
4499		} else if (!zend_is_variable(expr_ast)) {
4500			opline->extended_value = ZEND_RETURNS_VALUE;
4501		}
4502	}
4503}
4504/* }}} */
4505
4506void zend_compile_echo(zend_ast *ast) /* {{{ */
4507{
4508	zend_op *opline;
4509	zend_ast *expr_ast = ast->child[0];
4510
4511	znode expr_node;
4512	zend_compile_expr(&expr_node, expr_ast);
4513
4514	opline = zend_emit_op(NULL, ZEND_ECHO, &expr_node, NULL);
4515	opline->extended_value = 0;
4516}
4517/* }}} */
4518
4519void zend_compile_throw(zend_ast *ast) /* {{{ */
4520{
4521	zend_ast *expr_ast = ast->child[0];
4522
4523	znode expr_node;
4524	zend_compile_expr(&expr_node, expr_ast);
4525
4526	zend_emit_op(NULL, ZEND_THROW, &expr_node, NULL);
4527}
4528/* }}} */
4529
4530void zend_compile_break_continue(zend_ast *ast) /* {{{ */
4531{
4532	zend_ast *depth_ast = ast->child[0];
4533
4534	zend_op *opline;
4535	zend_long depth;
4536
4537	ZEND_ASSERT(ast->kind == ZEND_AST_BREAK || ast->kind == ZEND_AST_CONTINUE);
4538
4539	if (depth_ast) {
4540		zval *depth_zv;
4541		if (depth_ast->kind != ZEND_AST_ZVAL) {
4542			zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator with non-integer operand "
4543				"is no longer supported", ast->kind == ZEND_AST_BREAK ? "break" : "continue");
4544		}
4545
4546		depth_zv = zend_ast_get_zval(depth_ast);
4547		if (Z_TYPE_P(depth_zv) != IS_LONG || Z_LVAL_P(depth_zv) < 1) {
4548			zend_error_noreturn(E_COMPILE_ERROR, "'%s' operator accepts only positive integers",
4549				ast->kind == ZEND_AST_BREAK ? "break" : "continue");
4550		}
4551
4552		depth = Z_LVAL_P(depth_zv);
4553	} else {
4554		depth = 1;
4555	}
4556
4557	if (CG(context).current_brk_cont == -1) {
4558		zend_error_noreturn(E_COMPILE_ERROR, "'%s' not in the 'loop' or 'switch' context",
4559			ast->kind == ZEND_AST_BREAK ? "break" : "continue");
4560	} else {
4561		if (!zend_handle_loops_and_finally_ex(depth, NULL)) {
4562			zend_error_noreturn(E_COMPILE_ERROR, "Cannot '%s' " ZEND_LONG_FMT " level%s",
4563				ast->kind == ZEND_AST_BREAK ? "break" : "continue",
4564				depth, depth == 1 ? "" : "s");
4565		}
4566	}
4567
4568	if (ast->kind == ZEND_AST_CONTINUE) {
4569		int d, cur = CG(context).current_brk_cont;
4570		for (d = depth - 1; d > 0; d--) {
4571			cur = CG(context).brk_cont_array[cur].parent;
4572			ZEND_ASSERT(cur != -1);
4573		}
4574
4575		if (CG(context).brk_cont_array[cur].is_switch) {
4576			if (depth == 1) {
4577				zend_error(E_WARNING,
4578					"\"continue\" targeting switch is equivalent to \"break\". " \
4579					"Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
4580					depth + 1);
4581			} else {
4582				zend_error(E_WARNING,
4583					"\"continue " ZEND_LONG_FMT "\" targeting switch is equivalent to \"break " ZEND_LONG_FMT "\". " \
4584					"Did you mean to use \"continue " ZEND_LONG_FMT "\"?",
4585					depth, depth, depth + 1);
4586			}
4587		}
4588	}
4589
4590	opline = zend_emit_op(NULL, ast->kind == ZEND_AST_BREAK ? ZEND_BRK : ZEND_CONT, NULL, NULL);
4591	opline->op1.num = CG(context).current_brk_cont;
4592	opline->op2.num = depth;
4593}
4594/* }}} */
4595
4596void zend_resolve_goto_label(zend_op_array *op_array, zend_op *opline) /* {{{ */
4597{
4598	zend_label *dest;
4599	int current, remove_oplines = opline->op1.num;
4600	zval *label;
4601	uint32_t opnum = opline - op_array->opcodes;
4602
4603	label = CT_CONSTANT_EX(op_array, opline->op2.constant);
4604	if (CG(context).labels == NULL ||
4605	    (dest = zend_hash_find_ptr(CG(context).labels, Z_STR_P(label))) == NULL
4606	) {
4607		CG(in_compilation) = 1;
4608		CG(active_op_array) = op_array;
4609		CG(zend_lineno) = opline->lineno;
4610		zend_error_noreturn(E_COMPILE_ERROR, "'goto' to undefined label '%s'", Z_STRVAL_P(label));
4611	}
4612
4613	zval_ptr_dtor_str(label);
4614	ZVAL_NULL(label);
4615
4616	current = opline->extended_value;
4617	for (; current != dest->brk_cont; current = CG(context).brk_cont_array[current].parent) {
4618		if (current == -1) {
4619			CG(in_compilation) = 1;
4620			CG(active_op_array) = op_array;
4621			CG(zend_lineno) = opline->lineno;
4622			zend_error_noreturn(E_COMPILE_ERROR, "'goto' into loop or switch statement is disallowed");
4623		}
4624		if (CG(context).brk_cont_array[current].start >= 0) {
4625			remove_oplines--;
4626		}
4627	}
4628
4629	for (current = 0; current < op_array->last_try_catch; ++current) {
4630		zend_try_catch_element *elem = &op_array->try_catch_array[current];
4631		if (elem->try_op > opnum) {
4632			break;
4633		}
4634		if (elem->finally_op && opnum < elem->finally_op - 1
4635			&& (dest->opline_num > elem->finally_end || dest->opline_num < elem->try_op)
4636		) {
4637			remove_oplines--;
4638		}
4639	}
4640
4641	opline->opcode = ZEND_JMP;
4642	opline->op1.opline_num = dest->opline_num;
4643	opline->extended_value = 0;
4644	SET_UNUSED(opline->op1);
4645	SET_UNUSED(opline->op2);
4646	SET_UNUSED(opline->result);
4647
4648	ZEND_ASSERT(remove_oplines >= 0);
4649	while (remove_oplines--) {
4650		opline--;
4651		MAKE_NOP(opline);
4652		ZEND_VM_SET_OPCODE_HANDLER(opline);
4653	}
4654}
4655/* }}} */
4656
4657void zend_compile_goto(zend_ast *ast) /* {{{ */
4658{
4659	zend_ast *label_ast = ast->child[0];
4660	znode label_node;
4661	zend_op *opline;
4662	uint32_t opnum_start = get_next_op_number(CG(active_op_array));
4663
4664	zend_compile_expr(&label_node, label_ast);
4665
4666	/* Label resolution and unwinding adjustments happen in pass two. */
4667	zend_handle_loops_and_finally(NULL);
4668	opline = zend_emit_op(NULL, ZEND_GOTO, NULL, &label_node);
4669	opline->op1.num = get_next_op_number(CG(active_op_array)) - opnum_start - 1;
4670	opline->extended_value = CG(context).current_brk_cont;
4671}
4672/* }}} */
4673
4674void zend_compile_label(zend_ast *ast) /* {{{ */
4675{
4676	zend_string *label = zend_ast_get_str(ast->child[0]);
4677	zend_label dest;
4678
4679	if (!CG(context).labels) {
4680		ALLOC_HASHTABLE(CG(context).labels);
4681		zend_hash_init(CG(context).labels, 8, NULL, label_ptr_dtor, 0);
4682	}
4683
4684	dest.brk_cont = CG(context).current_brk_cont;
4685	dest.opline_num = get_next_op_number(CG(active_op_array));
4686
4687	if (!zend_hash_add_mem(CG(context).labels, label, &dest, sizeof(zend_label))) {
4688		zend_error_noreturn(E_COMPILE_ERROR, "Label '%s' already defined", ZSTR_VAL(label));
4689	}
4690}
4691/* }}} */
4692
4693void zend_compile_while(zend_ast *ast) /* {{{ */
4694{
4695	zend_ast *cond_ast = ast->child[0];
4696	zend_ast *stmt_ast = ast->child[1];
4697	znode cond_node;
4698	uint32_t opnum_start, opnum_jmp, opnum_cond;
4699
4700	opnum_jmp = zend_emit_jump(0);
4701
4702	zend_begin_loop(ZEND_NOP, NULL, 0);
4703
4704	opnum_start = get_next_op_number(CG(active_op_array));
4705	zend_compile_stmt(stmt_ast);
4706
4707	opnum_cond = get_next_op_number(CG(active_op_array));
4708	zend_update_jump_target(opnum_jmp, opnum_cond);
4709	zend_compile_expr(&cond_node, cond_ast);
4710
4711	zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
4712
4713	zend_end_loop(opnum_cond, NULL);
4714}
4715/* }}} */
4716
4717void zend_compile_do_while(zend_ast *ast) /* {{{ */
4718{
4719	zend_ast *stmt_ast = ast->child[0];
4720	zend_ast *cond_ast = ast->child[1];
4721
4722	znode cond_node;
4723	uint32_t opnum_start, opnum_cond;
4724
4725	zend_begin_loop(ZEND_NOP, NULL, 0);
4726
4727	opnum_start = get_next_op_number(CG(active_op_array));
4728	zend_compile_stmt(stmt_ast);
4729
4730	opnum_cond = get_next_op_number(CG(active_op_array));
4731	zend_compile_expr(&cond_node, cond_ast);
4732
4733	zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, opnum_start);
4734
4735	zend_end_loop(opnum_cond, NULL);
4736}
4737/* }}} */
4738
4739void zend_compile_expr_list(znode *result, zend_ast *ast) /* {{{ */
4740{
4741	zend_ast_list *list;
4742	uint32_t i;
4743
4744	result->op_type = IS_CONST;
4745	ZVAL_TRUE(&result->u.constant);
4746
4747	if (!ast) {
4748		return;
4749	}
4750
4751	list = zend_ast_get_list(ast);
4752	for (i = 0; i < list->children; ++i) {
4753		zend_ast *expr_ast = list->child[i];
4754
4755		zend_do_free(result);
4756		zend_compile_expr(result, expr_ast);
4757	}
4758}
4759/* }}} */
4760
4761void zend_compile_for(zend_ast *ast) /* {{{ */
4762{
4763	zend_ast *init_ast = ast->child[0];
4764	zend_ast *cond_ast = ast->child[1];
4765	zend_ast *loop_ast = ast->child[2];
4766	zend_ast *stmt_ast = ast->child[3];
4767
4768	znode result;
4769	uint32_t opnum_start, opnum_jmp, opnum_loop;
4770
4771	zend_compile_expr_list(&result, init_ast);
4772	zend_do_free(&result);
4773
4774	opnum_jmp = zend_emit_jump(0);
4775
4776	zend_begin_loop(ZEND_NOP, NULL, 0);
4777
4778	opnum_start = get_next_op_number(CG(active_op_array));
4779	zend_compile_stmt(stmt_ast);
4780
4781	opnum_loop = get_next_op_number(CG(active_op_array));
4782	zend_compile_expr_list(&result, loop_ast);
4783	zend_do_free(&result);
4784
4785	zend_update_jump_target_to_next(opnum_jmp);
4786	zend_compile_expr_list(&result, cond_ast);
4787	zend_do_extended_info();
4788
4789	zend_emit_cond_jump(ZEND_JMPNZ, &result, opnum_start);
4790
4791	zend_end_loop(opnum_loop, NULL);
4792}
4793/* }}} */
4794
4795void zend_compile_foreach(zend_ast *ast) /* {{{ */
4796{
4797	zend_ast *expr_ast = ast->child[0];
4798	zend_ast *value_ast = ast->child[1];
4799	zend_ast *key_ast = ast->child[2];
4800	zend_ast *stmt_ast = ast->child[3];
4801	zend_bool by_ref = value_ast->kind == ZEND_AST_REF;
4802	zend_bool is_variable = zend_is_variable(expr_ast) && !zend_is_call(expr_ast)
4803		&& zend_can_write_to_variable(expr_ast);
4804
4805	znode expr_node, reset_node, value_node, key_node;
4806	zend_op *opline;
4807	uint32_t opnum_reset, opnum_fetch;
4808
4809	if (key_ast) {
4810		if (key_ast->kind == ZEND_AST_REF) {
4811			zend_error_noreturn(E_COMPILE_ERROR, "Key element cannot be a reference");
4812		}
4813		if (key_ast->kind == ZEND_AST_ARRAY) {
4814			zend_error_noreturn(E_COMPILE_ERROR, "Cannot use list as key element");
4815		}
4816	}
4817
4818	if (by_ref) {
4819		value_ast = value_ast->child[0];
4820	}
4821
4822	if (value_ast->kind == ZEND_AST_ARRAY && zend_propagate_list_refs(value_ast)) {
4823		by_ref = 1;
4824	}
4825
4826	if (by_ref && is_variable) {
4827		zend_compile_var(&expr_node, expr_ast, BP_VAR_W);
4828	} else {
4829		zend_compile_expr(&expr_node, expr_ast);
4830	}
4831
4832	if (by_ref) {
4833		zend_separate_if_call_and_write(&expr_node, expr_ast, BP_VAR_W);
4834	}
4835
4836	opnum_reset = get_next_op_number(CG(active_op_array));
4837	opline = zend_emit_op(&reset_node, by_ref ? ZEND_FE_RESET_RW : ZEND_FE_RESET_R, &expr_node, NULL);
4838
4839	zend_begin_loop(ZEND_FE_FREE, &reset_node, 0);
4840
4841	opnum_fetch = get_next_op_number(CG(active_op_array));
4842	opline = zend_emit_op(NULL, by_ref ? ZEND_FE_FETCH_RW : ZEND_FE_FETCH_R, &reset_node, NULL);
4843
4844	if (is_this_fetch(value_ast)) {
4845		zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
4846	} else if (value_ast->kind == ZEND_AST_VAR &&
4847		zend_try_compile_cv(&value_node, value_ast) == SUCCESS) {
4848		SET_NODE(opline->op2, &value_node);
4849	} else {
4850		opline->op2_type = IS_VAR;
4851		opline->op2.var = get_temporary_variable(CG(active_op_array));
4852		GET_NODE(&value_node, opline->op2);
4853		if (value_ast->kind == ZEND_AST_ARRAY) {
4854			zend_compile_list_assign(NULL, value_ast, &value_node, value_ast->attr);
4855		} else if (by_ref) {
4856			zend_emit_assign_ref_znode(value_ast, &value_node);
4857		} else {
4858			zend_emit_assign_znode(value_ast, &value_node);
4859		}
4860	}
4861
4862	if (key_ast) {
4863		opline = &CG(active_op_array)->opcodes[opnum_fetch];
4864		zend_make_tmp_result(&key_node, opline);
4865		zend_emit_assign_znode(key_ast, &key_node);
4866	}
4867
4868	zend_compile_stmt(stmt_ast);
4869
4870	/* Place JMP and FE_FREE on the line where foreach starts. It would be
4871	 * better to use the end line, but this information is not available
4872	 * currently. */
4873	CG(zend_lineno) = ast->lineno;
4874	zend_emit_jump(opnum_fetch);
4875
4876	opline = &CG(active_op_array)->opcodes[opnum_reset];
4877	opline->op2.opline_num = get_next_op_number(CG(active_op_array));
4878
4879	opline = &CG(active_op_array)->opcodes[opnum_fetch];
4880	opline->extended_value = get_next_op_number(CG(active_op_array));
4881
4882	zend_end_loop(opnum_fetch, &reset_node);
4883
4884	opline = zend_emit_op(NULL, ZEND_FE_FREE, &reset_node, NULL);
4885}
4886/* }}} */
4887
4888void zend_compile_if(zend_ast *ast) /* {{{ */
4889{
4890	zend_ast_list *list = zend_ast_get_list(ast);
4891	uint32_t i;
4892	uint32_t *jmp_opnums = NULL;
4893
4894	if (list->children > 1) {
4895		jmp_opnums = safe_emalloc(sizeof(uint32_t), list->children - 1, 0);
4896	}
4897
4898	for (i = 0; i < list->children; ++i) {
4899		zend_ast *elem_ast = list->child[i];
4900		zend_ast *cond_ast = elem_ast->child[0];
4901		zend_ast *stmt_ast = elem_ast->child[1];
4902
4903		znode cond_node;
4904		uint32_t opnum_jmpz;
4905		if (cond_ast) {
4906			zend_compile_expr(&cond_node, cond_ast);
4907			opnum_jmpz = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
4908		}
4909
4910		zend_compile_stmt(stmt_ast);
4911
4912		if (i != list->children - 1) {
4913			jmp_opnums[i] = zend_emit_jump(0);
4914		}
4915
4916		if (cond_ast) {
4917			zend_update_jump_target_to_next(opnum_jmpz);
4918		}
4919	}
4920
4921	if (list->children > 1) {
4922		for (i = 0; i < list->children - 1; ++i) {
4923			zend_update_jump_target_to_next(jmp_opnums[i]);
4924		}
4925		efree(jmp_opnums);
4926	}
4927}
4928/* }}} */
4929
4930static zend_uchar determine_switch_jumptable_type(zend_ast_list *cases) {
4931	uint32_t i;
4932	zend_uchar common_type = IS_UNDEF;
4933	for (i = 0; i < cases->children; i++) {
4934		zend_ast *case_ast = cases->child[i];
4935		zend_ast **cond_ast = &case_ast->child[0];
4936		zval *cond_zv;
4937		if (!case_ast->child[0]) {
4938			/* Skip default clause */
4939			continue;
4940		}
4941
4942		zend_eval_const_expr(cond_ast);
4943		if ((*cond_ast)->kind != ZEND_AST_ZVAL) {
4944			/* Non-constant case */
4945			return IS_UNDEF;
4946		}
4947
4948		cond_zv = zend_ast_get_zval(case_ast->child[0]);
4949		if (Z_TYPE_P(cond_zv) != IS_LONG && Z_TYPE_P(cond_zv) != IS_STRING) {
4950			/* We only optimize switched on integers and strings */
4951			return IS_UNDEF;
4952		}
4953
4954		if (common_type == IS_UNDEF) {
4955			common_type = Z_TYPE_P(cond_zv);
4956		} else if (common_type != Z_TYPE_P(cond_zv)) {
4957			/* Non-uniform case types */
4958			return IS_UNDEF;
4959		}
4960
4961		if (Z_TYPE_P(cond_zv) == IS_STRING
4962				&& is_numeric_string(Z_STRVAL_P(cond_zv), Z_STRLEN_P(cond_zv), NULL, NULL, 0)) {
4963			/* Numeric strings cannot be compared with a simple hash lookup */
4964			return IS_UNDEF;
4965		}
4966	}
4967
4968	return common_type;
4969}
4970
4971static zend_bool should_use_jumptable(zend_ast_list *cases, zend_uchar jumptable_type) {
4972	if (CG(compiler_options) & ZEND_COMPILE_NO_JUMPTABLES) {
4973		return 0;
4974	}
4975
4976	/* Thresholds are chosen based on when the average switch time for equidistributed
4977	 * input becomes smaller when using the jumptable optimization. */
4978	if (jumptable_type == IS_LONG) {
4979		return cases->children >= 5;
4980	} else {
4981		ZEND_ASSERT(jumptable_type == IS_STRING);
4982		return cases->children >= 2;
4983	}
4984}
4985
4986void zend_compile_switch(zend_ast *ast) /* {{{ */
4987{
4988	zend_ast *expr_ast = ast->child[0];
4989	zend_ast_list *cases = zend_ast_get_list(ast->child[1]);
4990
4991	uint32_t i;
4992	zend_bool has_default_case = 0;
4993
4994	znode expr_node, case_node;
4995	zend_op *opline;
4996	uint32_t *jmpnz_opnums, opnum_default_jmp, opnum_switch;
4997	zend_uchar jumptable_type;
4998	HashTable *jumptable = NULL;
4999
5000	zend_compile_expr(&expr_node, expr_ast);
5001
5002	zend_begin_loop(ZEND_FREE, &expr_node, 1);
5003
5004	case_node.op_type = IS_TMP_VAR;
5005	case_node.u.op.var = get_temporary_variable(CG(active_op_array));
5006
5007	jumptable_type = determine_switch_jumptable_type(cases);
5008	if (jumptable_type != IS_UNDEF && should_use_jumptable(cases, jumptable_type)) {
5009		znode jumptable_op;
5010
5011		ALLOC_HASHTABLE(jumptable);
5012		zend_hash_init(jumptable, cases->children, NULL, NULL, 0);
5013		jumptable_op.op_type = IS_CONST;
5014		ZVAL_ARR(&jumptable_op.u.constant, jumptable);
5015
5016		opline = zend_emit_op(NULL,
5017			jumptable_type == IS_LONG ? ZEND_SWITCH_LONG : ZEND_SWITCH_STRING,
5018			&expr_node, &jumptable_op);
5019		if (opline->op1_type == IS_CONST) {
5020			Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5021		}
5022		opnum_switch = opline - CG(active_op_array)->opcodes;
5023	}
5024
5025	jmpnz_opnums = safe_emalloc(sizeof(uint32_t), cases->children, 0);
5026	for (i = 0; i < cases->children; ++i) {
5027		zend_ast *case_ast = cases->child[i];
5028		zend_ast *cond_ast = case_ast->child[0];
5029		znode cond_node;
5030
5031		if (!cond_ast) {
5032			if (has_default_case) {
5033				CG(zend_lineno) = case_ast->lineno;
5034				zend_error_noreturn(E_COMPILE_ERROR,
5035					"Switch statements may only contain one default clause");
5036			}
5037			has_default_case = 1;
5038			continue;
5039		}
5040
5041		zend_compile_expr(&cond_node, cond_ast);
5042
5043		if (expr_node.op_type == IS_CONST
5044			&& Z_TYPE(expr_node.u.constant) == IS_FALSE) {
5045			jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPZ, &cond_node, 0);
5046		} else if (expr_node.op_type == IS_CONST
5047			&& Z_TYPE(expr_node.u.constant) == IS_TRUE) {
5048			jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &cond_node, 0);
5049		} else {
5050			opline = zend_emit_op(NULL,
5051				(expr_node.op_type & (IS_VAR|IS_TMP_VAR)) ? ZEND_CASE : ZEND_IS_EQUAL,
5052				&expr_node, &cond_node);
5053			SET_NODE(opline->result, &case_node);
5054			if (opline->op1_type == IS_CONST) {
5055				Z_TRY_ADDREF_P(CT_CONSTANT(opline->op1));
5056			}
5057
5058			jmpnz_opnums[i] = zend_emit_cond_jump(ZEND_JMPNZ, &case_node, 0);
5059		}
5060	}
5061
5062	opnum_default_jmp = zend_emit_jump(0);
5063
5064	for (i = 0; i < cases->children; ++i) {
5065		zend_ast *case_ast = cases->child[i];
5066		zend_ast *cond_ast = case_ast->child[0];
5067		zend_ast *stmt_ast = case_ast->child[1];
5068
5069		if (cond_ast) {
5070			zend_update_jump_target_to_next(jmpnz_opnums[i]);
5071
5072			if (jumptable) {
5073				zval *cond_zv = zend_ast_get_zval(cond_ast);
5074				zval jmp_target;
5075				ZVAL_LONG(&jmp_target, get_next_op_number(CG(active_op_array)));
5076
5077				ZEND_ASSERT(Z_TYPE_P(cond_zv) == jumptable_type);
5078				if (Z_TYPE_P(cond_zv) == IS_LONG) {
5079					zend_hash_index_add(jumptable, Z_LVAL_P(cond_zv), &jmp_target);
5080				} else {
5081					ZEND_ASSERT(Z_TYPE_P(cond_zv) == IS_STRING);
5082					zend_hash_add(jumptable, Z_STR_P(cond_zv), &jmp_target);
5083				}
5084			}
5085		} else {
5086			zend_update_jump_target_to_next(opnum_default_jmp);
5087
5088			if (jumptable) {
5089				opline = &CG(active_op_array)->opcodes[opnum_switch];
5090				opline->extended_value = get_next_op_number(CG(active_op_array));
5091			}
5092		}
5093
5094		zend_compile_stmt(stmt_ast);
5095	}
5096
5097	if (!has_default_case) {
5098		zend_update_jump_target_to_next(opnum_default_jmp);
5099
5100		if (jumptable) {
5101			opline = &CG(active_op_array)->opcodes[opnum_switch];
5102			opline->extended_value = get_next_op_number(CG(active_op_array));
5103		}
5104	}
5105
5106	zend_end_loop(get_next_op_number(CG(active_op_array)), &expr_node);
5107
5108	if (expr_node.op_type & (IS_VAR|IS_TMP_VAR)) {
5109		/* don't use emit_op() to prevent automatic live-range construction */
5110		opline = get_next_op(CG(active_op_array));
5111		opline->opcode = ZEND_FREE;
5112		SET_NODE(opline->op1, &expr_node);
5113	} else if (expr_node.op_type == IS_CONST) {
5114		zval_ptr_dtor_nogc(&expr_node.u.constant);
5115	}
5116
5117	efree(jmpnz_opnums);
5118}
5119/* }}} */
5120
5121void zend_compile_try(zend_ast *ast) /* {{{ */
5122{
5123	zend_ast *try_ast = ast->child[0];
5124	zend_ast_list *catches = zend_ast_get_list(ast->child[1]);
5125	zend_ast *finally_ast = ast->child[2];
5126
5127	uint32_t i, j;
5128	zend_op *opline;
5129	uint32_t try_catch_offset;
5130	uint32_t *jmp_opnums = safe_emalloc(sizeof(uint32_t), catches->children, 0);
5131	uint32_t orig_fast_call_var = CG(context).fast_call_var;
5132	uint32_t orig_try_catch_offset = CG(context).try_catch_offset;
5133
5134	if (catches->children == 0 && !finally_ast) {
5135		zend_error_noreturn(E_COMPILE_ERROR, "Cannot use try without catch or finally");
5136	}
5137
5138	/* label: try { } must not be equal to try { label: } */
5139	if (CG(context).labels) {
5140		zend_label *label;
5141		ZEND_HASH_REVERSE_FOREACH_PTR(CG(context).labels, label) {
5142			if (label->opline_num == get_next_op_number(CG(active_op_array))) {
5143				zend_emit_op(NULL, ZEND_NOP, NULL, NULL);
5144			}
5145			break;
5146		} ZEND_HASH_FOREACH_END();
5147	}
5148
5149	try_catch_offset = zend_add_try_element(get_next_op_number(CG(active_op_array)));
5150
5151	if (finally_ast) {
5152		zend_loop_var fast_call;
5153		if (!(CG(active_op_array)->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK)) {
5154			CG(active_op_array)->fn_flags |= ZEND_ACC_HAS_FINALLY_BLOCK;
5155		}
5156		CG(context).fast_call_var = get_temporary_variable(CG(active_op_array));
5157
5158		/* Push FAST_CALL on unwind stack */
5159		fast_call.opcode = ZEND_FAST_CALL;
5160		fast_call.var_type = IS_TMP_VAR;
5161		fast_call.var_num = CG(context).fast_call_var;
5162		fast_call.u.try_catch_offset = try_catch_offset;
5163		zend_stack_push(&CG(loop_var_stack), &fast_call);
5164	}
5165
5166	CG(context).try_catch_offset = try_catch_offset;
5167
5168	zend_compile_stmt(try_ast);
5169
5170	if (catches->children != 0) {
5171		jmp_opnums[0] = zend_emit_jump(0);
5172	}
5173
5174	for (i = 0; i < catches->children; ++i) {
5175		zend_ast *catch_ast = catches->child[i];
5176		zend_ast_list *classes = zend_ast_get_list(catch_ast->child[0]);
5177		zend_ast *var_ast = catch_ast->child[1];
5178		zend_ast *stmt_ast = catch_ast->child[2];
5179		zend_string *var_name = zval_make_interned_string(zend_ast_get_zval(var_ast));
5180		zend_bool is_last_catch = (i + 1 == catches->children);
5181
5182		uint32_t *jmp_multicatch = safe_emalloc(sizeof(uint32_t), classes->children - 1, 0);
5183		uint32_t opnum_catch;
5184
5185		CG(zend_lineno) = catch_ast->lineno;
5186
5187		for (j = 0; j < classes->children; j++) {
5188
5189			zend_ast *class_ast = classes->child[j];
5190			zend_bool is_last_class = (j + 1 == classes->children);
5191
5192			if (!zend_is_const_default_class_ref(class_ast)) {
5193				zend_error_noreturn(E_COMPILE_ERROR, "Bad class name in the catch statement");
5194			}
5195
5196			opnum_catch = get_next_op_number(CG(active_op_array));
5197			if (i == 0 && j == 0) {
5198				CG(active_op_array)->try_catch_array[try_catch_offset].catch_op = opnum_catch;
5199			}
5200
5201			opline = get_next_op(CG(active_op_array));
5202			opline->opcode = ZEND_CATCH;
5203			opline->op1_type = IS_CONST;
5204			opline->op1.constant = zend_add_class_name_literal(CG(active_op_array),
5205					zend_resolve_class_name_ast(class_ast));
5206			opline->extended_value = zend_alloc_cache_slot();
5207
5208			if (zend_string_equals_literal(var_name, "this")) {
5209				zend_error_noreturn(E_COMPILE_ERROR, "Cannot re-assign $this");
5210			}
5211
5212			opline->result_type = IS_CV;
5213			opline->result.var = lookup_cv(CG(active_op_array), var_name);
5214
5215			if (is_last_catch && is_last_class) {
5216				opline->extended_value |= ZEND_LAST_CATCH;
5217			}
5218
5219			if (!is_last_class) {
5220				jmp_multicatch[j] = zend_emit_jump(0);
5221				opline = &CG(active_op_array)->opcodes[opnum_catch];
5222				opline->op2.opline_num = get_next_op_number(CG(active_op_array));
5223			}
5224		}
5225
5226		for (j = 0; j < classes->children - 1; j++) {
5227			zend_update_jump_target_to_next(jmp_multicatch[j]);
5228		}
5229
5230		efree(jmp_multicatch);
5231
5232		zend_compile_stmt(stmt_ast);
5233
5234		if (!is_last_catch) {
5235			jmp_opnums[i + 1] = zend_emit_jump(0);
5236		}
5237
5238		opline = &CG(active_op_array)->opcodes[opnum_catch];
5239		if (!is_last_catch) {
5240			opline->op2.opline_num = get_next_op_number(CG(active_op_array));
5241		}
5242	}
5243
5244	for (i = 0; i < catches->children; ++i) {
5245		zend_update_jump_target_to_next(jmp_opnums[i]);
5246	}
5247
5248	if (finally_ast) {
5249		zend_loop_var discard_exception;
5250		uint32_t opnum_jmp = get_next_op_number(CG(active_op_array)) + 1;
5251
5252		/* Pop FAST_CALL from unwind stack */
5253		zend_stack_del_top(&CG(loop_var_stack));
5254
5255		/* Push DISCARD_EXCEPTION on unwind stack */
5256		discard_exception.opcode = ZEND_DISCARD_EXCEPTION;
5257		discard_exception.var_type = IS_TMP_VAR;
5258		discard_exception.var_num = CG(context).fast_call_var;
5259		zend_stack_push(&CG(loop_var_stack), &discard_exception);
5260
5261		CG(zend_lineno) = finally_ast->lineno;
5262
5263		opline = zend_emit_op(NULL, ZEND_FAST_CALL, NULL, NULL);
5264		opline->op1.num = try_catch_offset;
5265		opline->result_type = IS_TMP_VAR;
5266		opline->result.var = CG(context).fast_call_var;
5267
5268		zend_emit_op(NULL, ZEND_JMP, NULL, NULL);
5269
5270		zend_compile_stmt(finally_ast);
5271
5272		CG(active_op_array)->try_catch_array[try_catch_offset].finally_op = opnum_jmp + 1;
5273		CG(active_op_array)->try_catch_array[try_catch_offset].finally_end
5274			= get_next_op_number(CG(active_op_array));
5275
5276		opline = zend_emit_op(NULL, ZEND_FAST_RET, NULL, NULL);
5277		opline->op1_type = IS_TMP_VAR;
5278		opline->op1.var = CG(context).fast_call_var;
5279		opline->op2.num = orig_try_catch_offset;
5280
5281		zend_update_jump_target_to_next(opnum_jmp);
5282
5283		CG(context).fast_call_var = orig_fast_call_var;
5284
5285		/* Pop DISCARD_EXCEPTION from unwind stack */
5286		zend_stack_del_top(&CG(loop_var_stack));
5287	}
5288
5289	CG(context).try_catch_offset = orig_try_catch_offset;
5290
5291	efree(jmp_opnums);
5292}
5293/* }}} */
5294
5295/* Encoding declarations must already be handled during parsing */
5296zend_bool zend_handle_encoding_declaration(zend_ast *ast) /* {{{ */
5297{
5298	zend_ast_list *declares = zend_ast_get_list(ast);
5299	uint32_t i;
5300	for (i = 0; i < declares->children; ++i) {
5301		zend_ast *declare_ast = declares->child[i];
5302		zend_ast *name_ast = declare_ast->child[0];
5303		zend_ast *value_ast = declare_ast->child[1];
5304		zend_string *name = zend_ast_get_str(name_ast);
5305
5306		if (zend_string_equals_literal_ci(name, "encoding")) {
5307			if (value_ast->kind != ZEND_AST_ZVAL) {
5308				zend_throw_exception(zend_ce_compile_error, "Encoding must be a literal", 0);
5309				return 0;
5310			}
5311
5312			if (CG(multibyte)) {
5313				zend_string *encoding_name = zval_get_string(zend_ast_get_zval(value_ast));
5314
5315				const zend_encoding *new_encoding, *old_encoding;
5316				zend_encoding_filter old_input_filter;
5317
5318				CG(encoding_declared) = 1;
5319
5320				new_encoding = zend_multibyte_fetch_encoding(ZSTR_VAL(encoding_name));
5321				if (!new_encoding) {
5322					zend_error(E_COMPILE_WARNING, "Unsupported encoding [%s]", ZSTR_VAL(encoding_name));
5323				} else {
5324					old_input_filter = LANG_SCNG(input_filter);
5325					old_encoding = LANG_SCNG(script_encoding);
5326					zend_multibyte_set_filter(new_encoding);
5327
5328					/* need to re-scan if input filter changed */
5329					if (old_input_filter != LANG_SCNG(input_filter) ||
5330						 (old_input_filter && new_encoding != old_encoding)) {
5331						zend_multibyte_yyinput_again(old_input_filter, old_encoding);
5332					}
5333				}
5334
5335				zend_string_release_ex(encoding_name, 0);
5336			} else {
5337				zend_error(E_COMPILE_WARNING, "declare(encoding=...) ignored because "
5338					"Zend multibyte feature is turned off by settings");
5339			}
5340		}
5341	}
5342
5343	return 1;
5344}
5345/* }}} */
5346
5347static int zend_declare_is_first_statement(zend_ast *ast) /* {{{ */
5348{
5349	uint32_t i = 0;
5350	zend_ast_list *file_ast = zend_ast_get_list(CG(ast));
5351
5352	/* Check to see if this declare is preceded only by declare statements */
5353	while (i < file_ast->children) {
5354		if (file_ast->child[i] == ast) {
5355			return